There are no technical or compliance reasons to double the size of symmetric keys in response to the threat of quantum computers.
This common misunderstanding of Grover's algorithm risks wasting limited resources that should go towards deploying actually urgent post-quantum algorithms.
Objects in the quantum mirror are closer than they appear.
blog.google/innovation-and-ai/techno...
Two papers came out last week that suggest classical asymmetric cryptography might indeed be broken by quantum computers in just a few years.
That means we need to ship post-quantum crypto now, with the tools we have: ML-KEM and ML-DSA. I didn't think PQ auth was so urgent until recently.
A cluttered and complicated chart relating qubit counts to qubit error rates, comparing today's devices to cryptographic attacks.
Overdue quantum landscape update: sam-jaques.appspot.com/quantum_land...
A 2d chart can only say so much. tl;dr new results are still overhyped, but definitely worth taking seriously. This chart is based on surface codes and a big question now is whether new codes can be practical (=>useless chart)
The EU seems to be going in the right direction when it comes to mass message scanning. Unfortunately, the fact that this vote was necessary proves that we’re still in the dark timeline. cyberinsider.com/eu-votes-to-...
Governments worldwide turn to age-based access control to Internet services to protect children. More than 370 scientists call for a moratorium until there is a good understanding of their feasibility, effectiveness, and societal impact:
csa-scientist-open-letter.org/ageverif-Feb...
Har vært på leting etter snill, trygg og ikke-amerikansk telefon. Jeg fant ut to ting:
1) At det er umulig å komme helt i mål, og hvorfor
2) Hvorfor det likevel er verdt å forsøke
Håper du vil lese! Artikkelen er også blitt en slags podkast i lydutgaven, et eksperiment, om du heller vil lytte
Have you noticed that digital products and services are getting worse? So have we!
Today we are publishing our new report, Breaking Free: Pathways to a fair technological future. vimeo.com/1168468796?f...
The call for presentation (3-page extended abstract) deadline is on Wednesday this week, check it out: privcryptworkshop.github.io/cfp.html
Published an opinion piece (in Norwegian) about PQC (yay) vs QKD (buu) in @digi.no today, together with @jonathan.isogeny.club, Kristian Gjøsteen (NTNU), Øyvind Ytrehus (UiB), and Morten Øygarden (UiB): www.digi.no/artikler/deb...
I am very happy to announce that thanks to the hard work of many people (The "MIKE Team"), we now have a working implementation in SageMath of MIKE (Module Isogeny Key Exchange).
A team of computer scientists from the Applied Cryptography Group, including Matteo Scarlata, Professor Kenny Paterson, Giovanni Torrisi and Matilda Backendal, have discovered serious security vulnerabilities in three popular cloud-based password managers.
Read more ⬇️
We are also very excited that Stefano Tessaro @stefanotessaro.bsky.social accepted to give an invited keynote on «anonymous credentials» at the PrivCrypt workshop: homes.cs.washington.edu/~tessaro/
We are very excited to announce that Anja Lehmann will give an invited keynote on «real-world privacy protocols» at the PrivCrypt workshop: hpi.de/lehmann/team...
My colleague Jeongeun Park has an open PhD position in Post-Quantum Cryptography for Privacy Preserving Protocols at NTNU in Trondheim with application deadline March 20: www.jobbnorge.no/en/available...
I am co-organising (with @drl3c7er.bsky.social and Lucjan Hanzlik) a workshop on Privacy-Enhancing Cryptography in Rome on May 10 as an affiliated event to IACR Eurocrypt. Submit your best PEC-work (3-page extended abstract) for presentation by February 25th: privcryptworkshop.github.io
Submission week for the Cryptographic Application Workshop (CAW), an affiliated event at Eurocrypt'26 in Rome! Please submit your talk proposals on constructive real-world crypto using the following instructions before Jan 23, 2026 AoE. All infos on: caw.cryptanalysis.fun.
We're hosting an Autumn School in London, UK, from 15 to 17 September 2026, to bring together ethnographers and cryptographers to discuss ways in which the two fields can be meaningfully brought into conversation. This is also the premise of our Social Foundations of Cryptography project: to ground cryptography in ethnography. Here, we rely on ethnographic methods, rather than our intuition, to surface security notions that we then formalise and sometimes realise using cryptography. Our intention is to 'flip' the typical relationship between the computer and social sciences, where the latter has traditionally ended up in a service role to the former. Rather, we want to put cryptography at the mercy of ethnography. But how do we do this? How do we as cryptographers interact with and make sense of ethnographic field data? How can we refine, improve or extend this interaction? What obstacles do we face when we make cryptography rely on ethnographic data which is inherently 'messy'? How do we handle that cryptographic notions tend to require some form of generalisation but ethnographic findings can only be particular? How do ethnographers retain the richness of ethnographic field data in conversations with cryptographic work? Indeed, our project has already highlighted some limitations of our approach. It has brought to the fore concrete challenges in 'letting the ethnographic data speak' while still making it speak to cryptography. The Autumn School is an opportunity to explore these questions jointly across ethnography and cryptography, through a series of talks, group discussions and activities. We say a bit more about the programme and registration for the Autumn School here.
Social Foundations of Cryptography: Autumn School
London, UK | 15 to 17 September 2026
social-foundations-of-cryptography.gitlab.io/school
Come work with us!
Lecturer (≅ Assistant Professor/Juniorprofessor/Maître de conférences) in Cryptography at King’s College London
martinralbrecht.wordpress.com/2026/01/05/l...
Germany has agreed to stop ChatControl for now, due to huge amounts of public pressure. Good job! The bad news is that it could come back as soon as December, and the German government has interpreted the feedback as a need to “moderate” the proposal.
Discord user IDs getting leaked is the entirely predictable consequence of requiring platforms to do age verification. That data never goes away, it spreads. In this case, into appeals in a breached customer support database. And predictably, it can get worse. www.404media.co/the-discord-...
Forhåpentligvis snart!
Someone please make me understand how Denmark can be at the same time freaking out about hybrid war with Russia AND pushing for government-mandated spyware as Chat Control.
What is chat control? Good video explainer developed by @carmelatroncoso.bsky.social and team at Max Planck Institute for Security and Privacy #chatcontrol www.youtube.com/watch?v=-y2O...
We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe. signal.org/blog/pdfs/ge...
