Philipp Muens
@muens.io
Cryptography R&D @ primefactor.io • Nerd-snipe me with Lattices, Isogenies, Magmas, etc. • Instant Coffee Connoisseur • Webmaster @ muens.io
Pinned
Philipp Muens
@muens.io
· May 12
Excited to announce Primefactor!
Primefactor is a Research and Development Lab that explores the forefront of cryptographic advancements.
Primefactor is a Research and Development Lab that explores the forefront of cryptographic advancements.
Very interesting talk when it comes to the SotA of Quantum Computing: www.youtube.com/watch?v=OkVY...
DEF CON 33 - Post Quantum Panic: When Will the Cracking Begin, & Can We Detect it? - K Karagiannis
YouTube video by DEFCONConference
www.youtube.com
October 25, 2025 at 11:28 AM
Very interesting talk when it comes to the SotA of Quantum Computing: www.youtube.com/watch?v=OkVY...
Great to see some progress towards a Two-Round ECDSA Threshold Signature Scheme: eprint.iacr.org/2025/1696
Threshold ECDSA in Two Rounds
We propose the first two-round multi-party signing protocol for the Elliptic Curve Digital Signature Algorithm (ECDSA) in the threshold-optimal setting, reducing the number of rounds by one compared t...
eprint.iacr.org
September 22, 2025 at 7:44 AM
Great to see some progress towards a Two-Round ECDSA Threshold Signature Scheme: eprint.iacr.org/2025/1696
This is an interesting paper that allows for a context to be added to Threshold Decryptions: eprint.iacr.org/2025/279
Context-Dependent Threshold Decryption and its Applications
In a threshold decryption system a secret key is split across a number of
parties so that any threshold of them can decrypt a given ciphertext.
We introduce a new concept in threshold decryption call...
eprint.iacr.org
September 11, 2025 at 8:09 AM
This is an interesting paper that allows for a context to be added to Threshold Decryptions: eprint.iacr.org/2025/279
Excited to share my implementation of the paper "Verifiable Timed Signatures Made Practical" by Thyagarajan et al.
More specifically I implemented the Verifiable Timed Commitment scheme described in section E.
More specifically I implemented the Verifiable Timed Commitment scheme described in section E.
August 14, 2025 at 7:51 AM
Excited to share my implementation of the paper "Verifiable Timed Signatures Made Practical" by Thyagarajan et al.
More specifically I implemented the Verifiable Timed Commitment scheme described in section E.
More specifically I implemented the Verifiable Timed Commitment scheme described in section E.
This is a really interesting FHE paper in which BGV is used to build an ALU to do arithmetic as well as logical operations on messages in Z_2^n (e.g. 64 bit machine words).
eprint.iacr.org/2025/1449
eprint.iacr.org/2025/1449
REFHE: Fully Homomorphic ALU
We present a fully homomorphic encryption scheme which natively supports arithmetic and logical operations over large "machine words", namely plaintexts of the form $\mathbb{Z}_{2^n}$ (e.g. $n=64$). O...
eprint.iacr.org
August 13, 2025 at 2:59 PM
This is a really interesting FHE paper in which BGV is used to build an ALU to do arithmetic as well as logical operations on messages in Z_2^n (e.g. 64 bit machine words).
eprint.iacr.org/2025/1449
eprint.iacr.org/2025/1449
Currently deep down the rabbit hole to finish my implementation of "Verifiable Timed Signatures Made Practical"
eprint.iacr.org/2020/1563
While doing so I had to update my LHTLP implementation.
It now features a range proof and new homomorphic operations: github.com/primefactor-...
eprint.iacr.org/2020/1563
While doing so I had to update my LHTLP implementation.
It now features a range proof and new homomorphic operations: github.com/primefactor-...
Verifiable Timed Signatures Made Practical
A verifiable timed signature (VTS) scheme allows one to time-lock a signature on a known message for a given amount of time $T$ such that after performing a sequential computation for time $T$ anyone ...
eprint.iacr.org
August 12, 2025 at 10:43 AM
Currently deep down the rabbit hole to finish my implementation of "Verifiable Timed Signatures Made Practical"
eprint.iacr.org/2020/1563
While doing so I had to update my LHTLP implementation.
It now features a range proof and new homomorphic operations: github.com/primefactor-...
eprint.iacr.org/2020/1563
While doing so I had to update my LHTLP implementation.
It now features a range proof and new homomorphic operations: github.com/primefactor-...
