#realworldcrypto
10.03.2026 09:04
π 1
π 1
π¬ 1
π 0
#realworldcrypto
<3 logo was mine hahaha I need to make logos for all!!
Great talk @claucece.bsky.social . And cool protocol!! 6 signers is plenty
Look at this beautiful arrrrt
#realworldcrypto
Abstract. Signal is a secure messaging app offering end-to-end security for pairwise and group communications. It has tens of millions of users, and has heavily influenced the design of other secure messaging apps (including WhatsApp). Signal has been heavily analysed and, as a result, is rightly regarded as setting the βgold standardβ for messaging apps by the scientific community. We present two practical attacks that break the integrity properties of Signal in its advertised threat model. Each attack arises from different features of Signal that are poorly documented and have eluded formal security analyses. The first attack, affecting Android and Desktop, arises from Signalβs introduction of identities based on usernames (instead of phone numbers) in early 2022. We show that the protocol for resolving identities based on usernames and on phone numbers introduced a vulnerability that allows a malicious server to inject arbitrary messages into one-to-one conversations under specific circumstances. The injection causes a user-visible alert about a change of safety numbers, but if the users compare their safety numbers, they will be correct. The second attack is even more severe. It arises from Signalβs Sealed Sender (SSS) feature, designed to allow sender identities to be hidden. We show that a combination of two errors in the SSS implementation in Android allows a malicious server to inject arbitrary messages into both one-to-one and group conversations. The errors relate to missing key checks and the loss of context when cryptographic processing is distributed across multiple software components. The attack is undetectable by users and can be mounted at any time, without any preconditions. As far as we can tell, the vulnerability has been present since the introduction of SSS in 2018. We disclosed both attacks to Signal. The vulnerabilities were promptly acknowledged and patched: the first vulnerability was fixed two days after disclosure, while the second one was patched after eight days. Beyond presenting these devastating attacks on Signalβs end-to-end security guarantees, we discuss more broadly what can be learned about the challenges of deploying new security features in complex software projects.
Image showing part 2 of abstract.
Signal Lost (Integrity): The Signal App is More than the Sum of its Protocols (Kien Tuong Truong, Noemi Terzo, Kenneth G. Paterson) ia.cr/2026/484
It's RWC. So follow online with @durumcrustulum.com ....
US Defense Secretary Pete Hegseth made comments about βstupid rules of engagementβ on Monday, suggesting they may interfere with βfight[ing] to winβ in Iran. www.hrw.org/news/2026/03...
In addition to the many things I didn't like about the Natural History Museum in London, one thing I especially disliked is a huge wall given to showing *constellations* (or, as I prefer to think of them, "old-school hallucinations"). Let's have some actual science, people.
Google with AI buttons
Google without AI buttons
I made a filterlist for uBlock Origin to remove Generative AI features on websites. Includes blocks for
* Google AI Summaries
* YouTube Ask button & chat summaries
* GitHub Copilot
* Facebook AI chat
* X's Grok buttons
* Deviantart DreamUp
* Booru AI images
* And more
github.com/Stevoisiak/S...
Do you love free speech, right to repair, and open source tech? If so, you should become a member of EFF today! eff.org/join
So-called 'nudify' apps. Smart glasses that secretly record video. An explosion in sexualised deepfakes.
Tech has turned against women, and it's time to regulate it properly, says author and gender equality campaigner Laura Bates.
Read more: ft.trib.al/Z3gd5bP
GDB will now have a save history command to save the command history to a file whenever you want.
This is cool as I usually need to manually copy-paste commands anyway because GDB tends to crash during my debugging sessions.
Hacktivists tried to find a workaround to Discordβs age-verification software, Persona. Instead, they found its frontend exposed to the open internet, and that was just the beginning.
www.therage.co/persona-age-...
βBased on these ethnographic findings, we initiate the cryptographic study of at-compromise securityβ
martinralbrecht.wordpress.com/2026/02/17/b...
Read our paper: eprint.iacr.org/2026/227 and blogpost: brave.com/blog/zklogin/
This is not a failure of zero-knowledge proofs. It is a systems security failure caused by composition: ill-defined semantics, missing binding guarantees, exposed long-lived credentials, unjustified frontend trust assumptions, and opaque trust centralization.
5. Allows for centralization and privacy regressions: JWTs, often containing sensitive identity attributes, are forwarded to third-party services outside the original OIDC consent relationship, with no explicit user awareness or control.
4. Incorrectly trusts the frontend: zkLogin explicitly assumes that the frontend application is trusted and security-irrelevant, arguing that public frontend implies sufficient scrutiny. This assumption does not hold in real-world browser threat models.
3. Exposes long-lived credentials as static, long-lived bearer credentials exposed directly to browser environments. These credentials are commonly: stored in browser-accessible storage (e.g., localStorage), transmitted directly from frontend JavaScript and reused indefinitely.
1. Accepts malformed JWTs (with shadowed claims, invalid JSON): a single signed JWT can admit multiple conflicting interpretations (claim shadowing via duplicate keys, parser differentials across components, non-canonical encodings with ambiguous semantics).
At first glance, this seems to provide strong privacy and security guarantees.
But, what we found is that the story is not complete, as zkLogin:
What is zkLogin?
zkLogin allows users to authorize blockchain transactions using a ZKP of possession of a signed OpenID Connect (OIDC) JSON Web Token (JWT) via a ZKP over the signed JWT.
Paper: eprint.iacr.org/2026/227
Blogpost: brave.com/blog/zklogin/
Joint work with Hamed Haddadi and Kyle Den Hartog (3/n)
In our work, we show why this narrative can be incomplete: we analyze *zkLogin*, a widely deployed zero-knowledge authorization system, and demonstrate that its security does not only reduce to the security of the ZKP. Instead, it depends on assumptions.
ZKPs are ipromoted as foundation for privacy-preserving authentication. Recent proposals, particularly in blockchain wallets, identity frameworks, and verifiable credential systems, suggest that ZKPs allow users to prove possession of externally issued credentials without revealing them (2/n)
When Zero-Knowledge Proofs Are Not Enough: Lessons from a Real-World Zero-Knowledge Authorization System, a.k.a Analysis and Vulnerabilities in zkLogin (eprint.iacr.org/2026/227) (1/n)
@opentechfund.bsky.social is accepting applications to join our Security Lab until March 16, 2026.
Learn more:
buff.ly/lzCjWZu
The general counsel uploaded a picture on Linkedin showing the web panel of Paragon's spyware.
The panel shows a phone number in Czechia, Apps, Accounts, media on the phone, the interception status and numbers extracted from social media applications.
Γ lβoccasion de la journΓ©e #FemmesEnScience, dΓ©couvrez ces femmes qui faΓ§onnent les sciences informatiques ! #IA, optimisation et fonctions supports, elles innovent et repoussent les frontiΓ¨res du #numΓ©rique.
β‘οΈ www.ins2i.cnrs.fr/fr/cnrsinfo/...
Benito carrying a football with musicians carrying flags behind him
Iconic moment as he says "God Bless AmΓ©rica" and then names every country in South, Central, and North america in order
For the rest of the hemisphere, AmΓ©rica doesn't mean the U.S.
It means evveeerrybody