David Oswald

Cryptographers Held an Election. They Can’t Decrypt the Results.

The International Association for Cryptologic Research has used heliosvoting.org – my online voting system – for a number of years.

This year, a trustee lost their secret key. The election has to be re-run.

Below, a few thoughts that didn't fit in the NYT piece.

www.nytimes.com/2025/11/21/w...

This paper is about fault injection on real Intel CPUs, resulting in interesting primitives such as instruction skip. Read the uasc.cc/proceedings2... and/or attend uASC in Leuven to learn more!

uASC 2026 will take place on February 3, 2026, in Leuven, Belgium, hosted by KU Leuven. Have you submitted your paper yet? 🤔

Cycle 2 Paper Submission Deadline is November 4, 2025!
👉 uasc.cc #uasc26

Possible End to End to End Encryption: Come Help - Bert Hubert tl;dr: The European Commission is honestly asking for experts to advise them on ways to institute “effective and lawful access to data for law enforcement”. If you are an expert, I urge you to apply t...

Europeans with credible expertise in cryptography and/or computer security should participate in this call by the 🇪🇺 Commission to explain to them, in terms that politicians can understand, why providing access to communications data to law enforcement … berthub.eu/articles/pos...

So What Do We Know QC To Be Good For?
- Simulating quantum physics and chemistry
- Breaking current public-key encryption (RSA, DH, ECC)
- Eventually, modest (square-root) speedups from Grover
- We’ll have to get lucky for most other applications!
(The world has been systemically lied to about this)

YouTube video by EEVblog EEVblog 1534 - Solar Freakin' RAILways! Sun-Ways DEBUNKED

This seems like a good idea until you think it through - there are many reasons solar panels go on roofs at an angle, and not flat on the ground, with plenty of dirt, vegetation, mechanical stress, … So less flashy but more practical would be to eg use station roofs. See also youtu.be/7vItnxhWRqw

and for DDR4/5: blog.3mdeb.com/2024/2024-12...

There is this relatively recent paper (2023) that does somethinf along these lines up to DDR3: www.computer.org/csdl/proceed...

uASC 2026 will take place on February 3, 2026, in Leuven, Belgium, hosted by KU Leuven. We can't wait to see you next year!

Cycle 1 Paper Submission Deadline is July 15, 2025!
👉 uasc.cc #uasc26

Join the Graz Security Week from Sep 1 to 5! with @sahar-abdelnabi.bsky.social, Jo Van Bulck, Maria Eichlseder, Georg Fuchsbauer, @sublevado.bsky.social, @fbpierazzi.bsky.social, Kaveh Razavi, Christian Rossow, Yang Zhang securityweek.at (system security, side channels, AI security, & cryptography)

Reminder that the MSCA postdoctoral program exists. If you have a PhD and want to work in a European lab, you have until September to apply. Just contact them now.

ec.europa.eu/info/funding...

Bid to host SaTML 2026 Thank you for considering to host SaTML! SaTML has been organized as a 3 day conference so far. We are looking for volunteers interested in finding a venue to host the conference in 2026. By submitti...

🌍 Help shape the future of SaTML!

We are on the hunt for a 2026 host city - and you could lead the way. Submit a bid to become General Chair of the conference:

forms.gle/vozsaXjCoPzc...

If you are looking for a PhD or PostDoc position in Cryptographic Engineering, please check the openings of Michael Hutter at our Research Institute CODE here in beautiful Munich. Please consider and help spread the word: iacr.org/jobs/item/3908

Undergraduate Upends a 40-Year-Old Data Science Conjecture | Quanta Magazine A young computer scientist and two colleagues show that searches within data structures called hash tables can be much faster than previously deemed possible.

Without setting out to do so, Andrew Krapivin recently upended the common thinking around hash tables — one of the best-studied tools in computer science. Steve Nadis reports:
www.quantamagazine.org/undergraduat...

security-research/pocs/cpus/entrysign at 5952723423260f0c6932408da3cbe6b3b708373d · google/security-research This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code. - google/security-research

oh hello there: github.com/google/secur...

We updated the uASC deadline: it is **January 28 AoE**, which is 1 day after the DIMVA notification.
Take a look at our CFP. Any insights around microarchitecture security are interesting.

uasc.cc

AMD’s trusted execution environment blown wide open by new BadRAM attack Attack bypasses AMD protection promising security, even when a server is compromised.

AMD’s trusted execution environment blown wide open by new BadRAM attack #BadRAM #AMD arstechnica.com/information-...

#BadRAM just went public: Tampering with DRAM modules allows attackers to bypass SEV-SNP's write protection and forging attestation reports, breaking all trust in #SEV-SNP.
Joint work with Jesse De Meulemeester, Luca Wilke, @sublevado.bsky.social, Ingrid Verbauwhede and Jo Van Bulck
badram.eu

Got some negative or unrealistic threat model results that still bring interesting insights? A side channel that requires root to leak something from the kernel? Reproducing prior work? Somewhat related to microarchitecture? Here's your venue: uasc.cc