ZKSecurity just dropped this truly awesome PlonK tutorial: plonk.zksecurity.xyz
How to 𝒫𝔩𝔬𝔫𝒦
Interactive 𝒫𝔩𝔬𝔫𝒦 Zero-Knowledge Proof Tutorial
plonk.zksecurity.xyz
August 6, 2025 at 12:40 PM
ZKSecurity just dropped this truly awesome PlonK tutorial: plonk.zksecurity.xyz
This is an interesting read on how EdDSA's hash-based key derivation (RFC 8032) can be used to compute PQ-ZKPs for private key ownership proofs: eprint.iacr.org/2025/1368
This is good news as it allows for an easier transition towards Post Quantum secure cryptocurrencies.
This is good news as it allows for an easier transition towards Post Quantum secure cryptocurrencies.
Post-Quantum Readiness in EdDSA Chains
The impending threat posed by large-scale quantum computers necessitates a reevaluation of signature schemes deployed in blockchain protocols. In particular, blockchains relying on ECDSA, such as Bitc...
eprint.iacr.org
July 29, 2025 at 6:29 AM
This is an interesting read on how EdDSA's hash-based key derivation (RFC 8032) can be used to compute PQ-ZKPs for private key ownership proofs: eprint.iacr.org/2025/1368
This is good news as it allows for an easier transition towards Post Quantum secure cryptocurrencies.
This is good news as it allows for an easier transition towards Post Quantum secure cryptocurrencies.
Ingonyama just published the first three lessons of their "Foundations of High-Speed Cryptography" course 👀
www.ingonyama.com/foundations-...
www.ingonyama.com/foundations-...
Foundations of High-Speed Cryptography Course
Start with a gentle introduction to core cryptographic primitives, explore the basics of hardware acceleration, and then apply them to build optimized systems with ICICLE.
www.ingonyama.com
July 23, 2025 at 6:33 AM
Ingonyama just published the first three lessons of their "Foundations of High-Speed Cryptography" course 👀
www.ingonyama.com/foundations-...
www.ingonyama.com/foundations-...
This paper looks really interesting:
eprint.iacr.org/2025/770
ZKPs for (F)HE Schemes based on Ring-LWE.
FHE + ZKPs are a dream combo.
eprint.iacr.org/2025/770
ZKPs for (F)HE Schemes based on Ring-LWE.
FHE + ZKPs are a dream combo.
ZHE: Efficient Zero-Knowledge Proofs for HE Evaluations
Homomorphic Encryption (HE) allows computations on encrypted data without decryption. It can be used where the users’ information are to be processed by an untrustful server, and has been a popular ch...
eprint.iacr.org
July 18, 2025 at 6:05 AM
This paper looks really interesting:
eprint.iacr.org/2025/770
ZKPs for (F)HE Schemes based on Ring-LWE.
FHE + ZKPs are a dream combo.
eprint.iacr.org/2025/770
ZKPs for (F)HE Schemes based on Ring-LWE.
FHE + ZKPs are a dream combo.
The recording of the Diamond iO talk by the Machina iO team that was held during the Simon Institute's "Obfuscation" workshop was just uploaded: www.youtube.com/watch?v=1RcK...
Diamond iO: Lattice-Based Obfuscation without Bootstrapping from Functional Encryption, toward...
YouTube video by Simons Institute
www.youtube.com
July 9, 2025 at 2:07 PM
The recording of the Diamond iO talk by the Machina iO team that was held during the Simon Institute's "Obfuscation" workshop was just uploaded: www.youtube.com/watch?v=1RcK...
This is a great paper that explains how to obtain indistinguishability obfuscation (iO) via recursive Functional Encryption: piazza.com/class_profil...
It's basically a simplified version of the [BV15] paper: eprint.iacr.org/2015/163
It's basically a simplified version of the [BV15] paper: eprint.iacr.org/2015/163
piazza.com
July 4, 2025 at 8:29 AM
This is a great paper that explains how to obtain indistinguishability obfuscation (iO) via recursive Functional Encryption: piazza.com/class_profil...
It's basically a simplified version of the [BV15] paper: eprint.iacr.org/2015/163
It's basically a simplified version of the [BV15] paper: eprint.iacr.org/2015/163
The Machina iO Team just published a blog post which serves as a great introduction to indistinguishability obfuscation (iO): machina-io.com/posts/unboxi...
