@lambda.bsky.social
Computer Security Researcher @ Cambridge (https://www.danielhugenroth.com) and Co-Founder @ Light Squares (https://www.lightsquares.dev)
And if you are interested in more Rust details π¦, I'll be giving a deep-dive into some more Rust details in the evening (also Wednesday, 12th Nov) at the Cambridge Rust Meetup: www.meetup.com/cambridge-ru...
10.11.2025 13:59 β π 1 π 0 π¬ 0 π 0@arberesford.bsky.social and I are giving a talk on deploying secure whistleblower technology in practice this Wednesday (12th Nov) at the @cst.cam.ac.uk in Cambridge (3pm)βcovering the five year journey of CoverDrop. π Join us online or in-person: www.cst.cam.ac.uk/seminars/lis...
10.11.2025 13:59 β π 3 π 0 π¬ 1 π 0
The 2020 SolarWind accident was one of the big cases where a compromised build environment lead to a far-spreading (and hard-to-detect) cyber incident. The Guardian just published a great article with the SolarWind CISO revisiting the events five years later: www.theguardian.com/technology/2...
24.10.2025 08:10 β π 0 π 0 π¬ 0 π 0The extended paper is available here as open-access: www.cl.cam.ac.uk/techreports/...
24.10.2025 08:10 β π 0 π 0 π¬ 1 π 0
The picture shows Mario and Daniel presenting the last slide of their presentation at ACM CCS 2025 in Taipei. The text on the slide reads: A-Bs provide source-to-binary provenance using TEEs and sandboxing; complements Reproducible Builds and both can be combined in an any-trust model; practical evaluation (see our GitHub) and formal verification using Tamarin.
How to trust that the binaries that we deploy are truthfully built from the correct source code? π€
Just back from ACM CCS '25 π where we presented Attestable Builds as a solution to this challenge. It complements Reproducible Builds and uses TEEs as a trust anchor. With @coderlime.bsky.social
The picture shows a smartphone and the imprint of a newspaper. The smartphone displays a screen from the SecureMessaging feature showing a key digest. The newspaper imprint shows the same digest. The digest consists of a number of randomly-looking letters and digits.
One of my favourite CoverDrop details: out-of-band verification of the trusted organization key which signs the entire key hierarchy. Its digest is included in the imprint of every printed Guardian newspaper, removing the need to trust CAs πποΈ more details: www.coverdrop.org
29.07.2025 10:45 β π 62 π 29 π¬ 1 π 5Audits of AI/ML systems while protecting model IP and keeping the audit data confidential π€«
@inxoy.bsky.social is at the ICML TAIG workshop today, presenting our work on Attestable Audits: arxiv.org/html/2506.23... with Bill Marino and @arberesford.bsky.social
Super excited that Jenny is presenting our new paper on "Web Authentication and Recovery in the Age of E2EE" at PETS today! ππ
Tons of interesting insights for a world in which we are moving away from passwords, and E2EE data becomes more long-term and critical. petsymposium.org/popets/2025/...
β©οΈ Back-link to the launch post: bsky.app/profile/lamb...
27.06.2025 14:01 β π 0 π 0 π¬ 0 π 0There are a lot of insights in both the original PETS paper (petsymposium.org/2022/files/p...) and Diana's PhD thesis (www.repository.cam.ac.uk/items/ec87dd...).
27.06.2025 13:58 β π 1 π 0 π¬ 1 π 0CoverDrop involved users from the very beginningβavoiding the βsolution looking for problemβ trap. Big shout out to @mansoor.bsky.social , Diana, and @arberesford.bsky.social for getting this right from the very beginning by running two very insightful workshops with journalists and engineers.
27.06.2025 13:58 β π 4 π 0 π¬ 1 π 0And if you like to learn more about the CoverDrop research behind SecureMessaging: www.coverdrop.org
20.06.2025 09:50 β π 0 π 0 π¬ 0 π 0This announcement really should have our lead Rustaceans @itsibitzi.dev and @zekehg.bsky.social on top π¦! CoverDrop's implementation journey has been demonstrating the immense strengths that lie in Rust's type system and the mature tool chain. Looking forward to all the talk in September!
