@kuketzblog Eine prima Übersicht, um sich selbst schnell zu informieren oder mit Anderen auf einer Faktenbasis zu diskutieren.
M.E. ist @simplex die Lösung mit den meisten grünen Feldern. Wer also auf eine Nutzung im Web Browser verzichten kann und #InstantMessaging primär auf dem #Smartphone (und wenn auf dem Desktop, dann im selben Netzwerk wie das Smartphone) verwendet, der könnte auf diesen privatsphärefreundlichen und #PostQuantum sicheren #Messenger wechseln. 🙃
Nice analysis by Bruno Blanchet that proves that HPKE with ML-KEM (or any other IND-CCA2 KEM) does provide IND-CCA2 security.
“Bruno models the base mode of HPKE, single shot API in CryptoVerif, and showed that if the KEM is IND-CCA2, then so is HPKE.
Since CryptoVerif is PQ-sound, that proves the security of the HPKE base mode, with the single shot API when the KEM is a post-quantum IND-CCA2 KEM.” via Karthikeyan Bhargavan on the CFRG mailing list
The post-quantum transition is causing us to abstract cryptographic protocols over Key Encapsulation Mechanisms as opposed to Diffie-Hellman-like non-interactive key exchanges.
These two papers on the binding models for KEMs are great reads on the gotchas of working with KEMs and the properties they may or may not have.
Signal is an encrypted messaging application that supports post-quantum cryptography.
Google Gmail is the email provider for Signal Messenger LLC, this is the company that develops the Signal messaging application and the Signal protocol.
Signal support can be contacted from within the application by going to Signal Settings (profile) > Help > Contact Us.
iMessage quantum security arrives with iOS 17.4 - @9to5Mac
This would have been the perfect article to remind people that all of this E2EE doesn’t matter if you backup your iMessages in iCloud, where they will be backed up clear-text to Apple/NSA, unless both parties turn on Advanced Data Protection
Great highlight 1 by @QuantaMagazine on the work done 2 by Keegan Ryan and Nadia Heninger on improving the efficiency of the LLL algorithm using multiple techniques such as recursive structure and precision of numbers involved.
Featuring @ducasleo
Interesting cryptanalytic result for the lattice inhomogenous short integer solution problem with small moduli. If such small moduli would be used in the FALCON scheme, the estimated security against signature forgery would be reduced by approximately 26 bits. #PostQuantum#Lattices#ISIS https://eprint.iacr.org/2023/1125
NIST received 50 submissions in response to the call for additional #PostQuantum Signature Schemes and deemed 40 to be complete and proper according to the submission requirements.
So Tutanota is working on a post-quantum secure storage offering.
While they have some serious backing in this endeavor, and i applaud their work towards this goal...
They are apparently using the logic that doubly encrypting data with a hybrid approach, using current sound cryptographic methods alongside new post-quantum methods means it's going to be secure regardless in the event that the new methods fail.
The entire reason we need post-quantum cryptography that is sound is because the old methods we use now will not be any longer.
So how exactly does encrypting data with something you know then isn't going to be secure in conjunction with a new method, going to make the new method more secure if and when it fails?
This is some really messed up logic and i'm surprised i'm reading this.
It's like having two locks on your door. The person you are trying to keep out already has the key to one lock. The other lock might be something they can pick. Having two locks isn't useful because one lock is already going to be defeated easily.
The only thing i can consider is that it slows down the time for someone to get in but doesn't prevent it.