New design sets a high standard for post-quantum readiness.
Aranya is an access governance and secure data exchange platform for organizations to control their critical data and services. Access governance is a mechanism to define, enforce, and maintain the set of rules and procedures to secure your system’s behaviors. Aranya gives you the ability to apply access controls over stored and shared resources all in one place.
Aranya enables you to safeguard sensitive information, maintain compliance, mitigate the risk of unauthorized data exposure, and grant appropriate access. Aranya’s decentralized platform allows you to define and enforce these sets of policies to secure and access your resources.
The platform provides a software toolkit for policy-driven access controls and secure data exchange. The software is deployed on endpoints, integrating into applications which require granular access controls over their data and services. Endpoints can entrust Aranya with their data protection and access controls so that other applications running on the endpoint need only to focus on using the data for their intended functionality. Aranya has configurable end-to-end encryption built into its core as a fundamental design principle.
A key discriminating attribute of Aranya is the decentralized, zero trust architecture. Through the integration of the software, access governance is implemented without the need for a connection back to centralized IT infrastructure. With Aranya’s decentralized architecture, if two endpoints are connected to each other, but not back to the cloud or centralized infrastructure, governance over data and applications will be synchronized between peers and further operations will continue uninterrupted.
Opal @opalescentopal.bsky.social
With Tom Lehrer's passing, I suppose this is a moment to share the story of the prank he played on the National Security Agency, and how it went undiscovered for nearly 60 years.
July 27, 2025 at 5:01 PM
Opal @opalescentopal.bsky.social· 10d
I worked as a mathematician at the NSA during the second Obama administration and the first half of the first Trump administration. I had long enjoyed Tom Lehrer's music, and I knew he had worked for the NSA during the Korean War era.
The NSA's research directorate has an electronic library, so I eventually figured, what the heck, let's see if we can find anything he published internally!
And I found a few articles I can't comment on. But there was one unclassified article-- "Gambler's Ruin With Soft-Hearted Adversary".
The paper was co-written by Lehrer and R. E. Fagen, published in January, 1957.
The mathematical content is pretty interesting, but that's not what stuck out to me when I read it.
See, the paper cites FIVE sources throughout its body. But the bibliography lists SIX sources.
What's the leftover?
Well, you can look through the entirety of the body of the paper. It'll take you a while, but you can pretty quickly pick up that sources 1, 2, 4, 5, and 6 are all cited.
But if you know anything about Lehrer's musical career, you can probably figure it out by looking at the bibliography.
See, entry 3 in the bibliography is "Analytic and Algebraic Topology of Locally Euclidean Metrizations of Infinitely Differentiable Riemannian Manifolds" by one N. Lobachevsky.
And if you've ever heard Leher's song "Lobachevsky", you may have just finished that title with "Bozhe moi!"
Now, it's important to note: this paper was published internally in 1957. Tom Lehrer had recorded and released "Songs by Tom Lehrer" in 1953, with "Lobachevsky" included. The song had already achieved some success.
...but nobody at the NSA noticed when he and Fagan dropped it in as a reference.b
It struck me as a very Lehrer-ish sort of prank. It's harmless, it's light-hearted, and it thumbs its nose a bit at stuffy respectability through its unfailing pretense of seriousness.
How had other people reacted to the joke, I wondered?
So I sent an email to the NSA historians. And I asked them: hey, when was this first noticed, and how much of a gas did people think it was? Did he get in trouble for it? That sort of stuff.
The answer came back: "We've never heard of this before. It's news to us."
In November of 2016, nearly 60 years after the paper was published internally, I had discovered the joke.
A few years later, I filed to have the paper declassified, and the NSA eventually agreed, and even put it up on their webpage:
media.defense.gov/2021/Jul/14/...
https://media.defense.gov/2021/Jul/14/2002762807/-1/-1/0/GAMBLERS-RUIN.PDF/GAMBLERS-RUIN.PDF
Rich Fagen @richfagen.bsky.social
· 9d
Thank you for posting this amazing story. My father (R.E. Fagen) was the co-author of this article with Tom. They worked together at "No Such Agency" and co-authored a few papers that were published in scholarly journals. (Scroll to the bottom on Tom's Wikipedia page under Publications).
