Security. Cryptography. Whatever‪.‬ Deirdre Connolly, Thomas Ptacek, David Adrian

Are the isogenies kaput?! There's a new attack that breaks all the known parameter sets for SIDH/SIKE, so Steven Galbraith helps explain where the hell this came from, and where isogeny crypto goes from here.

Transcript: https://share.descript.com/view/Xiv307FvOPA

Merch: https://merch.scwpodcast.com

Links:
https://eprint.iacr.org/2022/975.pdfhttps://eprint.iacr.org/2022/1026.pdfhttps://ellipticnews.wordpress.com/2022/07/31/breaking-supersingular-isogeny-diffie-hellman-sidh/GPST active adaptive attack against SIDH: https://eprint.iacr.org/2016/859.pdfFailing to hash into supersingular isogeny graphs: https://eprint.iacr.org/2022/518.pdfhttps://research.nccgroup.com/2022/08/08/implementing-the-castryck-decru-sidh-key-recovery-attack-in-sagemath/Kuperberg attack via Peikert: https://eprint.iacr.org/2019/725.pdfSQISign: https://eprint.iacr.org/2020/1240.pdf(Post recording)  Breaking SIDH in polynomial time:
https://eprint.iacr.org/2022/1038.pdf
"Security. Cryptography. Whatever." is hosted by Deirdre Connolly, Thomas Ptacek, and David Adrian. 

Adam Langley (Google) comes on the podcast to talk about the evolution of WebAuthN and Passkeys!

David's audio was a little finicky in this one. Believe us, it sounded worse before we edited it. Also, we occasionally accidentally refer to U2F as UTF. That's because we just really love strings.

Transcript: https://share.descript.com/view/pBAXADn8gKW

Links:
GoogleIO PresentationWWDC PresentationW3C WebAuthNAdam's blog on passkeys and CABLECable / Hybrid PRCTAP spec from FIDONoise NKPSKDERP
Don't forget about merch! https://merch.securitycryptographywhatever.com/

"Security. Cryptography. Whatever." is hosted by Deirdre Connolly, Thomas Ptacek, and David Adrian. 

Side channels! Frequency scaling! Key encapsulation, oh my! We're talking about the new Hertzbleed paper, but also cryptography conferences, 'passkeys', and end-to-end encrypting yer twitter.com DMs.

Transcript: https://share.descript.com/view/lPM4lsxha63

 Links:
Hertzbleed Attack | ellipticnews (wordpress.com)https://www.hertzbleed.com/hertzbleed.pdfhttps://papers.ssrn.com/sol3/papers.cfm?abstract_id=3920031Merch: https://merch.scwpodcast.com


"Security. Cryptography. Whatever." is hosted by Deirdre Connolly, Thomas Ptacek, and David Adrian. 

The US government released a memo about moving to a zero-trust network architecture. What does this mean? We have one of the authors, Eric Mill, on to explain it to us.

As always, your @SCWPod hosts are Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian).

Transcript: https://share.descript.com/view/UayEVA596OK

Links:
OMB MemoExecutive order on cybersecurity PIV card Derived PIVBeyondCorpHSTS Preloading.gov preloading Neither Rain, Nor Snow, Nor MITMEDR memoTechnology Transformation Services (TTS)Is it Christmas?

We talk about Tink with Sophie Schmieg, a cryptographer and algebraic geometer at Google.

Transcript: https://beta-share.descript.com/view/v2Q5Ix8pvbD

Links:
Sophie: https://twitter.com/SchmiegSophieTink: https://github.com/google/tinkRWC talk: https://youtube.com/watch?t=1028&v=CiH6iqjWpt8Where to store keys: https://twitter.com/SchmiegSophie/status/1413502566797778948EAX mode: https://en.wikipedia.org/wiki/EAX_modeAES-GCM-SIV: https://en.wikipedia.org/wiki/AES-GCM-SIVDeterministic AEADs: https://github.com/google/tink/blob/master/docs/PRIMITIVES.md#deterministic-authenticated-encryption-with-associated-dataThai Duong: https://twitter.com/XorNinjaAWS-SDK Vuln: https://twitter.com/XorNinja/status/1310587707605659649"Security. Cryptography. Whatever." is hosted by Deirdre Connolly, Thomas Ptacek, and David Adrian. 

Live from Amsterdam, it's cancellable crypto hot takes! A fun little meme, plus a preview of the Real World Crypto program!

Transcript: https://share.descript.com/view/GiVlw4qKV2i

Links:

Tony's twete: https://twitter.com/bascule/status/1512539700220805124
Real World Crypto 2022: https://rwc.iacr.org/2022
Merch! https://merch.scwpodcast.com

Find us at:
https://twitter.com/scwpod
https://twitter.com/durumcrustulum
https://twitter.com/tqbf
https://twitter.com/davidcadrian