Sylvain
@ipolit.bsky.social
Reposted by Sylvain
The accepted talks for Real World Crypto 2026 are now online: rwc.iacr.org/2026/accepte...
Thanks to everyone who submitted, and we look forward to the discussions at the symposium.
Thanks to everyone who submitted, and we look forward to the discussions at the symposium.
RWC 2026 accepted papers
Real World Crypto Symposium
rwc.iacr.org
December 19, 2025 at 7:04 PM
The accepted talks for Real World Crypto 2026 are now online: rwc.iacr.org/2026/accepte...
Thanks to everyone who submitted, and we look forward to the discussions at the symposium.
Thanks to everyone who submitted, and we look forward to the discussions at the symposium.
Reposted by Sylvain
December 13, 2025 at 9:35 AM
Reposted by Sylvain
in 5 years bfswa.substack.com/p/when-will-...
When will quantum break crypto? the answer will shock you
And other crypto-prophecies.
bfswa.substack.com
November 24, 2025 at 11:52 AM
in 5 years bfswa.substack.com/p/when-will-...
Reposted by Sylvain
Keys are hard. www.nytimes.com/2025/11/21/w...
Cryptographers Held an Election. They Can’t Decrypt the Results.
www.nytimes.com
November 22, 2025 at 2:07 AM
Keys are hard. www.nytimes.com/2025/11/21/w...
Reposted by Sylvain
Started a Substack. Subscribe for more crypto investment advice.
bfswa.substack.com/p/quantum-co...
bfswa.substack.com/p/quantum-co...
Quantum computers will not steal your bitcoins, even if they can
The quantum gravity principle
bfswa.substack.com
November 13, 2025 at 8:27 AM
Started a Substack. Subscribe for more crypto investment advice.
bfswa.substack.com/p/quantum-co...
bfswa.substack.com/p/quantum-co...
Reposted by Sylvain
I use USB daily but I have no idea how it works 🤔
USB 2 vs USB 3, USB-A vs USB-C, the PD standard… this talk is full of interesting details 💎
And now I even understand why my USB-C power bank doesn’t work with *this* cable unless flipped 🙃
media.ccc.de/v/why2025-25...
USB 2 vs USB 3, USB-A vs USB-C, the PD standard… this talk is full of interesting details 💎
And now I even understand why my USB-C power bank doesn’t work with *this* cable unless flipped 🙃
media.ccc.de/v/why2025-25...
USB: the most successful interface that also brings power
We use it every day, but how does it really work? USB has been around for almost 30 years and it evolved into really universal interface ...
media.ccc.de
August 19, 2025 at 8:04 PM
I use USB daily but I have no idea how it works 🤔
USB 2 vs USB 3, USB-A vs USB-C, the PD standard… this talk is full of interesting details 💎
And now I even understand why my USB-C power bank doesn’t work with *this* cable unless flipped 🙃
media.ccc.de/v/why2025-25...
USB 2 vs USB 3, USB-A vs USB-C, the PD standard… this talk is full of interesting details 💎
And now I even understand why my USB-C power bank doesn’t work with *this* cable unless flipped 🙃
media.ccc.de/v/why2025-25...
Reposted by Sylvain
August 5, 2025 at 3:15 AM
Reposted by Sylvain
🔥 The future of RFID hacking isn’t dead, its even more...
At #WHY2025, Kirils and I are breaking down current RFID hacking situation
No fluff. Just spilling the beans.
🗓️ 9th of August 13:00 at Andromeda
🔗 cfp.why2025.org/why2025/talk...
RT if you’re ready.
At #WHY2025, Kirils and I are breaking down current RFID hacking situation
No fluff. Just spilling the beans.
🗓️ 9th of August 13:00 at Andromeda
🔗 cfp.why2025.org/why2025/talk...
RT if you’re ready.
Decoding RFID: A comprehensive overview of security, attacks, and the latest innovations WHY2025
RFID reverse engineering has seen significant advancements, yet a comprehensive overview of the field remains scattered across research and practitioner communities.
Here the authors presents a struc...
cfp.why2025.org
July 13, 2025 at 2:40 PM
🔥 The future of RFID hacking isn’t dead, its even more...
At #WHY2025, Kirils and I are breaking down current RFID hacking situation
No fluff. Just spilling the beans.
🗓️ 9th of August 13:00 at Andromeda
🔗 cfp.why2025.org/why2025/talk...
RT if you’re ready.
At #WHY2025, Kirils and I are breaking down current RFID hacking situation
No fluff. Just spilling the beans.
🗓️ 9th of August 13:00 at Andromeda
🔗 cfp.why2025.org/why2025/talk...
RT if you’re ready.
Reposted by Sylvain
Some people keep calling the summer migration to Vegas a camp…
But who will sleep in a tent for real? The ones attending @why2025.bsky.social ⛺️
But who will sleep in a tent for real? The ones attending @why2025.bsky.social ⛺️
Only 8 more days until Hacker Summer Camp for me. How about you?
July 27, 2025 at 4:27 AM
Some people keep calling the summer migration to Vegas a camp…
But who will sleep in a tent for real? The ones attending @why2025.bsky.social ⛺️
But who will sleep in a tent for real? The ones attending @why2025.bsky.social ⛺️
Reposted by Sylvain
The Call for Contributed Talks is now open for RWC 2026! And the deadline for submissions is now Oct. 10, 2025.
rwc.iacr.org/2026/contrib...
rwc.iacr.org/2026/contrib...