//
https://www.buzzfeed.com/bensmith/tom-lehrer
Looking For Tom Lehrer, Comedy's Mysterious Genius
Tom Lehrer is considered one of the most influential figures in comedy — despite a body of work consisting of just 37 pitch-black songs and a career that stopped abruptly when the counterculture he he...
fsandow.bsky.social @fsandow.bsky.social
· 10d
And for those who haven’t seen his contributions to The Electric Company, an educational kids’ show from the 70s:
https://youtu.be/dB2Ff8H7oVo?si=WGXhQjGnqbBqFDqs
Tom Lehrer - "L-Y"
YouTube video by Edgar Aldrett
youtu.be
A team in China just showed that the math behind RSA encryption is starting to bend to the will of the quantum realm.
Using a quantum annealing processor built by D‑Wave Systems, the researchers say they factored a 22‑bit RSA integer that had resisted earlier attempts on the same class of hardware. Wang Chao and colleagues at Shanghai University carried out the experiment. //
When RSA encryption debuted in 1977 it was lauded for tying security to the difficulty of splitting a large semiprime into its two prime factors .
Classic computers still need sub‑exponential time to break today’s 2048‑bit keys, and the largest key so far cracked with conventional methods is only 829 bits (RSA‑250) after weeks on a supercomputer.
“Using the D‑Wave Advantage, we successfully factored a 22‑bit RSA integer, demonstrating the potential for quantum machines to tackle cryptographic problems,” the authors wrote. //
Universal, gate‑based quantum machines run Shor’s algorithm, which in principle can shred RSA by finding the period of modular exponentiation in polynomial time.
Those devices still struggle with error correction, while D‑Wave’s annealers, though not universal, already pack more than 5000 qubits and avoid deep circuits by using a chilling 15 mK environment and analog evolution. //
A White House event framing the publication urged U.S. agencies to begin swapping vulnerable keys because adversaries may already be hoarding encrypted data for “hack now, decrypt later” attacks.
“Businesses must treat cryptographic renewal like a multi‑year infrastructure project,” the Wall Street Journal’s CIO briefing noted when the final standards neared release last year. Corporate technology leaders echoed that sense of urgency. //
Large‑key RSA is still safe today, yet the study shows that hardware improvements and smarter embeddings keep shaving away at the gap.
Encrypted chat apps like Signal and WhatsApp are one of the best ways to keep your digital conversations as private as possible. But if you’re not careful with how those conversations are backed up, you can accidentally undermine your privacy.
When a conversation is properly encrypted end-to-end, it means that the contents of those messages are only viewable by the sender and the recipient. The organization that runs the messaging platform—such as Meta or Signal—does not have access to the contents of the messages. But it does have access to some metadata, like the who, where, and when of a message. Companies have different retention policies around whether they hold onto that information after the message is sent.
What happens after the messages are sent and received is entirely up to the sender and receiver. If you’re having a conversation with someone, you may choose to screenshot that conversation and save that screenshot to your computer’s desktop or phone’s camera roll. You might choose to back up your chat history, either to your personal computer or maybe even to cloud storage (services like Google Drive or iCloud, or to servers run by the application developer).
Those backups do not necessarily have the same type of encryption protections as the chats themselves, and may make those conversations—which were sent with strong, privacy-protecting end-to-end encryption—available to read by whoever runs the cloud storage platform you’re backing up to, which also means they could hand them at the request of law enforcement.
In response to a FOIA request, the NSA released “Fifty Years of Mathematical Cryptanalysis (1937-1987),” by Glenn F. Stahly, with a lot of redactions.
Weirdly, this is the second time the NSA has declassified the document. John Young got a copy in 2019. This one has a few less redactions. And nothing that was provided in 2019 was redacted here.
Starting from version 1.26.7, VeraCrypt discontinued support for the TrueCrypt format to prioritize the highest security standards. However, recognizing the transitionary needs of our users, we have preserved version 1.25.9, the last to support the TrueCrypt format.
On this page, users can find download links for version 1.25.9, specifically provided for converting TrueCrypt volumes to the more secure VeraCrypt format. We strongly recommend transitioning to VeraCrypt volumes and using our latest releases for ongoing encryption needs, as they encompass the latest security enhancements.
ZKLP system allows apps to confirm user presence in a region without exposing exactly where
Computer scientists from universities in Germany, Hong Kong, and the United Kingdom have proposed a way to provide verifiable claims about location data without surrendering privacy.
