Neat to see some analysis of #Kyber under a kleptographic threat model in which the attacker can subvert the user's code to compromise security while remaining undetectable.
Three attacks are presented in the paper targeting the implicit rejection of Kyber.
I also found myself reading about the new #Kyber post-quantum KEM system today and wondering how difficult it would be to build a #PHP extension to support it.
I wouldn't want to write it in pure PHP ... a C-level extension feels right. But if Botan is the only option, it's kind of overkill.
Anyone know of an alternative? Maybe we use the Rust implementation somehow?
[DE] Ein bisschen Krikelkrakel für einen Kurzvortrag zu @rosenpass und postquantensicherer Kryptografie. Im Safe sind natürlich die sichersten Verfahren gegen regnerische post-quanten-Tage. :)
[EN] A handful of chicken scratch for a short talk about #RosenPass and post-quantum secure cryptography. When quantum computers finally rain down on our information systems, there’s different levels of security you can have.