I finally reached the end. This was a super good episode and it gave me all the warm fuzzies about my internal reactions to getting started with Ossl3 for PQC.
As a former windows NCrypt provider maintainer, I really thought all my “magic strings to throw at a generic API” was behind me 😭
10.02.2026 22:31 — 👍 3 🔁 1 💬 0 📌 0
YouTube video by Security Cryptography Whatever
Python Cryptography Breaks Up with OpenSSL with Paul Kehrer and Alex Gaynor
www.youtube.com/watch?v=dEKB...
02.02.2026 22:37 — 👍 2 🔁 0 💬 0 📌 0
www.youtube.com/watch?v=dEKB...
02.02.2026 22:37 — 👍 4 🔁 2 💬 0 📌 1
only the best things
02.02.2026 22:36 — 👍 1 🔁 0 💬 0 📌 0
dunno! been nearly a year
02.02.2026 22:36 — 👍 1 🔁 0 💬 1 📌 0
YouTube video by Security Cryptography Whatever
Python Cryptography Breaks Up with OpenSSL with Paul Kehrer and Alex Gaynor
www.youtube.com/watch?v=dEKB...
02.02.2026 22:05 — 👍 0 🔁 0 💬 0 📌 0
obviously you have to do a string compare to load a nonce key in openssl 3
02.02.2026 21:55 — 👍 6 🔁 1 💬 1 📌 0
YouTube video by Security Cryptography Whatever
Python Cryptography Breaks Up with OpenSSL with Paul Kehrer and Alex Gaynor
NEW EPISODE!
The maintainers of py/cryptography declared that after many years of trying to make it work, they would be moving away from OpenSSL when supporting new functionality and exploring adding other backends:
securitycryptographywhatever.com/2026/02/01/p...
www.youtube.com/watch?v=dEKB...
02.02.2026 04:52 — 👍 19 🔁 5 💬 5 📌 2
Just recorded the premiere episode of Season VIII of Security Cryptography & W/evs, this time with Alex Gaynor and Paul Kehrer, who have a momentous announcement about pyca/cryptography and OpenSSL.
28.01.2026 03:37 — 👍 24 🔁 3 💬 1 📌 1
Threshold decryption.... I struggled with that one and still do. Obviously it's a point of fragility to allow one lost share to cancel the election. But true DKG with parties spread across the world is also not obviously easy to implement.
31.12.2025 14:29 — 👍 1 🔁 1 💬 0 📌 0
Yes, it's finite fields, in large part because implementing over elliptic curves, especially with proper hashing for NIZKs, was more complexity than I could handle. Would likely make sense to upgrade to EC at some point but also probably not a huge priority? Happy to hear counter arguments!
31.12.2025 14:29 — 👍 1 🔁 1 💬 1 📌 0
Yes, Helios definitely uses NIZKs to prove proper ballot form. Implemented in 2008 browser JavaScript, which was a fun challenge.
31.12.2025 14:29 — 👍 1 🔁 1 💬 1 📌 0
I abandoned mixnets in Helios v2+ in favor of homomorphic aggregation because of the operational complexity of mixnets.
Explained in the 2009 paper:
csrc.nist.gov/csrc/media/e...
31.12.2025 14:29 — 👍 1 🔁 1 💬 1 📌 0
aww 💜
31.12.2025 14:43 — 👍 1 🔁 0 💬 0 📌 0
Final SCW of 2025! We had Matt Bernhard on to talk about cryptographic voting systems, in the wake of the IACR election. (Everybody I voted for in the new election won! Woo!)
31.12.2025 05:10 — 👍 9 🔁 3 💬 0 📌 0
@scwpod.bsky.social did the impossible and converted me to a podcast gxrlie
04.12.2025 16:27 — 👍 2 🔁 1 💬 0 📌 0
The IACR Can
The International Association of Cryptologic Research (IACR) held their regular election using secure voting software called Helios…and lost the keys to decr...
NEW EPISODE!
The IACR lost the keys to decrypt their encrypted election results. We welcome Matt Bernhard who works on secure voting systems to explain which Helios bits are homomorphically additive or not and more:
securitycryptographywhatever.com/2025/12/30/i...
www.youtube.com/watch?v=euw_...
31.12.2025 02:15 — 👍 12 🔁 3 💬 1 📌 2
💀
31.10.2025 05:49 — 👍 0 🔁 0 💬 0 📌 0
YouTube video by Security Cryptography Whatever
Apple’s Memory Integrity Enforcement
NEW EPISODE!
Apple did a new security thing for their latest phones with memory integrity enforcement, we did a deep a dive as we could given that we couldn't get anyone from Apple to come on our podcast 😭
podcasts.apple.com/us/podcast/a...
open.spotify.com/episode/0DhC...
youtu.be/9FJwOI2PliU
31.10.2025 05:28 — 👍 13 🔁 3 💬 3 📌 0
yw
23.08.2025 13:41 — 👍 6 🔁 0 💬 0 📌 0
Chapter view of a podcast app showing chapters named “pgp for encrypted email”, “fcking metadata”, “m-m-m-metadata”, “SMTP m-m-m-metadata”, and “dkim, spam”
I have just today discovered that podcasts can be chapterised, and that apparently @scwpod.bsky.social is painstakingly broken into chapters with often-joke names
23.08.2025 11:35 — 👍 3 🔁 1 💬 0 📌 1
Come for the PGP dunks, stay for the broader discussion of why encrypted email doesn’t make sense
23.08.2025 03:08 — 👍 13 🔁 8 💬 1 📌 0
YouTube video by Security Cryptography Whatever
Stop Using Encrypted Email with William Woodruff
NEW EPISODE!
An OpenPGP.js bug gave us an excuse to tear encrypted email via PGP to shreds. William Woodruff joined us to explain the vuln & indulge our gnashing of teeth on why email was never meant to be encrypted:
securitycryptographywhatever.com/2025/08/22/s...
www.youtube.com/watch?v=IoL3...
23.08.2025 03:01 — 👍 22 🔁 12 💬 2 📌 3
The first part of this interview with my ex-colleague Alex is a great listen if you're a software engineer (or otherwise technical) and are interested in what we were working on as technologists at the Federal Trade Commission.
17.08.2025 16:03 — 👍 3 🔁 2 💬 0 📌 0
YouTube video by Security Cryptography Whatever
Alex Gaynor
NEW EPISODE!
We chat with friend of the pod and special guest Alex Gaynor, former deputy chief technologist at the FTC and all around good Security Person™. Join for nerdery about WebAuthn, stay for accidentally melting down GitHub APIs around November 2020!
youtu.be/gBoGvyvsSi4
16.08.2025 22:29 — 👍 4 🔁 1 💬 0 📌 2
First round of invites going out tonight!
31.07.2025 02:41 — 👍 0 🔁 0 💬 0 📌 0
YouTube video by Security Cryptography Whatever
Vegas, Baby!
New episode! Come to SCWPodCon, sponsored by Teleport! www.youtube.com/watch?v=tbnh...
29.07.2025 12:59 — 👍 0 🔁 3 💬 1 📌 0