Machina iO - Blog Post
machina-io.com
July 2, 2025 at 9:12 AM
The Machina iO Team just published a blog post which serves as a great introduction to indistinguishability obfuscation (iO): machina-io.com/posts/unboxi...
Reposted by Philipp Muens
Coinbase MPC wallet library presentation at EthCC m.youtube.com/live/ppeyz_J...
Yehuda Lindell (Coinbase)_Coinbase's cb-mpc Open-Source Library
YouTube video by [EthCC] Livestream 4
m.youtube.com
July 1, 2025 at 7:43 PM
Coinbase MPC wallet library presentation at EthCC m.youtube.com/live/ppeyz_J...
Interesting read about Google’s recent "longfellow-zk" implementation: news.dyne.org/longfellow-z...
The Longfellow ZK (Google-zk)
Analysis of the longfellow-zk implementation, also known as google-zk, for MDOC/mdl selective disclosure of verifable credentials.
news.dyne.org
June 30, 2025 at 12:00 PM
Interesting read about Google’s recent "longfellow-zk" implementation: news.dyne.org/longfellow-z...
What a great episode with the legend Ralph Merkle.
I came for the Cryptography and stayed for the insights into Cryonics and general life lessons.
www.youtube.com/watch?v=90py...
As I wrote before, the Podcast by @billatnapier.bsky.social is an absolute gem if you're interested in Cryptography.
I came for the Cryptography and stayed for the insights into Cryonics and general life lessons.
www.youtube.com/watch?v=90py...
As I wrote before, the Podcast by @billatnapier.bsky.social is an absolute gem if you're interested in Cryptography.
World-leaders in Cryptography: Ralph Merkle
YouTube video by Bill Buchanan OBE
www.youtube.com
June 27, 2025 at 2:29 PM
What a great episode with the legend Ralph Merkle.
I came for the Cryptography and stayed for the insights into Cryonics and general life lessons.
www.youtube.com/watch?v=90py...
As I wrote before, the Podcast by @billatnapier.bsky.social is an absolute gem if you're interested in Cryptography.
I came for the Cryptography and stayed for the insights into Cryonics and general life lessons.
www.youtube.com/watch?v=90py...
As I wrote before, the Podcast by @billatnapier.bsky.social is an absolute gem if you're interested in Cryptography.
Turns out there's currently an ongoing "Obfuscation" Workshop / Symposia hosted by the Simons Institute!
simons.berkeley.edu/workshops/ob...
They just uploaded the "Expedition to Obfustopia" video by Rachel Lin which IMHO is the best overview of the SoTA of iO: www.youtube.com/watch?v=2PRU...
simons.berkeley.edu/workshops/ob...
They just uploaded the "Expedition to Obfustopia" video by Rachel Lin which IMHO is the best overview of the SoTA of iO: www.youtube.com/watch?v=2PRU...
June 27, 2025 at 9:05 AM
Turns out there's currently an ongoing "Obfuscation" Workshop / Symposia hosted by the Simons Institute!
simons.berkeley.edu/workshops/ob...
They just uploaded the "Expedition to Obfustopia" video by Rachel Lin which IMHO is the best overview of the SoTA of iO: www.youtube.com/watch?v=2PRU...
simons.berkeley.edu/workshops/ob...
They just uploaded the "Expedition to Obfustopia" video by Rachel Lin which IMHO is the best overview of the SoTA of iO: www.youtube.com/watch?v=2PRU...
Got a first e2e implementation of a WebGPU Compute Shader up and running.
It's written in Zig and uses WebGPU via the Dawn project so I can run it on my MacBook's M1 GPU.
It's written in Zig and uses WebGPU via the Dawn project so I can run it on my MacBook's M1 GPU.
June 26, 2025 at 12:47 PM
Got a first e2e implementation of a WebGPU Compute Shader up and running.
It's written in Zig and uses WebGPU via the Dawn project so I can run it on my MacBook's M1 GPU.
It's written in Zig and uses WebGPU via the Dawn project so I can run it on my MacBook's M1 GPU.
Been working hard to make my MacBook's M1 GPU Go Brr and run NTT on it.
~200 lines of Zig later and I got most of the basic plumbing done.
Not sure if the headache comes from my new glasses or the WebGPU API 😅
~200 lines of Zig later and I got most of the basic plumbing done.
Not sure if the headache comes from my new glasses or the WebGPU API 😅
June 25, 2025 at 1:43 PM
Been working hard to make my MacBook's M1 GPU Go Brr and run NTT on it.
