The post discusses a significant cryptographic vulnerability known as Kerberoasting, which exploits weaknesses in Microsoft's Active Directory and its use of outdated cryptographic methods. The author highlights how this vulnerabi...
About:
Matthew Green is a cryptographer and professor at Johns Hopkins University, focusing on cryptographic systems and user privacy.
Website:
Specializations:
Interests:
Incoming Links:
Outgoing Links:
Subscribe to RSS:
Anonymous authentication is crucial for preserving privacy in an era of increasing surveillance and legislation, as explored through the concept of anonymous credentials.
Allegations against WhatsApp's encryption raise concerns about user data security, prompting a discussion on trust and the implications of the lawsuit against Meta.
The text discusses Twitter/X's new end-to-end encryption messaging protocol, XChat, and its vulnerabilities. It explains that XChat's encryption mechanism is not as secure as Signal protocol, and the major vulnerability is the key...
The author discusses the need for Apple to add a 'Disappearing Messages' feature to iMessage, highlighting the importance of privacy and security in private conversations. They argue that while iMessage is encrypted, it lacks the ...
The text discusses the U.K. government's secret order to Apple to include a backdoor into the company's end-to-end encrypted iCloud Backup feature, and Apple's response to this demand. It also explores the implications of this dem...
The text discusses the theoretical weaknesses in Fiat-Shamir as applied to proof systems. It explains the new result by Khovratovich, Rothblum and Soukhanov entitled “How to Prove False Statements: Practical Attacks on Fiat-Shamir...
The U.K. has requested that Apple modify the encryption used in their Advanced Data Protection (ADP) system for iCloud, which would secretly weaken the end-to-end encryption feature for at least some users. The U.K. law allows the...
The text discusses the recent results on 'verifiable computation' and possible pitfalls that could occur. It introduces the recent paper by Khovratovich, Rothblum and Soukhanov entitled 'How to Prove False Statements: Practical At...
The text discusses the theoretical models that underpin the security of cryptographic schemes, focusing on the random oracle model. It explains the use of cryptographic hash functions and the requirement for them to behave like ra...
0Let’s talk about AI and end-to-end encryption
2025-01-17 •
The text discusses the intersection of AI and end-to-end encryption, highlighting the potential privacy implications of AI in private messaging. It explains the evolution of end-to-end encryption, the challenges of processing data...
0Is Telegram really an encrypted messaging app?
2024-08-25 •
The blog post critically examines Telegram's claim as an 'encrypted messaging app.' It highlights that while Telegram offers encryption, it does not provide default end-to-end encryption for all conversations, which is a standard ...
0A quick post on Chen’s algorithm
2024-04-16 •
The blog post discusses a recent development in cryptography involving Yilei Chen's preprint on a quantum algorithm for lattice problems, which has caused a stir in the cryptography community. The algorithm claims to solve the 'sh...
0Attack of the week: Airdrop tracing
2024-01-11 •
The blog post discusses a security vulnerability in Apple's AirDrop protocol, which has been exploited by Chinese security agencies to trace the sender of AirDrop transmissions. This vulnerability was initially discovered by resea...
0To Schnorr and beyond (part 2)
2023-11-30 •
The blog post delves into the intricacies of Schnorr signature schemes and the Dilithium post-quantum signature. It builds on a previous discussion about Schnorr signatures, exploring their design and the challenges posed by quant...
0To Schnorr and beyond (Part 1)
2023-10-06 •
The blog post delves into the complexities of cryptographic signature schemes, focusing on the Schnorr signature and its foundational role in cryptographic engineering. It explores the historical context and motivation behind thes...
0Some rough impressions of Worldcoin
2023-08-21 •
The blog post provides a critical analysis of Worldcoin, a cryptocurrency project funded by Sam Altman, which uses biometric iris scans to create a 'proof of personhood' for users. The author, Matthew Green, examines the privacy r...
The blog post discusses the EU Commission's proposal for client-side scanning in encrypted messaging apps to detect illicit content, such as CSAM and grooming behavior. The author, Matthew Green, critiques the proposal and highlig...
0PRFs, PRPs and other fantastic things
2023-05-08 •
The blog post discusses the importance of pseudorandom functions (PRFs) and pseudorandom permutations (PRPs) in cryptography, highlighting their fundamental role in modern cryptographic systems. The author critiques the focus of c...
0Book Review: Red Team Blues
2023-04-24 •
Matthew Green reviews Cory Doctorow's novel 'Red Team Blues', which centers around cryptographic technology. The story follows Martin Hench, a forensic accountant, who is tasked with saving a cryptocurrency project called Trustles...
0Remarks on “Chat Control”
2023-03-23 •
Matthew Green discusses the EU Commission's 'chat control' proposal, which mandates content scanning in private messaging apps. He highlights concerns about the technical implications, particularly regarding encryption and privacy...