Lukas
@numberfour8.bsky.social
Protocol Engineer in Rust and C++
Focusing mainly on Cryptography and Infosec.
Focusing mainly on Cryptography and Infosec.
Reposted by Lukas
At #IETF124 in Montréal @ietf.org last month I gave a talk about Measuring & Understanding ECH deployments as @ooni.org.
ECH is becoming a Frontline for whether the Internet remains Open, Private, and Resilient.
We need to Document Censorship, to Protect our Internet.
📹 youtu.be/OmBNQKZtO3Q
ECH is becoming a Frontline for whether the Internet remains Open, Private, and Resilient.
We need to Document Censorship, to Protect our Internet.
📹 youtu.be/OmBNQKZtO3Q
December 9, 2025 at 9:09 AM
At #IETF124 in Montréal @ietf.org last month I gave a talk about Measuring & Understanding ECH deployments as @ooni.org.
ECH is becoming a Frontline for whether the Internet remains Open, Private, and Resilient.
We need to Document Censorship, to Protect our Internet.
📹 youtu.be/OmBNQKZtO3Q
ECH is becoming a Frontline for whether the Internet remains Open, Private, and Resilient.
We need to Document Censorship, to Protect our Internet.
📹 youtu.be/OmBNQKZtO3Q
Reposted by Lukas
I know it’s been said again and again, but what does it say about ChatControl that its backers keep explicitly *exempting* law enforcement and national security accounts from content scanning?
September 17, 2025 at 5:10 PM
I know it’s been said again and again, but what does it say about ChatControl that its backers keep explicitly *exempting* law enforcement and national security accounts from content scanning?
Reposted by Lukas
This little dialog box that pops up on Macs is the most suspicious thing ever. I’m 90% certain it’s a real system dialog, but still think a smart website could fake it with a pop-up window.
August 11, 2025 at 9:44 PM
This little dialog box that pops up on Macs is the most suspicious thing ever. I’m 90% certain it’s a real system dialog, but still think a smart website could fake it with a pop-up window.
Reposted by Lukas
Starfighters − on the general applicability of X-Wing (Deirdre Connolly, Kathrin Hövelmanns, Andreas Hülsing, Stavros Kousidis, Matthias Meijers) ia.cr/2025/1397
August 1, 2025 at 11:10 AM
Starfighters − on the general applicability of X-Wing (Deirdre Connolly, Kathrin Hövelmanns, Andreas Hülsing, Stavros Kousidis, Matthias Meijers) ia.cr/2025/1397
Reposted by Lukas
It seems pretty obvious to me that western governments are looking at China and other countries with monitored/sealed Internet and slowly putting the pieces in place to do the same thing for their own Internets.
July 27, 2025 at 2:40 PM
It seems pretty obvious to me that western governments are looking at China and other countries with monitored/sealed Internet and slowly putting the pieces in place to do the same thing for their own Internets.
Reposted by Lukas
I’ve been running cryptography questions into ChatGPT o3 after a friend told me it was practically grad-student-level intelligent. The good news for now is that, well, it’s grad-student-level intelligent. 😮💨
July 13, 2025 at 2:03 PM
I’ve been running cryptography questions into ChatGPT o3 after a friend told me it was practically grad-student-level intelligent. The good news for now is that, well, it’s grad-student-level intelligent. 😮💨
Reposted by Lukas
Cloudflare has launched Orange Me2eets, an open-source end-to-end encrypted video calling demo! Built on top of our OpenMLS implementation, this project showcases secure, private real-time communication.
buff.ly/eEdJdnf
#Cloudflare #E2EE #VideoCalling #OpenSource #OpenMLS
buff.ly/eEdJdnf
#Cloudflare #E2EE #VideoCalling #OpenSource #OpenMLS
Orange Me2eets: We made an end-to-end encrypted video calling app and it was easy
Orange Meets, our open-source video calling web application, now supports end-to-end encryption using the MLS protocol with continuous group key agreement
blog.cloudflare.com
June 30, 2025 at 5:52 AM
Cloudflare has launched Orange Me2eets, an open-source end-to-end encrypted video calling demo! Built on top of our OpenMLS implementation, this project showcases secure, private real-time communication.
buff.ly/eEdJdnf
#Cloudflare #E2EE #VideoCalling #OpenSource #OpenMLS
buff.ly/eEdJdnf
#Cloudflare #E2EE #VideoCalling #OpenSource #OpenMLS
Reposted by Lukas
Uses the xkcd style sheet for the plots!
matplotlib.org/devdocs/gall...
matplotlib.org/devdocs/gall...
June 19, 2025 at 4:06 PM
Uses the xkcd style sheet for the plots!
matplotlib.org/devdocs/gall...
matplotlib.org/devdocs/gall...
Reposted by Lukas
We (finally) published all the material from this course on SQIsign, including lecture slides and exercise sheets for the Sage laboratory. Available here: github.com/andreavico/S...
June 10, 2025 at 3:58 PM
We (finally) published all the material from this course on SQIsign, including lecture slides and exercise sheets for the Sage laboratory. Available here: github.com/andreavico/S...