20.06.2025 09:50 β π 3 π 0 π¬ 1 π 0
The Guardian appβs own data flows make leaks indistinguishable from regular traffic β cutting off one of the easiest ways for a repressive government or a corporate boss to identify a leaker. www.niemanlab.org/2025/06/the-...
09.06.2025 21:58 β π 46 π 23 π¬ 1 π 0
Yes, the full CoverDrop system is open-source, we had an OTF-sponsored audit, and we have shared the design early with other researchers for feedback. github.com/guardian/cov...
09.06.2025 15:03 β π 2 π 0 π¬ 1 π 0
Congratulations @lambda.bsky.social! Today @theguardian.com is launching a new way for whistleblowers to anonymously contact journalists, based on years-long research by Daniel and other colleagues. www.theguardian.com/gnm-press-of...
09.06.2025 12:29 β π 399 π 152 π¬ 1 π 17Thank you so much @martin.kleppmann.com for all your help, guidance, and feedback during this project! Especially with the tricky bits around key rotation and concurrency. And glad that we were able to distill some insights from the production world already into our P79 course.
09.06.2025 13:05 β π 13 π 0 π¬ 0 π 0Thereβs a lot more to say, and Iβll highlight some aspects that Iβm particularly excited about over the next few weeks.
09.06.2025 13:02 β π 3 π 0 π¬ 0 π 0Our CoverDrop white paper has a lot more technical details and we are immensely grateful to everyone who have provided us with valuable feedback throughout this project: www.cl.cam.ac.uk/techreports/...
09.06.2025 13:02 β π 3 π 0 π¬ 2 π 0
The university team has prepared a lilβ announcement as well: www.cam.ac.uk/research/new...
09.06.2025 13:02 β π 2 π 0 π¬ 1 π 0
The launch article by Katharine Viner provides a great overview on how CoverDrop works, our collaboration with The Guardian, and why this system is so important: www.theguardian.com/membership/2...
09.06.2025 13:02 β π 2 π 1 π¬ 1 π 0We launched CoverDrop π providing sources with a secure and anonymous way to talk to journalists. Having started five years ago as a PhD research project, this now ships within the Guardian app to millions of usersβall of which provide cover traffic. Paper, code, and more info: www.coverdrop.org
09.06.2025 13:00 β π 59 π 20 π¬ 1 π 1GitHub repo here: github.com/lambdapionee...
28.04.2025 16:14 β π 1 π 0 π¬ 0 π 0PETS paper here: petsymposium.org/popets/2024/...
28.04.2025 16:14 β π 0 π 0 π¬ 1 π 0
Panorama of Linz
Greatly enjoyed talking at JKU Linz about our Sloth π¦₯ library which uses Secure Enclaves (SEs) for key stretching and deniable encryption. Importantly, it works around Android/iOS API limitations and, therefore, Sloth is available to regular apps on most smartphones without modifications.
28.04.2025 16:13 β π 0 π 0 π¬ 1 π 0The final slides are online now: bsky.app/profile/lamb...
07.04.2025 15:17 β π 3 π 1 π¬ 2 π 0It's done! The final lecture slides and notes for "P79 Cryptography and Protocol Engineering" are now online: www.cl.cam.ac.uk/teaching/242... π. This is the first time that @martin.kleppmann.com and I have done this courseβwe very much welcome feedback, corrections, and suggestions for next time
07.04.2025 15:15 β π 28 π 5 π¬ 2 π 1The slides are updated as-we-go on the course website: www.cl.cam.ac.uk/teaching/242... Currently, the highlight are the great X25519/Ed25519 slides by Martin. Content should be complete by begin of March :)
17.02.2025 09:53 β π 1 π 0 π¬ 0 π 0The lectures are not recorded, but we will upload the slides and lecture notes online. There will be another post when the full set becomes available.
29.01.2025 16:03 β π 4 π 0 π¬ 1 π 0We believe that simply preaching "Don't roll your own crypto" does not cut it anymoreβthe next generation of engineers and researchers needs to be able to critically evaluate available implementations and competently navigate risks and trade-offs.
29.01.2025 13:24 β π 6 π 0 π¬ 0 π 0
