If you already know what MetaMask does, skip this part.
Yet another dependency: this time to …

I want to stress that this was an informal code review : I didn’t use any tooling, didn’t even …

NB: This post describes a very casual code review of a few cryptography functions used by MetaMask. …

Follow

— Justin Schuh (@justinschuh) March 24, 2021
(Note that the third case is kind of weird. It might be …

Is Apple's Cloud Key Vault a crypto backdoor?

Does Zoom use end-to-end encryption?

iCloud: Who holds the key?

A riddle wrapped in a curve

This brings us to the central challenge of all content tracing proposals so far: to make tracing …

A few weeks back, the messaging service WhatsApp sued the Indian government over new legislation …

A first thing to keep in mind is that content tracing is not really a natural feature for messaging …

Thinking about “traceability”

---

A few weeks ago the messaging service WhatsApp sued the Indian …

Truecrypt report

Attack of the week: TLS timing oracles

It's the end of the world as we know it (and I feel fine)

By Matthew Green in Apple , attacks , backdoors , malware July 20, 2021 July 20, 2021 1,417 Words 2 …

A perverse reaction I’ve seen from some security experts is to shrug and say “there’s no such thing …

A case against security nihilism

---

This week a group of global newspapers is running a series of …

What's the deal with RC4?

Random number generation: An illustrated primer

A history of backdoors

How do you know if an RNG is working?

On the NSA

How safe is Apple's Safe Browsing?

On Ghost Users and Messaging Backdoors

On cellular encryption

Secure computing for journalists

Attack of the week: POODLE

Dear Apple: Please set iMessage free

Beyond public key encryption

A few thoughts on CSRankings.org

On the Juniper backdoor

Zerocoin: making Bitcoin anonymous

Can Apple read your iMessages?

Attack of the week: 64-bit ciphers in TLS

Attack of the Week: Apple iMessage

Attack of the week: DROWN

The Internet is broken: could we please fix it?

Attack of the Week: Group Messaging in WhatsApp and Signal

Digital Fortress: I read it so you don't have to

Format Preserving Encryption, or, how to encrypt a credit card number with AES

Write a Comment…

Attack of the week: searchable encryption and the ever-expanding leakage function

How (not) to use symmetric encryption

Multiple encryption

The limitations of Android N Encryption

The future of Ransomware

Attack of the week: Logjam

Attack of the week: FREAK (or 'factoring the NSA for fun and profit')

Attack of the Week: Triple Handshakes (3Shake)

Why I hate CBC-MAC

EARN IT is a direct attack on end-to-end encryption

Useful cryptography resources

A very casual introduction to Fully Homomorphic Encryption

A note on blind signature schemes

Can end-to-end encrypted systems detect child sexual abuse imagery?

What is the Random Oracle Model and why should you care? (Part 1)

Ok Google: please publish your DKIM secret keys

DKIM allows providers to periodically “rotate”, or replace, the keys that they use to sign outgoing …

Attack of the week: RC4 is kind of broken in TLS

What's the matter with PGP?

Indifferentiability

---

So you want to use an alternative cipher...

Why is Signal asking users to set a PIN, or “A few thoughts on Secure Value Recovery”

Hash-based Signatures: An illustrated Primer

The strange story of "Extended Random"

[Marking site as being monitored from now on]

How does Apple (privately) find your offline devices?

[Marking site as being monitored from now on]