Reposted by Lukas
New estimates from Google show that 2048-bit RSA could likely be broken in a week by a quantum computer with 1 million noisy qubits.
security.googleblog.com/2025/05/trac...
security.googleblog.com/2025/05/trac...
Tracking the Cost of Quantum Factoring
Posted by Craig Gidney, Quantum Research Scientist, and Sophie Schmieg, Senior Staff Cryptography Engineer Google Quantum AI's mission is t...
security.googleblog.com
May 27, 2025 at 5:09 AM
New estimates from Google show that 2048-bit RSA could likely be broken in a week by a quantum computer with 1 million noisy qubits.
security.googleblog.com/2025/05/trac...
security.googleblog.com/2025/05/trac...
Reposted by Lukas
One of the things I’ve seen people do lately is try to come up with explicit definitions of “end to end encryption” and then try to hold providers to their definitions. I think this is a category error and a bad idea.
a picture of an alien with the words " it 's a trap " on the bottom
ALT: a picture of an alien with the words " it 's a trap " on the bottom
media.tenor.com
May 2, 2025 at 1:46 PM
One of the things I’ve seen people do lately is try to come up with explicit definitions of “end to end encryption” and then try to hold providers to their definitions. I think this is a category error and a bad idea.
Reposted by Lukas
I wrote a post about how AI will interface with end-to-end encryption. TL;DR maybe not so well! blog.cryptographyengineering.com/2025/01/17/l...
Let’s talk about AI and end-to-end encryption
Recently, I came across a fantastic new paper by a group of NYU and Cornell researchers entitled “How to think about end-to-end encryption and AI.” I’m extremely grateful to see t…
blog.cryptographyengineering.com
January 17, 2025 at 3:43 PM
I wrote a post about how AI will interface with end-to-end encryption. TL;DR maybe not so well! blog.cryptographyengineering.com/2025/01/17/l...
Reposted by Lukas
📣 Initial public draft of NIST SP 800-227, Recommendations for Key-Encapsulation Mechanisms 🚨
This is the long-awaited SP that describes how to use KEMs like ML-KEM, including how to build PQC hybrids with ECC.
csrc.nist.gov/pubs/sp/800/22…
This is the long-awaited SP that describes how to use KEMs like ML-KEM, including how to build PQC hybrids with ECC.
csrc.nist.gov/pubs/sp/800/22…
NIST Special Publication (SP) 800-227 (Draft), Recommendations for Key-Encapsulation Mechanisms
A key-encapsulation mechanism (KEM) is a set of algorithms that can be used by two parties under certain conditions to securely establish a shared secret key over a public channel. A shared secret key...
csrc.nist.gov
January 7, 2025 at 3:29 PM
📣 Initial public draft of NIST SP 800-227, Recommendations for Key-Encapsulation Mechanisms 🚨
This is the long-awaited SP that describes how to use KEMs like ML-KEM, including how to build PQC hybrids with ECC.
csrc.nist.gov/pubs/sp/800/22…
This is the long-awaited SP that describes how to use KEMs like ML-KEM, including how to build PQC hybrids with ECC.
csrc.nist.gov/pubs/sp/800/22…
Reposted by Lukas
You’re still arguing about tabs vs. spaces? May I present…
December 25, 2024 at 6:37 PM
You’re still arguing about tabs vs. spaces? May I present…
Reposted by Lukas
Great to see NIST take up a wide block cipher mode! At AWS we have to carefully engineer around the 128-bit safety limits. Otherwise hyper-scale systems like VPC, S3, and EBS would exceed those limits in seconds! 256-bits is much more misuse-proof.
csrc.nist.gov/News/2024/ni...
csrc.nist.gov/News/2024/ni...
NIST Proposes to Standardize a Wider Variant of AES | CSRC
NIST indicated its interest in vetting another Rijndael variant for approval: Rijndael with 256-bit blocks (i.e., Rijndael-256) with a single key size of 256-bits. NIST plans to develop a draft standa...
csrc.nist.gov
December 25, 2024 at 4:41 AM
Great to see NIST take up a wide block cipher mode! At AWS we have to carefully engineer around the 128-bit safety limits. Otherwise hyper-scale systems like VPC, S3, and EBS would exceed those limits in seconds! 256-bits is much more misuse-proof.
csrc.nist.gov/News/2024/ni...
csrc.nist.gov/News/2024/ni...
Reposted by Lukas
TIL how easy it is to ask curl to dump TLS session keys to disk 🛠️
Simply set the environment variable `SSLKEYLOGFILE=/path/to/file` 😅 Note: it also works for Firefox and Chrome
Extremely useful when combined with Wireshark 👍
Simply set the environment variable `SSLKEYLOGFILE=/path/to/file` 😅 Note: it also works for Firefox and Chrome
Extremely useful when combined with Wireshark 👍
December 20, 2024 at 11:35 AM
TIL how easy it is to ask curl to dump TLS session keys to disk 🛠️
Simply set the environment variable `SSLKEYLOGFILE=/path/to/file` 😅 Note: it also works for Firefox and Chrome
Extremely useful when combined with Wireshark 👍
Simply set the environment variable `SSLKEYLOGFILE=/path/to/file` 😅 Note: it also works for Firefox and Chrome
Extremely useful when combined with Wireshark 👍