Chris Fenner's Avatar

Chris Fenner

@chrisfenner.bsky.social

24 Followers  |  20 Following  |  42 Posts  |  Joined: 04.12.2023  |  2.179

Latest posts by chrisfenner.bsky.social on Bluesky


We need more former bartenders in Standards groups too!

22.02.2026 18:48 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

πŸ™Œ

β€œMistakes in cryptography are not a sin […]. They’re simply a fact of life. As somebody once said, β€œcryptography is nightmare magic math that cares what color pen you use.” We’re all going to get stuff wrong if we stick around long enough to do something interesting[.]”

18.02.2026 21:22 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

M Night Shyamalan -ass security protocol

17.02.2026 02:52 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Frog and Toad with a box illustration. Badly edited text.

Frog put the KEY in a box. "There," he said. "Now we will not SIGN MALICIOUS MESSAGES."
"But we can ASK THE HSM," said Toad.
"That is true," said Frog.

Frog and Toad with a box illustration. Badly edited text. Frog put the KEY in a box. "There," he said. "Now we will not SIGN MALICIOUS MESSAGES." "But we can ASK THE HSM," said Toad. "That is true," said Frog.

16.02.2026 16:04 β€” πŸ‘ 253    πŸ” 36    πŸ’¬ 1    πŸ“Œ 1
Preview
P-Wing The P-Wing is a special item that debuted in Super Mario Bros. 3. The "P" stands for "Paratroopa" or "Patapata". In that game, it enables infinite flight for Raccoon Mario and Tanooki Mario, broadly ...

www.mariowiki.com/P-Wing

16.02.2026 04:01 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

I miss when you could post Brave Norman Rockwell Townsperson and the caption could be, like, β€œR.E.M was wrong to leave β€˜Fretless’ off of Out of Time” instead of β€œThe secret police should stop murdering people.”

15.02.2026 20:56 β€” πŸ‘ 12070    πŸ” 1577    πŸ’¬ 145    πŸ“Œ 59

β€œYou wrote a presentation that the authors of RFC 9794 would criticize” might be the β€œyou wrote some code that the authors of the Linux kernel style guide would criticize” of teaching crypto

13.02.2026 07:33 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

You can really tell someone spent 3 years perfecting this β€œTerminology for Post-Quantum Traditional Hybrid Schemes”

13.02.2026 07:27 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0

> RFC 9794

> β€œThe word "hybrid" is also used in cryptography to describe encryption schemes that combine asymmetric and symmetric algorithms [RFC9180], so using it in the post-quantum context overloads it and risks misunderstandings.”

> Puts the word β€œhybrid” on everything

13.02.2026 07:26 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

I finally reached the end. This was a super good episode and it gave me all the warm fuzzies about my internal reactions to getting started with Ossl3 for PQC.

As a former windows NCrypt provider maintainer, I really thought all my β€œmagic strings to throw at a generic API” was behind me 😭

10.02.2026 22:31 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

6 more weeks of elliptic curve cryptography

03.02.2026 04:47 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

just when I was learning to tolerate the EVP

02.02.2026 04:56 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Me several days ago: β€œwhy do all the ML-DSA signing test vectors have only up to 2 of ( key seeds, hedging randomness, and mu values )”
Me now: β€œok guess I’m sending a PR to Wycheproof

30.01.2026 23:35 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Oh 100%

29.01.2026 03:27 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I should clarify: β€œcorrectly implementing…”

29.01.2026 03:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Implementing a protocol that uses cryptography is harder than designing a protocol that uses cryptography.

Normally I use that to explain to people that they need to minimize excessive complexity in their designs but imagine what designs the team responsible for this code is capable of

29.01.2026 03:00 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

They believe in nothing.

When you determine your views as being the midpoint between two opposing positions, it just shows that you don't hold actual beliefs or principles.

27.01.2026 19:22 β€” πŸ‘ 5    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

You found the logo for non-canonicalized EdDSA public keys

27.01.2026 02:45 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Video thumbnail

Minnesota National Guard members have arrived at a federal building and were directed to distribute donuts, coffee, and hot chocolate to anti-ICE protesters. Guard members were issued reflective vests so they would not be mistaken for federal agents.