RWC 2026 call for papers
Real World Crypto Symposium
rwc.iacr.org
July 13, 2025 at 3:52 PM
The Call for Contributed Talks is now open for RWC 2026! And the deadline for submissions is now Oct. 10, 2025.
rwc.iacr.org/2026/contrib...
rwc.iacr.org/2026/contrib...
Reposted by Sylvain
🎙 Ce jeudi, Vincent Strubel, directeur général de l'ANSSI, sera l'invité de l'émission @quotidienofficiel.bsky.social diffusée sur TMC.
📺 Rendez-vous ce soir à partir de 19h15 sur le canal 10.
📺 Rendez-vous ce soir à partir de 19h15 sur le canal 10.
June 12, 2025 at 12:21 PM
🎙 Ce jeudi, Vincent Strubel, directeur général de l'ANSSI, sera l'invité de l'émission @quotidienofficiel.bsky.social diffusée sur TMC.
📺 Rendez-vous ce soir à partir de 19h15 sur le canal 10.
📺 Rendez-vous ce soir à partir de 19h15 sur le canal 10.
Reposted by Sylvain
Three Trail of Bits engineers audited core Go cryptography for a month and found only one low-sev security issue... in unsupported Go+BoringCrypto! 🍾
Years of efforts on testing, limiting complexity, safe APIs, and readability have paid off! ✨
Yes I am taking a victory lap. No I am not sorry. 🏆
Years of efforts on testing, limiting complexity, safe APIs, and readability have paid off! ✨
Yes I am taking a victory lap. No I am not sorry. 🏆
Go Cryptography Security Audit
Go's cryptography libraries underwent an audit by Trail of Bits. Read more about the scope and results.
go.dev
May 19, 2025 at 7:08 PM
Three Trail of Bits engineers audited core Go cryptography for a month and found only one low-sev security issue... in unsupported Go+BoringCrypto! 🍾
Years of efforts on testing, limiting complexity, safe APIs, and readability have paid off! ✨
Yes I am taking a victory lap. No I am not sorry. 🏆
Years of efforts on testing, limiting complexity, safe APIs, and readability have paid off! ✨
Yes I am taking a victory lap. No I am not sorry. 🏆
Reposted by Sylvain
The second Levchin Prize goes to the CADO-NFS team: Emmanuel Thomé, Pierrick Gaudry, and Paul Zimmerman! Congratulations!
#realworldcrypto
#realworldcrypto
March 26, 2025 at 9:24 AM
The second Levchin Prize goes to the CADO-NFS team: Emmanuel Thomé, Pierrick Gaudry, and Paul Zimmerman! Congratulations!
#realworldcrypto
#realworldcrypto
Reposted by Sylvain
Ouch, AMD masterclass in what not to do with cryptography to secure its microcode patching mechanism 😱 ‼️
Blog: Zen and the Art of Microcode Hacking
This blog post covers the full details of EntrySign, the AMD Zen microcode signature validation vulnerability recently discovered by the Google Security team.
bughunters.google.com
March 8, 2025 at 10:49 AM
Ouch, AMD masterclass in what not to do with cryptography to secure its microcode patching mechanism 😱 ‼️
Reposted by Sylvain
This is a fascinating vulnerability.
The root causes are implementing deterministic signatures instead of hedged, using a general purpose big number implementation, and leaking its API at the crypto layer.
JavaScript types are a red herring, could have happened in any language.
The root causes are implementing deterministic signatures instead of hedged, using a general purpose big number implementation, and leaking its API at the crypto layer.
JavaScript types are a red herring, could have happened in any language.
Private key extraction in ECDSA upon signing a malformed input (e.g. a string)
### Summary
Private key can be extracted from ECDSA signature upon signing a malformed input (e.g. a string or a number), which could e.g. come from JSON network input
Note that `elliptic` by...
github.com
February 16, 2025 at 10:08 AM
This is a fascinating vulnerability.
The root causes are implementing deterministic signatures instead of hedged, using a general purpose big number implementation, and leaking its API at the crypto layer.
JavaScript types are a red herring, could have happened in any language.
The root causes are implementing deterministic signatures instead of hedged, using a general purpose big number implementation, and leaking its API at the crypto layer.
JavaScript types are a red herring, could have happened in any language.
Reposted by Sylvain
Marc Ilunga has written a nice blog post about "Best practices for key derivation":
Best practices for key derivation
By Marc Ilunga Key derivation is essential in many cryptographic applications, including key exchange, key management, secure communications, and building robust cryptographic primitives. But it’s …
blog.trailofbits.com
January 29, 2025 at 7:43 AM
Marc Ilunga has written a nice blog post about "Best practices for key derivation":
@anomalroil.bsky.social : https://www.nextinpact.com/lebrief/71680/pourquoi-peut-on-pirater-mot-passe-10-caracteres-en-2-semaines-contre-5-mois-an-passe
Pourquoi peut-on pirater un mot de passe de 10 caractères en 2 semaines, contre 5 mois l'an passé ?
CheckNews, le service de fact-checking de Libération, revient sur une infographie partagée par France Numérique expliquant qu'un pirate pouvait, en 2023, pirater un mot de passe de 10 caractères en 2 semaines, alors qu'un tableau ...
www.nextinpact.com
May 16, 2023 at 10:50 AM
Reposted by Sylvain
more postquantum https://blog.taurushq.com/quantum-doomsday-planning-2-2-the-post-quantum-technology-landscape/
May 9, 2023 at 9:34 AM