@paulmillr
Noble cryptography. OSS, infosec.
Relays (1)
- wss://nos.lol/ – read & write
Recent Notes
Add Falcon 👀 I see Kyber, Dilithium and SPHINCS+. Falcon has the smallest signature size.
Falcon is 4+ weeks of full time work. It's also unreliable while being implemented, due to the fact it needs floating point math. Maybe fips 206 will fix quirks.
🤙1
noble cryptography v2 is out. Improvements include Schnorr implementation in 5kb noble-secp256k1, hybrid pq algorithms, OPRFs, friendly wrappers around native WebCrypto, better security, and much more.
Live on GitHub, NPM & JSR.
Live on GitHub, NPM & JSR.
32❤️1🤙2🚀1
Silly question - could NIP44 be used for encrypted media? I haven’t really dug into media yet. I expect to use blossom but only if I can encrypt.
For #nostr #safebox I am thinking of defining an en...
Low-level - yes, it's a good idea to use it for a media.
🔥1
#WeAreAllFiatjaf
1❤️2🤙2⚡1
Announcing noble-post-quantum: minimal JS implementation of ML-KEM, ML-DSA and SLH-DSA.
Also known as Kyber, Dilithium and SPHINCS+. Only 2000 lines of code - great learning resource for anyone who’s messing with PQ stuff.
Check out README for algorithm comparison and usage guidelines. https://github.com/paulmillr/noble-post-quantum
Also known as Kyber, Dilithium and SPHINCS+. Only 2000 lines of code - great learning resource for anyone who’s messing with PQ stuff.
Check out README for algorithm comparison and usage guidelines. https://github.com/paulmillr/noble-post-quantum
1❤️2🤙2👀1
Does anyone know if anyone has done an implementation of secq [*] in code? I'm pretty sure not, but asking just in case.
I can ( and probably will) just do it in python (literally just swap p and N),...
I have it in noble-curves readme https://github.com/paulmillr/noble-curves#weierstrass-short-weierstrass-curve
2❤️1
2023 progress on JS cryptography:
- noble-hashes: 400K => 1.7M downloads per week
- noble-curves: ~0 => 0.9M, got 2 audits
- noble-ciphers: 0 => 25K
- Finally adopted by ProtonMail, MetаMасk, Rainbow, Rabby, ethers, web3.js, viem
Takes time, but we’re getting there.
- noble-hashes: 400K => 1.7M downloads per week
- noble-curves: ~0 => 0.9M, got 2 audits
- noble-ciphers: 0 => 25K
- Finally adopted by ProtonMail, MetаMасk, Rainbow, Rabby, ethers, web3.js, viem
Takes time, but we’re getting there.
1❤️3🤙2
do cryptographers think of kyber and others as a good foundation for ‘post-quantum’ (ie when it actually works) cryptography, or are they just viewed as placeholder hacks.
sphincs looks good, kyber not quite. I think Signal's decision is proper and other should follow, because it's hybrid. In the end, everything is a placeholder, and the only question is: "for how long?".
How do you "may be bedlam broken" SGX, nostr:npub10jcnehsxwrjepupvh602pl83up0dh3wv3fqfwv062smygqvpeuwsk03kag? This is an extremely crucial claim for us, Signal users. Please help us understand.
Please check out this writing https://blog.cryptographyengineering.com/2020/07/10/a-few-thoughts-about-signals-secure-value-recovery/
11❤️1👀1💜1
Don't implement yourself, use the actual SimpleX client and server. "Each relay becomes a SimpleX server" means the relay and server are on the same host, different ports. The server may need some mod...
> We're sacrificing almost all the values we stand for
I'm not sure what are you talking about. SimpleX is not a silver bullet. It's trivially decrypt-able by quantum computers. It's also not popular, which means, if/when it becomes popular, only then we'll see how it holds up.
Again - if you think simplex would work - go ahead and implement it. If you can convince the community your solution is better, everyone will switch to it.
nostr is open for everyone. We're just a bunch of folks who've spent some time on the issue we thought was important. No one paid us for it.
I'm not sure what are you talking about. SimpleX is not a silver bullet. It's trivially decrypt-able by quantum computers. It's also not popular, which means, if/when it becomes popular, only then we'll see how it holds up.
Again - if you think simplex would work - go ahead and implement it. If you can convince the community your solution is better, everyone will switch to it.
nostr is open for everyone. We're just a bunch of folks who've spent some time on the issue we thought was important. No one paid us for it.
What metadata is leaked by Signal, please?
It's possible to deduce who messages whom (timing / correlation attack). All user contacts are uploaded to Signal servers (they say it's stored in SGX - which may be broken). Groups also store some data on Signal servers. And - most important - Signal relies on phone numbers.
🌸1🚀1
