Notices by Sophie Schmieg (sophieschmieg@infosec.exchange)

New blog post, about a fun obsession of mine, the reason why we use elliptic curves and not any other groups for Diffie-Hellman.

https://keymaterial.net/2025/05/23/there-is-no-diffie-hellman-but-elliptic-curve-diffie-hellman/

Ah, yes, the two genders

Damnit, I'm sitting next to a cryptocurrency person in this plane and am not wearing my "crypto means cryptozoology" shirt.

And all of the sudden, we have solved supply chain security.

No CVE, no vulnerabilities!

@mattblaze even just minor UX improvements like Gmail marking external email addresses yellow are a good way of avoiding this type of issue. But that fundamentally relies on there being some concept of "external", i.e. they can only work if there is some defined organization as a context. Which for Signal simply does not make sense. It is an excellent tool, but it is the wrong tool for the job.

@mattblaze @ct_bergstrom I legit thought it was some misunderstanding of quantum computing at first, but then the title says "AI computing" and I got nothing.

(And to be clear, quantum computing also does not work like that)

@sawaba @GossiTheDog
I agree that most small to medium companies probably do not have to care about any of this right now. Those that do probably know already. But it's not something that can be simply ignored by everybody.

The main way to recognize overhyped nonsense is when they talk about inventory and agility. Unfortunately, neither of these terms is completely without merit, but they are the most favorite buzzwords of the hype peddlers. Really both of these boil down to proper key management. Something that is extremely difficult, but not unique or novel with PQC.

@sawaba @GossiTheDog but just in case you don't like watching my YouTube talks, here is the TLDR as to why you might need to care (not everybody has to care, figuring out who does is part of the difficulty):
a) whether or not you believe the hype about quantum computers, regulatory pressure puts a hard deadline on the migration for 2035. That's ten years. For encryption in transit you have store-now-decrypt-later, which might incentivise you to move faster, although that is somewhat overhyped, as forward secrecy acts as a form of "quantum annoyance", it depends how high you value you long term confidentiality of your data.
b) PQC algorithms are not easy drop in replacements. They are much, much larger than their classical counterparts, leading to quite a few use cases outright breaking (as the aforementioned WebPKI). Some of these are extremely difficult to migrate as a whole (again, as the aforementioned WebPKI), making 10 years not much time.

@sawaba @GossiTheDog ugh, please don't.

Yes it's overhyped, and yes consultants give extremely cringe talks about it, but no, this is neither a purely theoretical threat that can be safely ignored, nor is it business as usual when it comes to upgrading. Unless of course you consider potentially having to rip out the entirety of WebPKI and replacing it with something different as business as usual.

You can see my talk about the practical challenge and the threat model here (about half way through) https://youtu.be/wsnHMvuxy5Q?si=yK6oObpptIQfyOs8

@sawaba @GossiTheDog for small to medium sized businesses that are not doing anything more adventurous than TLS when it comes to cryptography, my advice would be, if there is some free engineering capacity, to turn on 0x11EC (X25519-ML-KEM768) in their TLS config, assuming their stack supports the cipher. (The various different stacks are adding support for that currently)
That way, you can check if anything breaks, with both Chrome and Firefox negotiating that cipher by default, and Safari rolling out support for it. The main risk is with middleware breaking.
In that threat model, it may not be the most urgent task, but it's relatively simple, depending on the used TLS stack. You can also turn on the equivalent KEX in SSH (supported in OpenSSH). Otherwise, in that threat model, I wouldn't do much at all (and even these two things are mostly optional, unless there are very strict long term confidentiality concerns).
Of course, if your threat model is more adventurous, you might want to hire some cryptographers 🙂

I love that the "Germans in foreign countries" app lets you register your fax number.

I guess, how else would they reach you?

@inthehands @paul_ipv6 there is some movement happening, though, my very boring liberal father in law went from "why are you so worried, it's just four years" to "I'm not sure you should travel internationally, do you have lawyers on call, I'm very worried" within 2 months. And I'm pretty sure lots of people are going through that right now, and gracefully accepting them into the fold will be key for any left alliance to succeed in stopping fascism.

That being said, "business leaders" are very different from "boring liberal"

@inthehands @paul_ipv6 the fact that they see Trump ruining the economy with tariffs, and still only meakly protesting is definitely evidence of that.

@inthehands @paul_ipv6 on the other hand, more people cancelling rides with Teslas acts as yet another way to boycott that fascist company, which adds an incentive for Uber/Lyft to prioritize other car models, and for drivers to switch.

Ferry to statute of liberty: freedom! Greeting immigrants. Definitely no connection to slavery!

Statue of Liberty museum: yeah, so this French abolitionist wanted to congratulate the US for getting rid of slavery, and thought a statue celebrating things like the rule of law that applies to all people equally was a nice gesture. Contemporary black people had pretty mixed feelings about it though, because there was still a lot of inequality. Women made some sarcastic comments as well, given how it was a tad bit ironic to celebrate liberty with a statue of a woman, without giving them the right to vote.

Substantial layoffs at the largest employer in the country will, by themselves, cause an economic crisis. And that is nothing to say about the fact that federal employees are doing a job, and often one crucial to the economy.

But "Republicans are good for business"

Achievement unlocked: got the red team to use PQC for their C2.

Do you like undefined behavior? Do you want more of it? This post is for you. Well actually not for you, but I can do a bit of click baiting, right?

https://keymaterial.net/2025/02/19/how-not-to-format-a-private-key/

What I imagine hymenoptera conservatives to be like: "There are only three genders, female reproductive, male reproductive, and worker"
Some ant: "What about super majors?"
Some other ant: "Also gamergates, are they workers or reproductives?"
Conservative hymenoptera: "There are only three genders, female reproductive, male reproductive, and worker!"

Some termite *opens mouth* …

Conservative hymenoptera, shouting: "There are only three genders, female reproductive, male reproductive, and worker!!!!!"

Content of the Zeit article, summarized:
- Yes this was a Hitler salute. No "apparent" necessary. We've all seen it.
- Newspapers now have two choices, both of them bad: they can ignore it ever happened, as to not feed the attention the action clearly craved, which normalizes open Nazi symbolism further, or they can explicitly address it, knowing that Musk wants attention, even negative attention. Clearly the Zeit has chosen the latter, and redacted the salute itself to somewhat lessen the impact.