Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted
Security Cryptography Whatever
English - November 07, 2023 10:00 - 1 hour - 54.3 MB - ★★★★★ - 61 ratingsTechnology security cryptography whatever Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: 'Jerry Solinas deserves a raise' with Steve Weis
We're back! Signal rolled out a protocol change to be post-quantum resilient! Someone was caught intercepting Jabber TLS via certificate transparency! Was the same-origin policy in web browers just a dirty hack all along? Plus secure message format formalisms, and even more beating of the dead horse that is E2EE in the browser.
Transcript: https://securitycryptographywhatever.com/2023/11/07/PQXDH-etc
Links:
- https://zfnd.org/so-you-want-to-build-an-end-to-end-encrypted-web-app/
- https://github.com/superfly/macaroon
- https://cryspen.com/post/pqxdh/
- https://eprint.iacr.org/2023/1390.pdf
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)