For several years, CryptoHack has been a free platform for learning modern cryptography through fun and challenging programming puzzles. From toy ciphers to post-quantum cryptography, CryptoHack has a wide-ranging and ever increasing library of

Episode 23: Psychic Signatures in Java!

Jan 25th, 2023 53m 20s

On April 19th 2022, Neil Madden disclosed a vulnerability in many popular Java runtimes and development kits. The vulnerability, dubbed "Psychic Signatures", lies in the cryptography for ECDSA signatures and allows an attacker to bypass signatu

Episode 22: Three Lessons from Threema: Breaking a Secure Messenger!

Jan 16th, 2023 52m 12s

Threema is a Swiss encrypted messaging application. It has more than 10 million users and more than 7000 on-premise customers. Prominent users of Threema include the Swiss Government and the Swiss Army, as well as the current Chancellor of Germ

Episode 21: Proving Fundamental Equivalencies in Isogeny Mathematics!

Aug 24th, 2021 46m 52s

Benjamin Wesolowski talks about his latest paper in which he mathematically proved that the two fundamental problems underlying isogeny-based cryptography are equivalent.Links and papers discussed in the show:* The supersingular isogeny path

Episode 20: Cryptanalysis of GPRS: GEA-1 and GEA-2!

Jul 20th, 2021 42m 56s

A team of cryptanalysits presents the first publicly available cryptanalytic attacks on the GEA-1 and GEA-2 algorithms. Instead of providing full 64-bit security, they show that the initial state of GEA-1 can be recovered from as little as 65 b

Episode 19: Cross-Protocol Attacks on TLS with ALPACA!

Jul 12th, 2021 41m 44s

TLS is an internet standard to secure the communication between servers and clients on the internet, for example that of web servers, FTP servers, and Email servers. This is possible because TLS was designed to be application layer independent,

Episode 18: Optimizing Cryptography for Microcontrollers!

Jun 23rd, 2021 36m 56s

Nadim talks with Peter Schwabe and Matthias Kannwischer about the considerations — both in terms of security and performance — when implementing cryptographic primitives for low-level and embedded platforms.Links and papers discussed in the sh

Episode 17: Breaking Wi-Fi With Frame Attacks!

Jun 1st, 2021 35m 58s

Wi-Fi is a pretty central technology to our daily lives, whether at home or at the office. Given that so much sensitive data is regularly exchanged between Wi-Fi devices, a number of standards have been developed to ensure the privacy and authe

Episode 16: Contact Discovery in Mobile Messengers!

May 24th, 2021 46m 44s

Contact discovery is a core feature in popular mobile messaging apps such as WhatsApp, Signal and Telegram that lets users grant access to their address book in order to discover which of their contacts are on that messaging service. While cont

Episode 15: Bringing Secure Multiparty Computation to the Real World!

Apr 26th, 2021 46m 50s

Secure multi-party computation is a fascinating field in cryptography, researching how to allow multiple parties to compute secure operations over inputs while keeping those inputs private. This makes multi-party computation a super relevant te

Episode 14: Schnorr, Factoring and Lattices!

Mar 30th, 2021 46m 30s

On March 1st, 2021, a curious paper appeared on the Cryptology ePrint Archive: senior cryptographer Claus Peter Schnorr submitted research that claims to use lattice mathematics to improve the fast factoring of integers so much that he was able

Episode 13: Zero-Knowledge STARKs in the Real World!

Mar 14th, 2021 47m

Zero-Knowledge proofs have broadened the realm of use cases for applied cryptography over the past decade, from privacy-enhanced cryptocurrencies to applications in voting, finance, protecting medical data and more. In 2018, Dr. Eli Ben-Sasson

Episode 12: Special Real World Crypto 2021 Pre-Conference Coverage!

Jan 7th, 2021 1h 37m

Every year, the IACR Real World Cryptography symposium brings together researchers, engineers and practitioners in applied cryptography to discuss cryptography that matters, in the real world. To me, this is the big one! The one cryptography co

Episode 11: Breaking the Rainbow Post-Quantum Cryptography Candidate!

Dec 8th, 2020 38m 8s

The race for post-quantum cryptographic signature primitives is in its final lap over at NIST, which recently announced DILITHIUM, FALCON and Rainbow as the three signature primitive finalists. But a paper recently published by KU Leuven resear

Episode 10: Exploiting Authenticated Encryption Key Commitment!

Dec 1st, 2020 46m 34s

Authenticated encryption such as AES-GCM or ChaCha20-Poly1305 is used in a wide variety of applications, including potentially in settings for which it was not originally designed. A question given relatively little attention is whether an auth

Episode 9: Off-the-Record Messaging and PKI Implementations!

Nov 20th, 2020 41m 41s

Before there was Signal, before there was WhatsApp, the realm of secure encrypted messaging was ruled by the Off-the-Record secure messaging protocol, created as an alternative to PGP that introduced security properties like forward secrecy and

Episode‌ ‌8:‌ ‌Breaking‌ ‌Elliptic-Curve‌ ‌Signatures‌ ‌With‌ ‌LadderLeak!‌

Nov 17th, 2020 42m 29s

Elliptic-curve signatures have become a highly used cryptographic primitive in secure messaging, TLS as well as in cryptocurrencies due to their high speed benefits over more traditional signature schemes. However, virtually all signature schem

Episode 7: Scaling Up Secure Messaging to Large Groups With MLS!

Nov 10th, 2020 45m 10s

Secure messaging protocols like Signal have succeeded at making end-to-end encryption the norm in messaging more generally. Whether you’re using WhatsApp, Wire, Facebook Messenger’s Secret Chat feature, or Signal itself, you’re benefiting from

Episode 6: Proving the Existence of Vulnerabilities With Zero-Knowledge Proofs!

Nov 3rd, 2020 41m 26s

Zero-knowledge proofs have been a notorious research target ever since Zcash and other cryptocurrencies have invented lots of new use cases for them. Range proofs, bullet proofs, you name it – all kinds of zero-knowledge mechanisms have receive

Episode 5: Isogeny-based Cryptography for Dummies!

Oct 27th, 2020 48m 34s

The NIST post-quantum competition has started a race for post-quantum cryptography. As a result, we’ve seen a great deal of research into alternative hard mathematical problems to use as a basis for public-key cryptography schemes. Lattice-base

Episode 4: Formally Verifying Your Taxes With Catala!

Oct 20th, 2020 43m 56s

Anyone who’s looked at the French civil code -- or, God forbid, the French tax code -- will tell you that it takes more than a mere human mind to decipher its meaning, given how it’s been growing and growing ever since it was established by Nap

Episode 3: BLAKE3, A Parallelizable Hash Function Using Merkle Trees!

Oct 13th, 2020 45m 36s

Ever since its introduction in 2012, the BLAKE hash function has been reputed for achieving performance matching and even exceeding MD5 while still maintaining a high security margin.While the original BLAKE did make it as a finalist to the NI

Episode 2: Breaking Lightweight Symmetric Cryptography!

Oct 6th, 2020 34m 24s

Aside from working on a competition for standardizing post-quantum primitives, the United States National Institute of Standards and Technology, or NIST, has also organized a lightweight cryptography competition meant to attract designs for sym

Episode 1: Post-Quantum TLS With KEMs Instead of Signatures!

Sep 29th, 2020 35m 43s

TLS 1.3 has been widely praised as a major upgrade to the Transport Layer Security protocol responsible for securing the majority of Web traffic. But one area in which TLS 1.3 seems to be lacking is its potential for resistance to attacks that

Rate