JP Aumasson
@veorq
Followers
18,403
Following
930
Media
2,196
Statuses
25,476
cofounder & CSO @taurus_hq , author @cryptolexicon , designer BLAKE2 BLAKE3 SipHash, Signal: jpa.01
Switzerland
Joined June 2009
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
#TGS2024
• 170748 Tweets
Tigers
• 103271 Tweets
Miami
• 79815 Tweets
Knicks
• 67573 Tweets
Towns
• 64649 Tweets
Minnesota
• 63816 Tweets
#SmackDown
• 53662 Tweets
Randle
• 48205 Tweets
Wolves
• 34983 Tweets
Rudy
• 34560 Tweets
Royals
• 27266 Tweets
Hart
• 22474 Tweets
#DesafioXX
• 21379 Tweets
भगत सिंह
• 21148 Tweets
Asharamji Bapu Case
• 18228 Tweets
日本破壊クソメガネ
• 16671 Tweets
Equality Exploited
• 15666 Tweets
Cam Ward
• 15401 Tweets
Celtics
• 11244 Tweets
Pinned Tweet
Changes on EVERY page, new chapter "Cryptocurrency cryptography" inc. PoW, algebraic hashing & Poseidon, multi-signatures, threshold signatures, zero-knowledge proofs, and more.
NEW: section about Ed25519; the new Linux PRNG; NIST's PQC standards
12
106
380
beware the 2020 length-extension time-travel attack:
if you write a date as 01/02/20, someone could edit it to 01/02/2010 etc.
the attack is practical and requires negligible memory
17
280
870
it's out
will present it at
@RealWorldCrypto
the paper I'm the proudest of
thanks to
@sevenps
34
291
854
on a call explaining to someone that cryptography is not just about blockchain and even existed before blockchain
send help
23
56
581
Hope you’ll like it 😊
This week we’re putting the final touches and checking all the equations, so excited!
Shipping in February 2021 🎉
Thanks
@billpollock
and all the
@nostarch
team 💙📚
Thanks to all who helped and supported this project 🤗🙏
35
108
448
excellent crypto book by Mike Rosulek, more formal than Serious Crypto and less than Katz/Lindell, and it's free!
2
148
389
Murphy's Laws of Cryptography💣
Cryptography turns a security problem into a key management problem.
New cryptography generates new attacks.
If it's provably secure, it's probably not.
Any large enough system will include broken cryptography.
Others?
36
104
345
DEFCON quals had a crypto challenge involving anomalous trace-1 curves and their weakness
But Python is even weaker than weak curves:
6
83
307
we audited
@InputOutputHK
's Ethereum Classic wallet (Mantis), the report is now available
11
98
269
"Lots of people working in cryptography have no deep concern with real application issues. They are trying to discover things clever enough to write papers about."
—Whit Diffie
6
54
250
in other news: Serious Cryptography sold 10,000 copies in about a year, thanks
@billpollock
and all the
@nostarch
team for making this happen!
16
22
247
"Mathematics and Computation", free draft of a book by Avi Wigderson, it looks excellent
2
106
235
You know Enigma but did you know the Barbie encryption machine (with a Swiss 4-bit microcontroller from EMM)
"hidden built-in cryptographic capability (...) mono alphabet substitution cipher, also known as MASC, with 4 different keys"
7
81
226
my Linux system is much faster now! all I had to do was to copy this script in my ~/.bashrc file!
thanks
@cynicalsecurity
for the tip!
14
77
230
He can do quantum operations and entanglement on a classical computer (also, speed of light is variable)
17
9
217
Swiss multilingualism:
- Swiss-German person calls me, makes an effort to speak Hochdeutsch rather than dialect
- I understand but am more comfortable responding in English, so we switch to English
- They write me a follow-up email in French
- I respond to said email in German
12
21
215
if something as trivial as a hash function has bugs that take years to be discovered (one in the BLAKE ref code took 7 years), think of ZK proofs systems protocols' and code's complexity
> The vulnerability is a buffer overflow that allows attacker-controlled values to be eXclusive-ORed (XORed) into memory (..) making many standard protection measures against buffer overflows (e.g., canary values) completely ineffective.
4
41
120
14
50
204
economists are notoriously bad at predictions about the economy
10
79
199
you're in Switzerland, you like IT security, are familiar with corporate IT challenges, don't mind client-facing work, and want to work with a cool team? contact me :)
14
55
199
the "crypto coding rules" are back at
originally started this in 2013, haven't touched it in years, just did some cleanup and update but still lot of work needed! PRs welcome :)
4
89
194
* create a silly shitcoin and ICO in 30min: hundreds of RT's, comments, likes, etc.
* publish , the most advanced hash-based crypto scheme ever, submission to NIST's post-quantum contest.. *crickets*
14
81
189
typical infosec people reasoning: "it's not perfect ergo it's useless"
13
21
187
one of the most interesting projects I've seen lately
"zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture."
6
44
188
Just learnt that Diffie-Hellman and "all encryption" is based on factorization
3
5
175
Proud to announce
@teserakt_io
's first product: MQTT end-to-end encryption & key management @
Our tagline is "serious cryptography, secure software, no BS" – and no blockchain :-)
10
73
175
Looks very good
0
53
174
If you found Serious Crypto too technical (and even if you didn't), Crypto 101 is a great reference too, with lot of material not covered in my book and often more accessible explanations
1
77
175
NEW BOOK delivered to
@nostarch
🔥📚🔥
touches many more topics than Serious Crypto
but not a sequel to Serious Crypto
better for total beginners
better for experts and PhDs
thanks to COVID19,
@cryptopathe
,
@vixentael
,
@luca_defeo
,
@claucece
, and others who helped
pic = hint
10
46
172
dear blockchain/$crypto companies: I don't want to join all your Slacks and I won't report bugs on your bitcointalk thread, please use this new thing called EMAIL, and even better, have a security contact and publish a PGP key
3
40
166
Serious Crypto is one of the recommended textbooks in MIT's Computer and Network Security class (by Ron Rivest et al.)
