Sophie SchmiegObjects in the quantum mirror are closer than they appear.
https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/
| Website | https://davidben.net |
David Benjamin
- 68 Followers
- 49 Following
- 27 Posts
There are lots of people with my name. I'm the Chromium (and cuttlefish) one. I work on TLS, cryptography, and general amusements in Chrome and BoringSSL.
@jdeblasio and I wrote up a post-quantum HTTPS authentication roadmap. Perhaps it'll be of interest to some folks here:
https://www.chromium.org/Home/chromium-security/post-quantum-auth-roadmap/
https://www.chromium.org/Home/chromium-security/post-quantum-auth-roadmap/
New blog post: ML-KEM Mythbusting.
Due to reasons.
5pm IETF BoFs with chatrooms full of plant discussions are the best IETF BoFs
Chris ThompsonThe MOARTLS journey continues! Looking forward to next year https://security.googleblog.com/2025/10/https-by-default.html
✧✦Catherine✦✧endianness is just a plot by Big Endian to sell more byte swap operations
Filippo ValsordaHere's something I am very excited about: Photosynthesis! 🌱☀️
A proposal to have CAs run transparency logs and make X.509 certificates out of Merkle Tree inclusion proofs.
This is similar to how CT would have worked in an ideal world, and it solves the problem of PQC signature sizes in logs and handshakes.
https://mailarchive.ietf.org/arch/msg/tls/6jqhUVz58s4ZgsZ8HvuZftncT9A/
Alice: Trent, could I have a cup of tea without any coffee mixed in?
Trent: OK, here's a cup of tea.
Bob: Alice, stop banning people from giving me coffee!
Alice: No one said anything about banning coffee. Trent can pour you coffee in another cup if he wants.
Bob: I don't want to change cups!
Alice: I don't mind changing cups instead. Trent picks the cups.
Trent: I don't want to serve coffee anymore.
Bob: Alice, this is your fault.
Alice: Look, this is between you and Trent. I don't drink coffee.
Bob: Why aren't you forcing Trent to give me coffee?
Alice: ...
Trent: OK, here's a cup of tea.
Bob: Alice, stop banning people from giving me coffee!
Alice: No one said anything about banning coffee. Trent can pour you coffee in another cup if he wants.
Bob: I don't want to change cups!
Alice: I don't mind changing cups instead. Trent picks the cups.
Trent: I don't want to serve coffee anymore.
Bob: Alice, this is your fault.
Alice: Look, this is between you and Trent. I don't drink coffee.
Bob: Why aren't you forcing Trent to give me coffee?
Alice: ...
A very nice summary by the Let's Encrypt folks of where the Certificate Transparency ecosystem is going with Sunlight and the Static CT API.
On a personal note, this has been some of my highest leverage work, and it's been possible in part because I had the independence to drop everything and pursue it when it became clear that the CT ecosystem was at risk.
I remember the day: I woke up to Cloudflare's outage and started https://filippo.io/a-different-CT-log.
https://letsencrypt.org/2025/06/11/reflections-on-a-year-of-sunlight/
A different kind of CT log
The Sunlight CT log Previously “A different kind of CT log” or “The $4k log” Filippo Valsorda <[email protected]> Created: 6 November 2023 | Updated: 13 March 2024 https://filippo.io/a-different-CT-log This is a design document for a radically cheaper and easier to operate Certificate Transpa...
Here's something counterintuitive to non-practitioners: curve P-521 is often less secure in practice than curve P-256.
The latter is more popular, and so better tested. The risk of implementation bugs dwarfs the risk of partial cryptanalysis of ECC, so picking P-521 optimizes for the wrong thing.