Natanael

joined 8 months ago
sorted by: new top controversial old
Tyler Robinson Left Note Vowing to 'Take Out Charlie Kirk': FBI in c/news@lemmy.world
[–] Natanael 14 points 10 hours ago

The note is among the Epstein files. They don't exist.

JD Vance says it's a “statistical fact” that the left commits more political violence. in c/politics@lemmy.world
[–] Natanael 10 points 14 hours ago

Alternative facts

Can anyone confirm? in c/memes@sopuli.xyz
[–] Natanael 13 points 14 hours ago (1 children)

But it will never roll like an orange does

Proton Meet: Secure, end-to-end encrypted video conferencing in c/protonprivacy@lemmy.world
Proton Meet: Secure, end-to-end encrypted video conferencing in c/protonprivacy@lemmy.world
Kirk to Zelensky in c/ukraine@lemmy.world
[–] Natanael 9 points 23 hours ago

He should've lived longer. By a few hours.

IF YOU TAKE ENOUGH YOU CAN SEE *THE PATTERN* BRO in c/science_memes@mander.xyz
[–] Natanael 1 points 1 day ago

Last Thursdayism is when they reload the save

IF YOU TAKE ENOUGH YOU CAN SEE *THE PATTERN* BRO in c/science_memes@mander.xyz
[–] Natanael 2 points 1 day ago

Same lmao

Pretty sure he's misunderstanding interference patterns

Seriously what's that idea? in c/asklemmy@lemmy.world
[–] Natanael 12 points 1 day ago (1 children)

This is why moderators should use a separate account for moderation actions than their main

Seriously what's that idea? in c/asklemmy@lemmy.world
[–] Natanael 1 points 1 day ago

That's not quite sufficient. Look at a bit more advanced cryptographic stuff like Snarkblock.

You still got the issue that blocks WILL have a publicly visible effect when you block somebody who already have replied to you.

Seriously what's that idea? in c/asklemmy@lemmy.world
[–] Natanael 19 points 1 day ago

From a technical standpoint, doing it in another way requires your blocks to be public.

He and you are both publishing individual comments with metadata telling which thread and where in it that these entries go. The instance hosting the community simply pull all these entries together. To cut off that response then your instance must tell that hosting instance to detach that reply from the blocked user. Currently Lemmy doesn't support any such thing.

they were in c/90s_memes@quokk.au
[–] Natanael 1 points 2 days ago (1 children)

These TVs coexisted with abbreviated texting in Sweden

17
Open letter against the proposed EU legislation Chat Control, from over 500 researchers (csa-scientist-open-letter.org)
submitted 1 week ago* (last edited 1 week ago) by Natanael to c/crypto
0 comments fedilink
 

See also;

https://bsky.app/profile/campuscodi.risky.biz/post/3lyfghyytj22x

11
Introducing Signal Secure Backups (signal.org)
submitted 1 week ago by Natanael to c/crypto
1 comments fedilink
4
Inverting the Xorshift128+ random number generator (littlemaninmyhead.wordpress.com)
submitted 2 weeks ago by Natanael to c/crypto
0 comments fedilink
6
Heracles attack - Chosen Plaintext Attack on AMD SEV-SNP (heracles-attack.github.io)
submitted 1 month ago by Natanael to c/crypto
0 comments fedilink
1
[PDF] SleepWalk: Exploiting Context Switching and Residual Power for Physical Side-Channel Attacks (arxiv.org)
submitted 1 month ago by Natanael to c/crypto
0 comments fedilink
2
Verifiable Verification in Cryptographic Protocols - ePrint (eprint.iacr.org)
submitted 1 month ago* (last edited 1 month ago) by Natanael to c/crypto
0 comments fedilink
 

Abstract Common verification steps in cryptographic protocols, such as signature or message authentication code checks or the validation of elliptic curve points, are crucial for the overall security of the protocol. Yet implementation errors omitting these steps easily remain unnoticed, as often the protocol will function perfectly anyways. One of the most prominent examples is Apple's goto fail bug where the erroneous certificate verification skipped over several of the required steps, marking invalid certificates as correctly verified. This vulnerability went undetected for at least 17 months.

We propose here a mechanism which supports the detection of such errors on a cryptographic level. Instead of merely returning the binary acceptance decision, we let the verification return more fine-grained information in form of what we call a confirmation code. The reader may think of the confirmation code as disposable information produced as part of the relevant verification steps. In case of an implementation error like the goto fail bug, the confirmation code would then miss essential elements.

The question arises now how to verify the confirmation code itself. We show how to use confirmation codes to tie security to basic functionality at the overall protocol level, making erroneous implementations be detected through the protocol not functioning properly. More concretely, we discuss the usage of confirmation codes in secure connections, established via a key exchange protocol and secured through the derived keys. If some verification steps in a key exchange protocol execution are faulty, then so will be the confirmation codes, and because we can let the confirmation codes enter key derivation, the connection of the two parties will eventually fail. In consequence, an implementation error like goto fail would now be detectable through a simple connection test.

7
Zero Knowledge Proofs Alone Are Not a Digital ID Solution to Protecting User Privacy (www.eff.org)
submitted 1 month ago by Natanael to c/crypto
0 comments fedilink
3
A Fiat–Shamir Transformation From Duplex Sponges (eprint.iacr.org)
submitted 2 months ago* (last edited 2 months ago) by Natanael to c/crypto
0 comments fedilink
 

https://bsky.app/profile/tumbolia.bsky.social/post/3ltyahiem3s2u

We updated our paper on Fiat-Shamir!

We now take a closer look at the gap between what symmetric cryptography has focused on for over 10 years (indifferentiability) and what is actually needed for the soundness of ZKPs and SNARKs (something stronger!).

4
Opossum Attack - Application Layer Desynchronization using Opportunistic TLS (opossum-attack.com)
submitted 2 months ago* (last edited 2 months ago) by Natanael to c/crypto
0 comments fedilink
 

Opossum is a cross-protocol application layer desynchronization attack that affects TLS-based application protocols that rely on both opportunistic and implicit TLS. Among the affected protocols are HTTP, FTP, POP3, SMTP, LMTP and NNTP.

Note: The vast majority of websites are not vulnerable as HTTP TLS upgrade (RFC 2817) was never widely adopted and no browsers support it.

2
Cloudflare’s Orange Me2eets: An End-to-End Encrypted, Self-hosted, Video Calling Solution (news.itsfoss.com)
submitted 2 months ago by Natanael to c/crypto
2 comments fedilink
2
The Longfellow ZK (Google-zk) (news.dyne.org)
submitted 2 months ago by Natanael to c/crypto
0 comments fedilink
2
Reflections on a Year of Sunlight - by Let's Encrypt, regarding certificate transparency (letsencrypt.org)
submitted 3 months ago by Natanael to c/crypto
0 comments fedilink
 

Via; https://bsky.app/profile/filippo.abyssdomain.expert/post/3lrdvmvj6kj2p

view more: next ›