9
23
168
Brexit-level crypto, from the Brexit deal document (p921 in ):
SHA-1
1024-bit RSA
Netscame Communicator 4.x
13
54
166
Crypto history: this is the first specification of ChaCha20 by
@hashbreaker
on the eSTREAM forum; no LaTeX, no peer review, just a good idea, and now the most used stream cipher in the universe (TLS, SSH, WireGuard, etc.)
6
56
164
hey NIST, before deploying post-quantum crypto, please fix your HTTPS ;-)
2
56
154
TIL OpenSSL can generate RSA keys with more than 2 primes, and of course like all weird OpenSSL features it's a bit broken
7
28
152
if you want to understand how Shor's quantum algorithm can break RSA by factoring its modulus after finding a function's period using a quantum Fourier transform, then this may be the best explanation you'll find
4
42
155
I started by telling the guy that DH and AES aren't based on factorization, then Thomas Pornin reminded him of the prior art (Eratosthene sieve), then Dan brilliantly finished him 🔥💪
I yelled at the Time AI guy. It’s ok to get angry at someone trying to harm people. I was shocked that more people haven’t done the same.
45
94
497
7
26
151
Pretty sure he found applications to astrology and to prove that the Earth is flat
21
9
146
IOTA hired good symmetric cryptographers to design its new hash function "Troika", an AES-ish sponge. A cryptanalysis competition will award up to 200k€, see IOTA's announcement () , and contest rules
7
52
143
"an attacker can create a malicious ELF file as a smart contract, which can trigger the integer overflow. After that, every validator would run the target ELF file and the rBPF would get panic with “add with overflow”"
2
47
145
total password fail by Air France (found by
@SecuringApps
): between 4 and 6 chars, should *not* contain special chars
/cc
@thorsheim
18
118
140
think you need to be a math genius to be a decent cryptographer?
these are comments from my high-school math and physics teachers, which can be translated as "you suck"
I was even worse at university and doubled my 3rd bachelor year
and these were far from elite places
11
15
141
post where I explain how to find collisions for SHA-2 or SHA-3 using anthropic computing (also, post-quantum stuff)
5
88
135
the crypto testing tool we presented at Black Hat
1
66
136
the vuln:
srandom(seed + cur_time + (unsigned)getpid());
Google Compute Engine (GCE) VM takeover via DHCP flood - gain root access by getting SSH keys added by google_guest_agent 🤨
3
160
459
4
44
136
cryptographers: anything less than 128-bit security is broken!
also cryptographers: run conference/preprint services using 6-digit passwords and unauthenticated database access
8
15
131
Or why overconfident idiots have more influence than you in your organization
3
94
125
alright: SHA-1 backdooring and exploitation, everything is already on
http://t.co/0HFNooidN2
(full paper, slides, PoCs) feedback welcome!
5
179
127
"Java’s implementation of ECDSA signature verification didn’t check if r or s were zero"
they're not the only ECDSA code to have this bug
4
35
128
meanwhile, not-a-blockchain IOTA with its ternary encoding and understudied symmetric-crypto-only construction enters the marketcap top-4... remind me to find some time to find flaws in there
11
34
125
- MPC in the head
- block cipher encryption
- sponge function
- Merkle hash tree
38
29
121
"How to crack Ubuntu disk encryption and passwords", on eCryptfs' SHA-512-based password hash
http://t.co/IlTkSdDmsC
2
121
124
crypto in 2018:
*
@hashbreaker
and his gang break more post-quantum submissions
* side-channels in p-q schemes implementations: new attacks and defenses
* CAESAR eventually ends
* there's a new crypto competition
* major vulnerabilities found in major blockchain systems
2
46
121
someone claims to have "cracked" RSA, should I tell him that Time AI already did?
17
10
123
Contact-tracking: predictions:
* Tons of papers about privacy-preserving schemes, security notions, proofs, quantum versions, formal verification, etc., maybe a conference - PRIVTRACON
* Only basic schemes will be deployed, with too few users and too late to make a difference
12
37
120
> The vulnerability is a buffer overflow that allows attacker-controlled values to be eXclusive-ORed (XORed) into memory (..) making many standard protection measures against buffer overflows (e.g., canary values) completely ineffective.
4
41
120
Common misunderstandings with crypto hardware security:
* CC's EAL levels are about assurance quality, not security.
* FIPS 140-2 L3 is not about resistance to physical attacks, but about their detection (which is better).
* HSMs do not necessarily do crypto with hardware.
12
43
121
one of the most powerful cryptographic static analysis tools, in just 110 bytes
5
45
115
An ICO in a single tweet! JPcoin! lets revolutionize the Crypto Industry!
* ICO: get 1 JPcoin for 1000 satoshis! just look up the asset ID on the Waves exchange
* Supply: 1000000 units
* Airdrop: tweet me your address to get 10 JPcoins!
* White paper!
63
34
116
in my list of "papers that a cryptographer should reread every year":
@hashbreaker
's "Understanding bruteforce"
http://t.co/Mw3rIODQax
6
71
116
"Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study"
4
43
115
end-to-end encryption is flawed and insecure, use ONE-END ENCRYPTION instead
23
76
112