LIVE FROM COLUMBIA, IT'S DAY 3 OF #REALWORLDCRYPTO
-
-
Q: Pushing social graph to the client? A: no comment
#realworldcryptoPrikaži ovu nit -
Q: Key transparency? A: We allow manual verification of keys in the app, nothing newer than that
#realworldcryptoPrikaži ovu nit -
Q: Usage stats of existing Secret Conversations? A: No public numbers atm
#realworldcryptoPrikaži ovu nit -
Next up, "Security Analysis and Improvements for the IETF MLS Standard for Group Messaging"
#realworldcryptoPrikaži ovu nit -
Long lived group chats, federated E2E encrypted
#realworldcryptoPrikaži ovu nit -
Goal is to do for group chats what TLS did for transport layer
#realworldcryptoPrikaži ovu nit -
Goals include forward secrecy and post-compromise security, DoS is out of scope for now
#realworldcryptopic.twitter.com/bBLeNIM9Ub
Prikaži ovu nit -
The current MLS spec draft: https://www.ietf.org/id/draft-ietf-mls-protocol-08.txt …
#realworldcryptoPrikaži ovu nit -
-
-
These control messages need to be processed in the same order by all group members…
#realworldcryptopic.twitter.com/QKr8Dg3Meb
Prikaži ovu nit -
CGKA allows us to assume authenticated channels
#realworldcryptoPrikaži ovu nit -
This gives us TreeKEM, and the TreeKEM with blanks variant https://prosecco.gforge.inria.fr/personal/karthik/pubs/treekem.pdf …
#realworldcryptoPrikaži ovu nit -
Modify the existing tree from epoch to epoch, each user gets a leaf, each node gets a keypair except root node
#realworldcryptopic.twitter.com/mAMEcxBk0z
Prikaži ovu nit -
Updating the tree as keys are ratcheted, conveyed over a packet 'message' encrypted to the copath
#realworldcryptopic.twitter.com/FNYTT3VU6L
Prikaži ovu nit -
#realworldcrypto We need all the critical keys to e removed to maintain forward secrecypic.twitter.com/2stEIF7V2z
Prikaži ovu nit -
-
RTreeKem, closely related to Key-Updateable PKE in 2-party messaging
#realworldcryptoPrikaži ovu nit -
Prikaži ovu nit
-
No time for questions, moving onto the compromised credentials session with "Protecting accounts from credential stuffing with password breach alerting"
#realworldcryptoPrikaži ovu nit -
Large breaches result in massive amounts of compromised credentials that attackers just try in other services, over and over
#realworldcryptoPrikaži ovu nit -
Want to make queries about which passwords are compromised, without leaking
#realworldcryptopic.twitter.com/9IRQHYpqyg
Prikaži ovu nit - Još 25 drugih odgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
crypto as in 'cryptography'