25.01.2026 20:55 β€” πŸ‘ 56360    πŸ” 13920    πŸ’¬ 1607    πŸ“Œ 1310

At the end of the day, the Black Lives Matter era was about whether people should be killed in the street, and lots of people decided yeah and put those little blue flags on their cars. It spread to everyone because it stopped for no one.

24.01.2026 16:45 β€” πŸ‘ 20143    πŸ” 6999    πŸ’¬ 80    πŸ“Œ 184
Video thumbnail
24.01.2026 16:01 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Pro tip: never design a policy-measurement scheme like this. It’s so brittle you will never be able to rotate keys. Imagine trying to bridge this system to PQC

24.01.2026 15:51 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

This is why people reflexively dunk on BitLocker. As a product it is stuck on its threat model from the early 2000’s and Microsoft appears uninterested in modernizing it.

But as Swift above, dunking is a bit less warranted in this case because escrow to 1 of N of your other devices is complex

24.01.2026 15:48 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

So if you upgrade firmware and it’s signed by a different key that you already trusted, or the same keys you trusted before but used in a different order, PCR 7 will change and send BitLocker to recovery.

24.01.2026 15:42 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
5. Before launching an EFI Driver or an EFI Boot Application (and regardless of whether the launch is due to the EFI Boot Manager picking an image from the DriverOrder or BootOrder UEFI variables or an already launched image calling the UEFI Loadlmage() function), the UEFI firmware SHALL determine if the entry in the EFI_IMAGE_SECURITY_DATABASE_GUID/EF|_ IMAGE_SECURITY_DATABASE variable that was used to validate the EFI image has previously been measured with the EV_EF_VARIABLE_AUTHORITY event type in PCR[7]. If it has not been, it MUST be measured into PCR[7] as follows. If it has been measured previously, it MUST NOT be measured again. The measurement SHALL occur in conjunction with image load.

5. Before launching an EFI Driver or an EFI Boot Application (and regardless of whether the launch is due to the EFI Boot Manager picking an image from the DriverOrder or BootOrder UEFI variables or an already launched image calling the UEFI Loadlmage() function), the UEFI firmware SHALL determine if the entry in the EFI_IMAGE_SECURITY_DATABASE_GUID/EF|_ IMAGE_SECURITY_DATABASE variable that was used to validate the EFI image has previously been measured with the EV_EF_VARIABLE_AUTHORITY event type in PCR[7]. If it has not been, it MUST be measured into PCR[7] as follows. If it has been measured previously, it MUST NOT be measured again. The measurement SHALL occur in conjunction with image load.

Here is the biggest problem I can see. PCR7 contains DB (authority keys and hashes) already but it gets extended again with each key the first time it gets used.

24.01.2026 15:42 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Bonus lore: PCR7 measurements are badly designed partly at the behest of BitLocker ca. mid-2000’s. That problem cannot now be fixed except by updated standards: trustedcomputinggroup.org/wp-content/u...

24.01.2026 15:42 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

If you or a loved one are worried about the scenario where a corrupt government official is trying to get into your computer, you should disable online backup, print out the recovery keys, and put them in a box labeled β€œThe Epstein Files”

24.01.2026 09:56 β€” πŸ‘ 8    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0

If you’ve ever dug into the disaster that is the design of PCR7 measurements made by UEFI secure boot, you know how common BitLocker recovery has to be.

Microsoft should invest in an Apple-like β€œescrow this key to your other devices” feature but this is a significant effort

24.01.2026 09:48 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0

It is fun and good to dunk on BitLocker not bothering to update their threat models (cf. TPM bus interposition) but Matthew’s thread breaks down how truly difficult Microsoft’s position is here β€” MS cannot serve remote recovery without also being technically able to respond to warrants

24.01.2026 09:43 β€” πŸ‘ 4    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0

I am pleased to report that between HackerNews and Google’s internal β€œLearning on the Loo” program, I am officially published to toilets worldwide

17.01.2026 20:57 β€” πŸ‘ 7    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

@chrisfenner is following 20 prominent accounts