Security Cryptography Whatever

Returning champion Martin Albrecht joins us to help explain how we measure the security of lattice-based cryptosystems like Kyber and Dilithium against attackers. QRAM, BKZ, LLL, oh my!
Transcript: https://securitycryptographywhatever.com/2023/11/13/lattice-attacks/
Links:
- https://pq-crystals.org/kyber/index.shtml
- https://pq-crystals.org/dilithium/index.shtml
- https://eprint.iacr.org/2019/930.pdf
- https://en.wikipedia.org/wiki/Short_integer_solution_problem
- Frodo: https://eprint.iacr.org/2016/659
- https://csrc.nist.gov/CSRC/media/Events/third-pqc-standardization-conference/documents/accepted-papers/ribeiro-saber-pq-key-pqc2021.pdf
- https://en.wikipedia.org/wiki/Hermite_normal_form
- https://en.wikipedia.org/wiki/Wagner%E2%80%93Fischer_algorithm
- https://www.math.auckland.ac.nz/~sgal018/crypto-book/ch18.pdf
- https://eprint.iacr.org/2019/1161
- QRAM: https://arxiv.org/abs/2305.10310
- https://en.wikipedia.org/wiki/Lenstra%E2%80%93Lenstra%E2%80%93Lov%C3%A1sz_lattice_basis_reduction_algorithm
- MATZOV improved dual lattice attack: https://zenodo.org/records/6412487
- https://eprint.iacr.org/2008/504.pdf
- https://eprint.iacr.org/2023/302.pdf

"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

This episode got delayed because David got COVID. Anyway, here's Nate Lawson: The Two Towers.

• Steven Chu: https://en.wikipedia.org/wiki/Steven_Chu
• CFB: https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_feedback_(CFB)
• CCFB: https://link.springer.com/chapter/10.1007/11502760_19
• XXTEA: https://en.wikipedia.org/wiki/XXTEA
• CHERI: https://cseweb.ucsd.edu/~dstefan/cse227-spring20/papers/watson:cheri.pdf

Transcript:
https://securitycryptographywhatever.com/2022/09/29/nate-lawson-ii/
Errata:

• Pedram Amini did in fact do Pai Mei

"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

We're back! With an episode on lattice-based cryptography, with Professor Chris Peikert of the University of Michigan, David's alma mater. When we recorded this, Michigan football had just beaten Ohio for the first time in a bajillion years, so you get a nerdy coda on college football this time!
Transcript:
https://securitycryptographywhatever.com/2022/03/12/lattices-and-michigan-football-with-chris-peikert/

Slides: https://web.eecs.umich.edu/~cpeikert/pubs/slides-qcrypt.pdf
Links:
He Gives C-Sieves on the CSIDH: https://eprint.iacr.org/2019/725
Lattice-based Cryptography: https://cims.nyu.edu/~regev/papers/pqc.pdf
NIST PQC Competition: https://csrc.nist.gov/Projects/post-quantum-cryptography
The 2nd Bar Ilan Winter School on Cryptography Lattice- Based Cryptography and Applications: https://www.youtube.com/playlist?list=PL8Vt-7cSFnw2OmpCmPLLwSx0-Yqb2ptqO
A Decade of Lattice Cryptography: https://eprint.iacr.org/2015/939.pdf
Find us at:
https://twitter.com/scwpod
https://twitter.com/durumcrustulum
https://twitter.com/tqbf
https://twitter.com/davidcadrian

"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

What does P vs NP have to do with cryptography? Why do people love and laugh about the random oracle model? What's an oracle? What do you mean factoring and discrete log don't have proofs of hardness? How does any of this cryptography stuff work, anyway? We trapped Steve Weis into answering our many questions.
Transcript:
https://securitycryptographywhatever.com/2023/06/29/why-do-we-think-anything-is-secure-with-steve-weis/
Links:
- The Random Oracle Methodology, Revisited: https://eprint.iacr.org/1998/011.pdf
- Factoring integers with CADO-NFS: https://www.ens-lyon.fr/LIP/AriC/wp-content/uploads/2015/03/JDetrey-tutorial.pdf
- On One-way Functions from NP-Complete Problems: https://eprint.iacr.org/2021/513.pdf
- Seny Kamara's lecture notes on provable security: https://cs.brown.edu/~seny/2950-v/2-provablesecurity.pdf
- How To Simulate It – A Tutorial on the Simulation Proof Technique: https://eprint.iacr.org/2016/046.pdf
- A Survey of Leakage-Resilient Cryptography: https://eprint.iacr.org/2019/302
- A Decade of Lattice Cryptography: https://eprint.iacr.org/2015/939.pdf

"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

We talk about Tink with Sophie Schmieg, cryptographer and algebraic geometer at Google.
Transcript:
https://securitycryptographywhatever.com/2022/05/28/tink-with-sophie-schmieg/

Links:

• Sophie: https://twitter.com/SchmiegSophie
• Tink: https://github.com/google/tink
• RWC talk: https://youtube.com/watch?t=1028&v=CiH6iqjWpt8
• Where to store keys: https://twitter.com/SchmiegSophie/status/1413502566797778948
• EAX mode: https://en.wikipedia.org/wiki/EAX_mode
• AES-GCM-SIV: https://en.wikipedia.org/wiki/AES-GCM-SIV
• Deterministic AEADs: https://github.com/google/tink/blob/master/docs/PRIMITIVES.md#deterministic-authenticated-encryption-with-associated-data
• Thai Duong: https://twitter.com/XorNinja
• AWS-SDK Vuln: https://twitter.com/XorNinja/status/1310587707605659649

"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)