@nadim.computer.bsky.social
Applied cryptographer. Mainly working in the cryptography auditing industry, but sometimes venturing back into academia. Hobbyist puzzle game author. https://nadim.computer
The sad thing about Cryspenβs CEO is that he insists on publicly treating me like a misbehaving child while he copy-pastes the free fixes I keep providing him for critical vulnerability after critical vulnerability and show him that he didnβt even know how to write advisories. So embarrassing.
13.02.2026 12:27 β π 1 π 0 π¬ 0 π 0She loved it π₯°
13.02.2026 08:28 β π 4 π 0 π¬ 0 π 0I canβt drink coffee for a few weeks due to some dental work! How annoying! I love coffee. Luckily I got some caffeine products that I can eat instead. But I miss the taste of coffee!!
Coffee and video game music are my life blood!
Valentineβs Day gift for wife (she got me my current keyboard a few years back/she writes code constantly at her job)
12.02.2026 20:04 β π 15 π 0 π¬ 1 π 0This is a very funny post
12.02.2026 19:52 β π 0 π 0 π¬ 0 π 0It sounds made up.
12.02.2026 19:41 β π 0 π 0 π¬ 0 π 0Explained to someone IRL that my former thesis advisor blocked me on GitHub because I sent PRs for bugs in his crypto libraries (two critical) and called me irresponsible because I didn't tell him about them in private instead. Then he went quiet for a week and then published an evasive blog post
12.02.2026 19:40 β π 3 π 0 π¬ 3 π 0
12.02.2026 19:26 β π 0 π 0 π¬ 0 π 0
Absolutely no mention of the critical nonce reuse vulnerability in Cryspen code that is still in deployed in production in Signal and OpenMLS today. For shame
12.02.2026 19:15 β π 1 π 0 π¬ 1 π 0
For #WomenInScience Day, ATFL recognizes the vital contributions of Lebanese women advancing research, medicine, engineering, and innovation, often in spite of extraordinary national challenges.
12.02.2026 16:06 β π 1 π 1 π¬ 1 π 0One week today since I submitted my five vulnerabilities to Cryspen (with fixes) which include nonce reuse and their PSQ library not being IND-CCA
Still no release with fixes and not a single security advisory
These are libraries that they lobbied for Signal/OpenMLS to adopt.
Going through Verifpal is making me realize how much I've grown since I first started writing it ~6 years ago.
Not only was it written in Go while Rust is obviously the right choice, but its internal design is really inefficient and in many cases just wrong.
I feel ready now to design Verifpal 2.
Pleased to announce that Verifpal finally has Spamton support
12.02.2026 08:11 β π 1 π 1 π¬ 0 π 0
I'm giving a talk soon about my Cryspen findings, in collaboration with @ostifofficial.bsky.social. Happening online, will be live-streamed.
Register here: luma.com/xc4yuezb?tk=...
Here's three-message Signal verifying in 35 seconds, with a (correct) authentication attack on the first message:
11.02.2026 15:39 β π 0 π 0 π¬ 0 π 0Porting Verifpal from Go to Rust would have taken me a month. AI basically gave me a 30x speedup, and the result was clean code, with tests passing, and strong perf.
OK I went through the code and cleaned some stuff up but that's nothing, and AI helped even with cleanup!
I rewrote Verifpal in Rust with all tests passing, IN A SINGLE DAY, with performance matching that of the original Go codebase (years of work).
This was made possible obviously thanks to AI and so now we need to all stop and think where the hell AI is going because this is an insane result.
Should I add a "music mode" to Verifpal that plays select YM2612 chiptune music while analysis is being conducted
11.02.2026 14:57 β π 0 π 0 π¬ 0 π 0Track Rust rewrite progress here: github.com/symbolicsoft...
11.02.2026 14:47 β π 1 π 0 π¬ 1 π 0Verifpal Rust rewrite
11.02.2026 14:43 β π 1 π 0 π¬ 1 π 0Keychron Q3 Pro (gift from wife)
11.02.2026 14:38 β π 1 π 0 π¬ 0 π 0100%. Audioengine HD3. Unbelievable value for money
11.02.2026 14:36 β π 1 π 0 π¬ 1 π 0It's a coincidence
11.02.2026 14:36 β π 0 π 0 π¬ 0 π 0Dual Mac Studios, nice!
11.02.2026 14:35 β π 1 π 0 π¬ 1 π 0Uploaded daytime pics as reply to this post
11.02.2026 13:37 β π 0 π 0 π¬ 0 π 0
My Productivity Zone (Daytime)
11.02.2026 13:36 β π 8 π 0 π¬ 2 π 0- Performance
- Match syntax
- No GC
Abstract. This paper is a Systematization of Knowledge (SoK) on cryptography applied in Multi-Cloud Storage (MCS) schemes. Such techniques distribute and fragment data among multiple cloud providers to strengthen confidentiality, integrity, and availability compared to single-cloud deployments. Over the past decade, many cryptographic mechanisms have been proposed to secure outsourced data. However, the lack of unified framework has led to fragmented terminology, inconsistent trust assumptions, and unclear comparisons between existing protocols. In this SoK, we analyze and classify existing MCS approaches along two complementary dimensions: (i) their architectural trust models, and (ii) the cryptographic primitives they employ to achieve confidentiality, integrity, availability, access control, and auditability. This taxonomy allows us to highlight recurring design patterns, evaluate trade-offs between security and efficiency, and identify redundancies and research gaps. By unifying terminology and mapping the landscape of cryptographic techniques in MCS, this SoK provides both researchers and practitioners a structured foundation to guide future designs and deployments.
Image showing part 2 of abstract.
SoK: On Cryptography for Multi-Cloud Storage (Dayane Horkos, Ludovic Perret) ia.cr/2026/207
11.02.2026 11:04 β π 2 π 1 π¬ 0 π 0![[YM2612+SN76489] A DARK ZONE - DELTARUNE: Chapter 4](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:zpu3zbbixhvl5uvcfq2tlci6/bafkreigkccrog5oyqxvqhzkedw7ngzr5rhpikku67hmoynuqtf2f22xowm@jpeg)
Today's work music
11.02.2026 11:32 β π 0 π 0 π¬ 1 π 0
