There are no technical or compliance reasons to double the size of symmetric keys in response to the threat of quantum computers.
This common misunderstanding of Grover's algorithm risks wasting limited resources that should go towards deploying actually urgent post-quantum algorithms.
![[April 2026 Update] RFC 5869 is now listed in SP 800-140D, the top-level list of official Approved SSP Generation and Establishment Methods for FIPS 140-3 purposes.1 This makes it as a whole just as Approved as SP 800-108 or SP 800-56C.
The CMVP announced its addition with the comment โeven though it is technically compliant to SP 800-56C which is already listedโ proving it had always been FIPS 140-3 compliant.
The rest of the post is retained for historical purposes (and because if you want to be precise, you still need to figure out how to list it on your certificate), but most of you can stop reading now.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:x2nsupeeo52oznrmplwapppl/bafkreibhflqy2twnqyy7oofius3qlcqpplmnpyxmsnf6k6a5bp4ua3m3aq)
[April 2026 Update] RFC 5869 is now listed in SP 800-140D, the top-level list of official Approved SSP Generation and Establishment Methods for FIPS 140-3 purposes.1 This makes it as a whole just as Approved as SP 800-108 or SP 800-56C. The CMVP announced its addition with the comment โeven though it is technically compliant to SP 800-56C which is already listedโ proving it had always been FIPS 140-3 compliant. The rest of the post is retained for historical purposes (and because if you want to be precise, you still need to figure out how to list it on your certificate), but most of you can stop reading now.
I had a whole post on "yes, HKDF is FIPS 140-3 compliant, actually" but now NIST just went and added it by name to the list of Approved algorithms with a change comment saying "it was always compliant, yo" (paraphrased), so yay.
words.filippo.io/fips-hkdf/
Alright, it's official! ๐ฐ
@matthewdgreen.bsky.social and I bet on what will break first, ML-KEM-768 or X25519. The loser donates to a 501(c)(3) picked by the winner.
If you have an opinion on quantum computers or lattices, you can join with a side bet. Just submit a PR!
github.com/FiloSottile/...
Look I canโt help that one of my hobbies is โreading PDFsโ
NEW EPISODE!
The gang learns a bitter lesson about AI and bug finding! Returning champion Nicholas Carlini is back to talk about Claude for vulnerability research.
securitycryptographywhatever.com/2026/03/25/a...
www.youtube.com/watch?v=_IDb...
LIVE FROM TAIPEI, IT'S REAL WORLD CRYPTO!
#realworldcrypto
Airplane window photo of a bright blue jet engine in flight with a small safety sticker showing a crossed-out male restroom-style icon.
Engine safety rule: no men
Oh noooooooooooo ๐ซ
I have written self-tests for the Python test generator and added tests to the Go tests.
Folks, I can confirm we got all the edge cases! ๐ฅ ๐ฅณ
Thank you so much to everyone who contributed to the > 8,500(!) cores. I would like to credit you, so either reply or DM me your name/handle, if you'd like.
people are always talking about a hypothetical technologically advanced alien race ... but I always wonder, if they exist, do they also have to deal with PKI?
look at the size of this bun ๐ just learned they can get this big (and larger)
With Tom Lehrer's passing, I suppose this is a moment to share the story of the prank he played on the National Security Agency, and how it went undiscovered for nearly 60 years.
Tom Lehrer wasn't just a satirist or a musician.
He as a comedian who could quietly tell a joke and wait more than SIXTY YEARS for the payoff.
That's dedication to craft.
We lost an icon.
In 2022, a local #alamtg activist named Rasheed Shabazz was asking around on twitter about digitizing meeting minutes and monthly reports from local organizations as part of his ongoing research into the racial history of Alameda.
1/n
quantum agile >> quantum waterfall
quantum random artificial intelligence cryptanalysis
artificial quantum random intelligence
I was literally spinning up LA County as the fires started, and it just finished and pushed today.
We'd love someone to dig into fire prevention and land use policy around what happened here
๐๐๐๐ฅบ
Quick reminder: the Queer in Cryptography conference is being held 6-7 March, 2025, in Rochester! Come for the conference Thursday and Friday, stay for the fantastic city of Rochester!
cryptography.lgbt
visitrochester.com
ruuuuuuude
Galaxy Brain is excited to announce that we are partnering with @techtonica.bsky.social, a US-based nonprofit helping women and nonbinary adults seeking economic empowerment overcome barriers to technical careers.
My absolutely lukewarm take of the day is that more organizations should hire librarians
Okay, so: the other day I wrote a thread on "you should have rules that ban off-platform harassment". Well, given the latest thread from @safety.bsky.app, I wanted to do a short follow-up to that to talk in more detail about *why* you need policies like that.
bsky.app/profile/andr...
*designing cryptographic protocols* yeah nah, feeling pretty chill, gonna get cozy and figure out how to structure this key tree
*trying to parse a QR code from a webcam* what the fuck is this black magic, how do people do this
A chart of quantum computing comparing number of qubits to error rate. This is a very visual chart and is better explained in text on my website.
2024 update for my chart on the landscape of quantum computing: sam-jaques.appspot.com/quantum_land...
Not much visible on the chart, but Google's result (the one with the recent press attention) is a pretty big deal
the talk went well. โจ
Argh, I am fully awake at 7:00am. ๐
If you are at #asiacrypt2024, please come to my talk at 9:00am in Track 2 on "Robust AE With Committing Security" (w/ Viet Tung Hoang). If you are a keener and want to read the paper first: eprint.iacr.org/2024/1542