Christopher Patton

We're falling behind

If you aren’t familiar, Terence Tao is a Fields Medalist and arguably the most prominent and accomplished mathematician of his generation.

No one is safe, basically. The current administration will use any excuse to burn it all to the ground.

My favorite slide from PETS so far

A Fiat–Shamir Transformation From Duplex Sponges We analyze a variant of the Fiat–Shamir transformation based on an ideal permutation. The transformation relies on the popular duplex sponge paradigm, and minimizes the number of calls to the permutat...

We updated our paper on Fiat-Shamir!

We now take a closer look at the gap between what symmetric cryptography has focused on for over 10 years (indifferentiability) and what is actually needed for the soundness of ZKPs and SNARKs (something stronger!).

eprint.iacr.org/2025/536

Welcome! You are invited to join a webinar: From UNICEF to NPR: Trump’s Cuts End Here: A Town Hall to Defend Global Health and Public Media. After registering, you will receive a confirmation email ab... Welcome! You are invited to join a webinar: From UNICEF to NPR: Trump’s Cuts End Here: A Town Hall to Defend Global Health and Public Media. After registering, you will receive a confirmation email ab...

This evening there's an important webinar about the attempts to codify cuts to everything from global health to NPR: us02web.zoom.us/webinar/regi...

Relaxing Tea Better Fucking Work

Relaxing Tea Better Fucking Work
theonion.com/relaxin...

Nice

I for one, can't wait for our AI overlord doctors.

Slides of my talk titled "Lattices give us KEMs and FHE, but where are the efficient lattice PETs? -- By Example of (Verifiable) Oblivious PRFs" given at spiqe-workshop.github.io are here: github.com/malb/talks/b...

Thanks @kennyog.bsky.social and @jurajsomorovsky.bsky.social for inviting me.

Good luck today, Googlers

😭

Announcing The First Recipients of The Zama Cryptanalysis Grants The Zama Cryptanalysis Grant Program supports research that challenges the security of today’s privacy-enhancing tech.

Super pleased to see that Zama has just announced the first recipients of the Zama Cryptanalysis Grants.

www.zama.ai/post/announc...

The projects supported cover security of FHE, MPC, TEEs and ZK.

The teams getting the grants represent some of the leading experts in their respective fields.

Abstract. We present an effective methodology for the formal verification of practical cryptographic protocol implementations written in Rust. Within a single proof framework, we show how to develop machine-checked proofs of diverse properties like runtime safety, parsing correctness, and cryptographic protocol security. All analysis tasks are driven by the software developer who writes annotations in the Rust source code and chooses a backend prover for each task, ranging from a generic proof assistant like F⋆ to dedicated crypto-oriented provers like ProVerif and SSProve Our main contribution is a demonstration of this methodology on Bert13, a portable, post-quantum implementation of TLS 1.3 written in Rust and verified both for security and functional correctness. To our knowledge, this is the first security verification result for a protocol implementation written in Rust, and the first verified post-quantum TLS 1.3 library.

Formal Security and Functional Verification of Cryptographic Protocol Implementations in Rust (Karthikeyan Bhargavan, Lasse Letager Hansen, Franziskus Kiefer, Jonas Schneider-Bensch, Bas Spitters) ia.cr/2025/980

CRITICAL vulnerability in AI software engineering layer (MCP server of Github). Expect many, many more of such issues. This is a first real-world demonstration of how agents can be hijacked, leaking secret or private data. invariantlabs.ai/blog/mcp-git...

Zoomed out we see a small, lone shuttlecraft flying through a cloudy sky. Closed caption reads, "(screaming)"

Abstract. This paper explores the algebraic structure of the Poseidon and Poseidon2 permutations over NTT-friendly finite fields, with a focus on preimage recovery via root-finding techniques. We introduce an algorithm for efficiently identifying single roots of high-degree univariate polynomials that emerge from these constructions, based on the Graeffe transform and the tangent Graeffe method. Our approach is evaluated on reduced-round bounty instances of these permutations at various security levels, as proposed by the Ethereum Foundation, demonstrating practical effectiveness. These results yield new insights into the security of permutation-based cryptographic primitives instantiated over NTT-friendly prime fields.

Attacking Poseidon via Graeffe-Based Root-Finding over NTT-Friendly Fields (Antonio Sanso, Giuseppe Vitto) ia.cr/2025/937

Yeah but it's how we learned about 'puters!

Coooool

lattirust Lattice zero-knowledge/succinct arguments, and more - lattirust

I'm happy to finally open-source lattirust, a library for lattice-based zero-knowledge/succinct arguments! Lattirust is somewhat like arkworks, but for lattices; and like lattigo, but for arguments.

➔ github.com/lattirust

Dude you are so fucking fast!

I don't do plugs often, but if your company relies on work like this being done professionally, Geomys (geomys.org) is how it happens.

You should help us get a contract. You don't need to have spending authority! Just DM me, do an intro, and we'll drive the process. We're pretty good at it.

🏆🏆🏆

Oh, momma!

Dorothy Sunrise Lorentino.

#ResistanceRoots

Dorothy Sunrise Lorentino was born on this day in 1909 on the Comanche Reservation, near Cache, Okla. When she was just nine years old, she and her family won a landmark court case mandating that Native American children be allowed to attend Oklahoma public schools. /1

All the brilliant people I know agree computer science is one of the most political things we have in society. To believe otherwise is maliciously ignorant at this point

Chris Krebs is speaking at the end of a panel at RSA right now and going off on Trump admin cuts to CISA, getting applause:

"Right now to see what's happening to the cybersecurity community inside the federal government, we should be outraged. Absolutely outraged....Make CISA great again."

2025: TechCompany replacea contract workers with AI
2077: AI replaces TechCompany with contract workers

Exactly the same as the first time. People with prior orders of removal, that were allowed to stay for humanitarian or diplomatic reasons, and have been checking in with ICE for years, are the low hanging fruit and so get grabbed at check-ins and detained and deported.