Dennis Jackson's Avatar

Dennis Jackson

@dennisjackson.bsky.social

Cryptography @ Mozilla

149 Followers  |  108 Following  |  2 Posts  |  Joined: 05.12.2023
Posts Following

Posts by Dennis Jackson (@dennisjackson.bsky.social)

We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe. signal.org/blog/pdfs/ge...

03.10.2025 16:14 β€” πŸ‘ 3974    πŸ” 2407    πŸ’¬ 40    πŸ“Œ 140

The EU Parliament has published a new proposal for Chat Control to mass-surveil all digital communication in Europe. The proposal is ineffective, weakens secure communication, and violates basic human privacy. This must be stopped immediately. #ChatControl
csa-scientist-open-letter.org/Sep2025

09.09.2025 11:11 β€” πŸ‘ 23    πŸ” 14    πŸ’¬ 1    πŸ“Œ 2
IETF 123: Crypto Forum (CFRG) 2025-07-24 15:00
YouTube video by IETF - Internet Engineering Task Force IETF 123: Crypto Forum (CFRG) 2025-07-24 15:00

Yesterday, @cathie.bsky.social gave a great talk at @ietf.org 123 on the importance of standardizing Sigma protocols and our ongoing work toward a standard for zero-knowledge proofs! You can watch the talk here:

26.07.2025 03:30 β€” πŸ‘ 7    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

New paper(!) on the "clubcard" data structure that we're using for WebPKI revocation checks in Firefox.

A clubcard is a membership test for an r element subset of an n element set. Size is ~1.13 log(n choose r) bits. Or (better!) ~1.13 Ξ£ log(n_i choose r_i) where i indexes blocks of a partition.

08.04.2025 18:46 β€” πŸ‘ 6    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0

Ooooh this is an excellent application of Privacy Pass, the anonymous credential scheme we originally designed to ameliorate the pain of Cloudflare CAPTCHAs on Tor.

Authenticate with a paid account to obtain tokens, then anonymously redeem them to make unlinkable searches.

13.02.2025 21:17 β€” πŸ‘ 73    πŸ” 10    πŸ’¬ 2    πŸ“Œ 0

np, it's a horribly convoluted bill.

13.02.2025 12:56 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Investigatory Powers Act 2016 An Act to make provision about the interception of communications, equipment interference and the acquisition and retention of communications data, bulk personal datasets and other information; to mak...

255. (8) A person to whom a relevant notice is given, or any person employed or engaged for the purposes of that person's business, must not disclose the existence or contents of the notice to any other person without the permission of the Secretary of State.

www.legislation.gov.uk/ukpga/2016/2...

13.02.2025 12:33 β€” πŸ‘ 5    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
U.K. orders Apple to let it spy on users’ encrypted accounts Secret order requires blanket access to protected cloud backups around the world, which if implemented would undermine Apple’s privacy pledge to its users.

Crap crap crap. www.washingtonpost.com/technology/2...

07.02.2025 12:08 β€” πŸ‘ 309    πŸ” 131    πŸ’¬ 17    πŸ“Œ 18
Standardization of Additional Digital Signature Schemes - Post-Quantum Cryptography: Additional Digital Signature Schemes | CSRC | CSRC Call for Additional Digital Signature Schemes for the Post-Quantum Cryptography Standardization ProcessΒ (PDF) Closed June 1, 2023 The Round 2 candidates were announced October 24, 2024. NIST IR 8528...

NIST released a draft of a non-binding document (IR 8547 ipd) saying they plan to disallow non-PQC in 2035.

2035 is ten years from now, there's no need to rush anything right now.

csrc.nist.gov/Projects/pqc... is still running and large ecosystems are still figuring out what/how to deploy.

24.11.2024 15:02 β€” πŸ‘ 63    πŸ” 23    πŸ’¬ 4    πŸ“Œ 1