~200 lines of Zig later and I got most of the basic plumbing done.
Not sure if the headache comes from my new glasses or the WebGPU API 😅
~200 lines of Zig later and I got most of the basic plumbing done.
Not sure if the headache comes from my new glasses or the WebGPU API 😅
For anyone interested in learning more about Indistinguishability Obfuscation (iO) I highly recommend watching this talk by Amit Sahai: mediaspace.illinois.edu/media/t/1_ur...
I scoured the internet for a good introduction to the topic and this is the best talk so far IMHO.
I scoured the internet for a good introduction to the topic and this is the best talk so far IMHO.
DLS - Amit Sahai, "The Mathematics of Hiding Secrets in Software"
Abstract:At least since the initial public proposal of public-key cryptography based on computational hardness conjectures (Diffie and Hellman, 1976), cryptographers have contemplated the possibility ...
mediaspace.illinois.edu
June 25, 2025 at 6:40 AM
For anyone interested in learning more about Indistinguishability Obfuscation (iO) I highly recommend watching this talk by Amit Sahai: mediaspace.illinois.edu/media/t/1_ur...
I scoured the internet for a good introduction to the topic and this is the best talk so far IMHO.
I scoured the internet for a good introduction to the topic and this is the best talk so far IMHO.
Nice website that lists MPC Deployments alongside a short writeup and additional resources to dive deeper into the respective deployment: mpc.cs.berkeley.edu
MPC Deployments
mpc.cs.berkeley.edu
June 24, 2025 at 8:24 AM
Nice website that lists MPC Deployments alongside a short writeup and additional resources to dive deeper into the respective deployment: mpc.cs.berkeley.edu
Just optimized the NTT / FFT implementation and removed the allocator so that ZERO heap allocations are now performed.
This works because the degree of the cyclotomic polynomial / FFT vector length is a parameter (denoted as n) that's agreed upon in advance (i.e. not dynamic).
This works because the degree of the cyclotomic polynomial / FFT vector length is a parameter (denoted as n) that's agreed upon in advance (i.e. not dynamic).
June 23, 2025 at 9:46 AM
Just optimized the NTT / FFT implementation and removed the allocator so that ZERO heap allocations are now performed.
This works because the degree of the cyclotomic polynomial / FFT vector length is a parameter (denoted as n) that's agreed upon in advance (i.e. not dynamic).
This works because the degree of the cyclotomic polynomial / FFT vector length is a parameter (denoted as n) that's agreed upon in advance (i.e. not dynamic).
Good overview with real-world uses of Differential Privacy: desfontain.es/blog/real-wo...
The same author also wrote a nice intro to Differential Privacy: desfontain.es/blog/friendl...
The same author also wrote a nice intro to Differential Privacy: desfontain.es/blog/friendl...
A list of real-world uses of differential privacy - Ted is writing things
A list of practical deployments of differential privacy, along with their privacy parameters.
desfontain.es
June 22, 2025 at 10:38 AM
Good overview with real-world uses of Differential Privacy: desfontain.es/blog/real-wo...
The same author also wrote a nice intro to Differential Privacy: desfontain.es/blog/friendl...
The same author also wrote a nice intro to Differential Privacy: desfontain.es/blog/friendl...
Excited to dive into this new iO paper.
Another interesting construction is "Diamond iO" from the PSE Team: eprint.iacr.org/2025/236
Another interesting construction is "Diamond iO" from the PSE Team: eprint.iacr.org/2025/236
June 17, 2025 at 4:51 AM
Excited to dive into this new iO paper.
Another interesting construction is "Diamond iO" from the PSE Team: eprint.iacr.org/2025/236
Another interesting construction is "Diamond iO" from the PSE Team: eprint.iacr.org/2025/236
Really important effort.
Consider donating or becoming a member if you care about privacy and the future of the internet in general.
Consider donating or becoming a member if you care about privacy and the future of the internet in general.
Did you know EFF has had a top 4-star rating on Charity Navigator for twelve years? We're committed to being transparent, and ensuring we make the most out of your donation.
35 Years for Privacy, Free Speech, and a Brighter Future
Through July 10, new monthly or annual Sustaining Donors get an EFF35 Challenge Coin! With your help, EFF is here to stay.
eff.org
June 14, 2025 at 6:07 AM
Really important effort.
Consider donating or becoming a member if you care about privacy and the future of the internet in general.
Consider donating or becoming a member if you care about privacy and the future of the internet in general.