David Oswald
@sublevado.bsky.social
Live as if today's yesterday was the day after yesterday's tomorrow.
Reposted by David Oswald
The International Association for Cryptologic Research has used heliosvoting.org – my online voting system – for a number of years.
This year, a trustee lost their secret key. The election has to be re-run.
Below, a few thoughts that didn't fit in the NYT piece.
www.nytimes.com/2025/11/21/w...
This year, a trustee lost their secret key. The election has to be re-run.
Below, a few thoughts that didn't fit in the NYT piece.
www.nytimes.com/2025/11/21/w...
Cryptographers Held an Election. They Can’t Decrypt the Results.
www.nytimes.com
November 22, 2025 at 2:40 AM
The International Association for Cryptologic Research has used heliosvoting.org – my online voting system – for a number of years.
This year, a trustee lost their secret key. The election has to be re-run.
Below, a few thoughts that didn't fit in the NYT piece.
www.nytimes.com/2025/11/21/w...
This year, a trustee lost their secret key. The election has to be re-run.
Below, a few thoughts that didn't fit in the NYT piece.
www.nytimes.com/2025/11/21/w...
Reposted by David Oswald
This paper is about fault injection on real Intel CPUs, resulting in interesting primitives such as instruction skip. Read the uasc.cc/proceedings2... and/or attend uASC in Leuven to learn more!
uasc.cc
October 4, 2025 at 10:34 AM
This paper is about fault injection on real Intel CPUs, resulting in interesting primitives such as instruction skip. Read the uasc.cc/proceedings2... and/or attend uASC in Leuven to learn more!
Reposted by David Oswald
Europeans with credible expertise in cryptography and/or computer security should participate in this call by the 🇪🇺 Commission to explain to them, in terms that politicians can understand, why providing access to communications data to law enforcement … berthub.eu/articles/pos...
Possible End to End to End Encryption: Come Help - Bert Hubert
tl;dr: The European Commission is honestly asking for experts to advise them on ways to institute “effective and lawful access to data for law enforcement”. If you are an expert, I urge you to apply t...
berthub.eu
July 5, 2025 at 7:37 PM
Europeans with credible expertise in cryptography and/or computer security should participate in this call by the 🇪🇺 Commission to explain to them, in terms that politicians can understand, why providing access to communications data to law enforcement … berthub.eu/articles/pos...
Reposted by David Oswald
So What Do We Know QC To Be Good For?
- Simulating quantum physics and chemistry
- Breaking current public-key encryption (RSA, DH, ECC)
- Eventually, modest (square-root) speedups from Grover
- We’ll have to get lucky for most other applications!
(The world has been systemically lied to about this)
- Simulating quantum physics and chemistry
- Breaking current public-key encryption (RSA, DH, ECC)
- Eventually, modest (square-root) speedups from Grover
- We’ll have to get lucky for most other applications!
(The world has been systemically lied to about this)
June 29, 2025 at 9:25 AM
So What Do We Know QC To Be Good For?
- Simulating quantum physics and chemistry
- Breaking current public-key encryption (RSA, DH, ECC)
- Eventually, modest (square-root) speedups from Grover
- We’ll have to get lucky for most other applications!
(The world has been systemically lied to about this)
- Simulating quantum physics and chemistry
- Breaking current public-key encryption (RSA, DH, ECC)
- Eventually, modest (square-root) speedups from Grover
- We’ll have to get lucky for most other applications!
(The world has been systemically lied to about this)
Reposted by David Oswald
Join the Graz Security Week from Sep 1 to 5! with @sahar-abdelnabi.bsky.social, Jo Van Bulck, Maria Eichlseder, Georg Fuchsbauer, @sublevado.bsky.social, @fbpierazzi.bsky.social, Kaveh Razavi, Christian Rossow, Yang Zhang securityweek.at (system security, side channels, AI security, & cryptography)
Security Week Graz 2025 – Summer School for Cybersecurity
securityweek.at
June 16, 2025 at 9:51 AM
Join the Graz Security Week from Sep 1 to 5! with @sahar-abdelnabi.bsky.social, Jo Van Bulck, Maria Eichlseder, Georg Fuchsbauer, @sublevado.bsky.social, @fbpierazzi.bsky.social, Kaveh Razavi, Christian Rossow, Yang Zhang securityweek.at (system security, side channels, AI security, & cryptography)
Reposted by David Oswald
Reminder that the MSCA postdoctoral program exists. If you have a PhD and want to work in a European lab, you have until September to apply. Just contact them now.
ec.europa.eu/info/funding...
ec.europa.eu/info/funding...
ec.europa.eu
June 6, 2025 at 5:47 PM
Reminder that the MSCA postdoctoral program exists. If you have a PhD and want to work in a European lab, you have until September to apply. Just contact them now.
ec.europa.eu/info/funding...
ec.europa.eu/info/funding...
Reposted by David Oswald
🌍 Help shape the future of SaTML!
We are on the hunt for a 2026 host city - and you could lead the way. Submit a bid to become General Chair of the conference:
forms.gle/vozsaXjCoPzc...
