Deirdre Connolly¹ ²Exactly compatible with regular ML-DSA/Dilithium signatures
#realworldcrypto
Q: Are you sure about hybrid signatures?
A: No not necessarily, if we're confident in the pq option then we may not
#realworldcrypto
Next up, 'End-to-End Encrypted Collaborative Documents', presented by Christian Knabenhans and Zayd Maradni
#realworldcrypto
What do we need to serve journalists working on collaborative online documents?
#realworldcrypto
We need secure reconciliation mechanisms
#realworldcrypto
Apparently secure group messaging fulfills this!
#realworldcrypto
In prod, the network dominates performance
#realworldcrypto
The faster typer and receive, decrypt, and reconcile the slower typer's edits before they type their next character
👍
#realworldcrypto
Tested with the 20-page USENIX paper that this work is published in :D
#realworldcrypto
Q: Side channel leakage when sending every character on the wire?
A: Don't protect metadata, timing
#realworldcrypto
Q: Would this overwhelm Signal?
A: This is a small group of journalists, at scale there would be a more robust deployment
#realworldcrypto
Next up, 'Random-Access AEAD for Fast Lightweight Online Encryption', presented by Andres Fabrega and Gregory Rubin
#realworldcrypto
Sometimes AES-GCM doesn't work well when you are doing very very large plaintexts
#realworldcrypto
Need a streaming AEAD that is FIPSable and random-access
#realworldcrypto
Tweak nOAE to get randomized raAE notion
#realworldcrypto
There are no existing commitment notions [!]
#realworldcrypto
Existing schemes (Tink streaming, STREAM) remain secure under ra-ROR
#realworldcrypto
Construction reduces to mu-PRF security of HMAC-Expand -SHA-384 and mu-ROR$ security of the AEAD (AES-GCM)
#realworldcrypto
FLOE spec w/ reference impls in multiple lang
github.com/Snowflake-La...
#realworldcrypto
GitHub - Snowflake-Labs/floe-s...
GitHub - Snowflake-Labs/floe-s...
Q: This would be great for secure backups of things like DBs
A: Yes!
#realworldcrypto
Coffee time!
#realworldcrypto
Next up, 'What is cryptography hiding from itself?', presented by Diego Aranha and Nikolas Melissaris
#realworldcrypto
Implies that inspection happens at the sender or receiver ends
#realworldcrypto
Significant change of the trust boundary
#realworldcrypto
General monitoring is already rejected
#realworldcrypto
> philosophy of science
YES
#realworldcrypto
When measurement replaces deliberation: '
“Technologies of hubris” are governance tools that try to render
uncertainty manageable through prediction, calculation, and
claims of control."
#realworldcrypto
The system starts to feel objective, even though the value judgments are being encoded into the machine
#realworldcrypto
“Technologies can be understood as forms of order as their
architectures predispose certain social and political outcomes.”
#realworldcrypto
“Some questions are not just unanswered; they are marginalized
by how research agendas, funding systems, and institutions decide what gets studied."
#realworldcrypto
