Clik here to view.
KEM Trails – Understanding Key Encapsulation Mechanisms
There is, at the time of this writing, an ongoing debate in the Crypto Research Forum Group (CFRG) at the IETF about KEM combiners. One of the participants, Deirdre Connolly, wrote a blog post titled...
View ArticleThe Tech Industry Doesn’t Understand Consent
Thanks to Samantha Cole at 404 Media, we are now aware that Automattic plans to sell user data from Tumblr and WordPress.com (which is the host for my blog) for “AI” products. In response to...
View ArticleClik here to view.
It’s Time for Furries to Stop Using Telegram
I have been a begrudging user of Telegram for years simply because that’s what all the other furries use, despite their cryptography being legendarily bad. When I signed up, I held my nose and...
View ArticleClik here to view.
Furries Are Losing the Battle Against Scale
Many of the most annoying and pervasive problems with the furry fandom–from the cyclical nature of Twitter discourse to the increasingly frustrating issue of furry convention main hotel registrations...
View ArticleClik here to view.
Towards Federated Key Transparency
In late 2022, I blogged about the work needed to develop a specification for end-to-end encryption for the fediverse. I sketched out some of the key management components on GitHub, and then the...
View ArticleClik here to view.
Blowing Out the Candles on the Birthday Bound
Four years ago, I wrote a (surprisingly popular) blog post about the notion of wear-out for symmetric encryption schemes. Two years ago, I wrote a thing about extending the nonce used by AES-GCM...
View ArticleClik here to view.
My Furry Blog is NOT an Opportunity to Develop Your Brand
A common narrative on discussion boards like Hacker News is that my inclusion of my fursona on my technical blog posts somehow makes them unsuitable for consumption in a business setting. (This claim...
View ArticleClik here to view.
My Furry Blog Has Lasted Longer Than the Confederacy
My inaugural blog post went live on April 21, 2020. This post is scheduled to go live on Sunday, July 21, 2024. If you are reading this post, then at least 1,552 days have transpired since my first...
View ArticleClik here to view.
Featured Furries
Can’t get enough of blog posts written by furries? This post aims to curate some of the other blogs written by furries that are worth sharing with my regular readers. Many (but not all) of these furry...
View ArticleClik here to view.
What Does It Mean To Be A Signal Competitor?
A lot of recent (and upcoming) blog posts I’ve written, and Fediverse discussions I’ve participated in, have been about the security of communication products. My criticism of these products is simply...
View ArticleClik here to view.
Against XMPP+OMEMO
XMPP is a messaging protocol (among other things) that needs no introduction to any technical audience. Its various implementations have proliferated through technical communities for decades. Many...
View ArticleClik here to view.
Security Issues in Matrix’s Olm Library
I don’t consider myself exceptional in any regard, but I stumbled upon a few cryptography vulnerabilities in Matrix’s Olm library with so little effort that it was nearly accidental. It should not be...
View ArticleClik here to view.
Federated Key Transparency Project Update
Earlier this year, I wrote about planned effort to design a federated Key Transparency proposal. The end goal for this work was constrained to building end-to-end encryption into a new type of Direct...
View ArticleClik here to view.
Introducing Alacrity to Federated Cryptography
There are two mental models for designing a cryptosystem that offers end-to-end encryption to all of its users. The first is the Signal model. Predicated on Moxie’s notion that the ecosystem is...
View ArticleClik here to view.
Doesn’t Matter
I need everyone to understand something: This doesn’t matter. Dhole Moments is not the official outlet of anything that will affect you or your daily life. It carries no financial weight or political...
View ArticleClik here to view.
Invisible Salamanders Are Not What You Think
Ever since the Invisible Salamanders paper was published, there has been a quiet renaissance within my friends and colleagues in applied cryptography for studying systems that use Authenticated...
View ArticleClik here to view.
E2EE for the Fediverse Update – We’re Going Post-Quantum
In 2022, I wrote about my plan to build end-to-end encryption for the Fediverse. The goals were simple: Provide secure encryption of message content and media attachments between Fediverse users, as a...
View ArticleClik here to view.
The Continued Trajectory of Idiocy in the Tech Industry
Every hype cycle in the technology industry continues a steady march towards a shitty future that nobody wants. CMYKat Note: I know this isn’t unique to the tech industry, but I can’t write about...
View ArticleClik here to view.
Cryptographic Innuendos
Neil Madden recently wrote a blog post titled, Digital Signatures and How to Avoid Them. One of the major points he raised is: Another way that signatures cause issues is that they are too powerful...
View ArticleClik here to view.
Why are furry conventions offering HIV testing to attendees?
Spoiler: It’s nothing scandalous or bad. Every once in a while, someone posts this photo on Twitter to attempt to dunk on furries: Midwest FurFest 2018 Over the years, I’ve seen this discourse play...
View Article