We are on the hunt for a 2026 host city - and you could lead the way. Submit a bid to become General Chair of the conference:
forms.gle/vozsaXjCoPzc...
Bid to host SaTML 2026
Thank you for considering to host SaTML!
SaTML has been organized as a 3 day conference so far. We are looking for volunteers interested in finding a venue to host the conference in 2026. By submitti...
forms.gle
May 12, 2025 at 12:15 PM
🌍 Help shape the future of SaTML!
We are on the hunt for a 2026 host city - and you could lead the way. Submit a bid to become General Chair of the conference:
forms.gle/vozsaXjCoPzc...
We are on the hunt for a 2026 host city - and you could lead the way. Submit a bid to become General Chair of the conference:
forms.gle/vozsaXjCoPzc...
Reposted by David Oswald
If you are looking for a PhD or PostDoc position in Cryptographic Engineering, please check the openings of Michael Hutter at our Research Institute CODE here in beautiful Munich. Please consider and help spread the word: iacr.org/jobs/item/3908
PhDs / PostDocs in Cryptographic Engineering
iacr.org
February 24, 2025 at 5:20 PM
If you are looking for a PhD or PostDoc position in Cryptographic Engineering, please check the openings of Michael Hutter at our Research Institute CODE here in beautiful Munich. Please consider and help spread the word: iacr.org/jobs/item/3908
Reposted by David Oswald
Without setting out to do so, Andrew Krapivin recently upended the common thinking around hash tables — one of the best-studied tools in computer science. Steve Nadis reports:
www.quantamagazine.org/undergraduat...
www.quantamagazine.org/undergraduat...
Undergraduate Upends a 40-Year-Old Data Science Conjecture | Quanta Magazine
A young computer scientist and two colleagues show that searches within data structures called hash tables can be much faster than previously deemed possible.
www.quantamagazine.org
February 10, 2025 at 3:22 PM
Without setting out to do so, Andrew Krapivin recently upended the common thinking around hash tables — one of the best-studied tools in computer science. Steve Nadis reports:
www.quantamagazine.org/undergraduat...
www.quantamagazine.org/undergraduat...
Reposted by David Oswald
oh hello there: github.com/google/secur...
security-research/pocs/cpus/entrysign at 5952723423260f0c6932408da3cbe6b3b708373d · google/security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code. - google/security-research
github.com
February 4, 2025 at 12:08 AM
oh hello there: github.com/google/secur...
Reposted by David Oswald
We updated the uASC deadline: it is **January 28 AoE**, which is 1 day after the DIMVA notification.
Take a look at our CFP. Any insights around microarchitecture security are interesting.
uasc.cc
Take a look at our CFP. Any insights around microarchitecture security are interesting.
uasc.cc
1st Microarchitecture Security Conference (uASC '25)
uasc.cc
January 26, 2025 at 12:54 PM
We updated the uASC deadline: it is **January 28 AoE**, which is 1 day after the DIMVA notification.
Take a look at our CFP. Any insights around microarchitecture security are interesting.
uasc.cc
Take a look at our CFP. Any insights around microarchitecture security are interesting.
uasc.cc
Reposted by David Oswald
AMD’s trusted execution environment blown wide open by new BadRAM attack #BadRAM #AMD arstechnica.com/information-...
AMD’s trusted execution environment blown wide open by new BadRAM attack
Attack bypasses AMD protection promising security, even when a server is compromised.
arstechnica.com
December 10, 2024 at 6:40 PM
AMD’s trusted execution environment blown wide open by new BadRAM attack #BadRAM #AMD arstechnica.com/information-...
Reposted by David Oswald
#BadRAM just went public: Tampering with DRAM modules allows attackers to bypass SEV-SNP's write protection and forging attestation reports, breaking all trust in #SEV-SNP.
Joint work with Jesse De Meulemeester, Luca Wilke, @sublevado.bsky.social, Ingrid Verbauwhede and Jo Van Bulck
badram.eu
Joint work with Jesse De Meulemeester, Luca Wilke, @sublevado.bsky.social, Ingrid Verbauwhede and Jo Van Bulck
badram.eu
December 10, 2024 at 7:50 PM
#BadRAM just went public: Tampering with DRAM modules allows attackers to bypass SEV-SNP's write protection and forging attestation reports, breaking all trust in #SEV-SNP.
Joint work with Jesse De Meulemeester, Luca Wilke, @sublevado.bsky.social, Ingrid Verbauwhede and Jo Van Bulck
badram.eu
Joint work with Jesse De Meulemeester, Luca Wilke, @sublevado.bsky.social, Ingrid Verbauwhede and Jo Van Bulck
badram.eu
Reposted by David Oswald
Got some negative or unrealistic threat model results that still bring interesting insights? A side channel that requires root to leak something from the kernel? Reproducing prior work? Somewhat related to microarchitecture? Here's your venue: uasc.cc
1st Microarchitecture Security Conference (uASC '25)
uasc.cc
December 1, 2024 at 4:03 PM
Got some negative or unrealistic threat model results that still bring interesting insights? A side channel that requires root to leak something from the kernel? Reproducing prior work? Somewhat related to microarchitecture? Here's your venue: uasc.cc