The technique, referred to as Zero-Knowledge Location Privacy (ZKLP), aims to provide access to unverified location data in a way that preserves privacy without sacrificing accuracy and utility for applications that might rely on such data. It's described in a paper [PDF] presented this week at the 2025 IEEE Symposium on Security and Privacy.
The original leak site that never sold out, never surrendered //
Obituary John Young, the co-founder of the legendary internet archive Cryptome, died at the age of 89 on March 28. The Register talked to friends and peers who gave tribute to a bright, pugnacious man who was devoted to the public's right to know.
Before WikiLeaks, OpenLeaks, BayFiles, or Transparency Toolkit, there was Cryptome - an open internet archive that inspired them all, helped ignite the first digital crypto war, and even gave Julian Assange his start before falling out with him on principle. //
The feds launched an investigation into Zimmermann and PGP under the Arms Export Control Act. That investigation was dropped and the source code was eventually published in print, but it inspired Young to launch Cryptome in 1996. His goal: publish documents about encryption and other matters that the government didn't necessarily want people to know, so that people could make up their own minds.
GaidinBDJ Ars Scholae Palatinae
11y
1,266
Subscriptor
actor0 said:
Why do people think E2R encryption means the data can't be decrypted?
Probably a gross misunderstanding of encryption in general.ANYONE with access to the keys can unlock it.
The ones with access to the keys own the platform.
The one who own the platform are legally required to submit your info to Subpoena, Homeland Security warrants, and Patriot Act related actions.
This is totally incorrect.
With end-to-end encryption, the platform doesn't have the keys. The clients exchange keys through the platform, but it's done in a way that the platform doesn't know what they are. A subpoena doesn't let them provide information they don't have. The platform may have metadata about your message, but not the contents.
On the Wikipedia page for Diffie-Hellman key exchange there's a good diagram explaining the concept of how you can exchange private keys through public transport. It's the one down the page a bit where they use paint colors. In the real world, it's done with math, but the paint concept is sound to understand the underlying idea.
A team of researchers confirmed that behavior in a recently released formal analysis of WhatsApp group messaging. They reverse-engineered the app, described the formal cryptographic protocols, and provided theorems establishing the security guarantees that WhatsApp provides. Overall, they gave the messenger a clean bill of health, finding that it works securely and as described by WhatsApp.
They did, however, confirm a behavior that should give some group messaging users pause: Like other messengers billed as secure—with the notable exception of Signal—WhatsApp doesn’t provide any sort of cryptographic means for group management.
“This means that it is possible for the WhatsApp server to add new members to a group,” Martin R. Albrecht, a researcher at King's College in London, wrote in an email. “A correct client—like the official clients—will display this change but will not prevent it. Thus, any group chat that does not verify who has been added to the chat can potentially have their messages read.” //
By contrast, the open source Signal messenger provides a cryptographic assurance that only an existing group member designated as the group admin can add new members. //
Most messaging apps, including Signal, don’t certify the identity of their users. That means there’s no way Signal can verify that the person using an account named Alice does, in fact, belong to Alice. It’s fully possible that Malory could create an account and name it Alice. (As an aside, and in sharp contrast to Signal, the account members that belong to a given WhatsApp group are visible to insiders, hackers, and to anyone with a valid subpoena.)
Signal does, however, offer a feature known as safety numbers. It makes it easy for a user to verify the security of messages or calls with specific contacts. When two users verify out-of-band—meaning using a known valid email address or cell phone number of the other—that Signal is displaying the same safety number on both their devices, they can be assured that the person claiming to be Alice is, in fact, Alice.
- Airgapped raspberry pi computer with touch screen and camera
- Featuring LUKS full disk encryption
- For secure offline blockchain transactions and for secure encrypted messaging
- Move files across the airgap to other devices using QR-Codes
The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic encryption, attribute-based encryption, zero-knowledge proofs, and secure multiparty computation.
It’s full of good advice. I especially appreciate this warning:
When deciding whether to use Advanced Cryptography, start with a clear articulation of the problem, and use that to guide the development of an appropriate solution. That is, you should not start with an Advanced Cryptography technique, and then attempt to fit the functionality it provides to the problem.
And:
In almost all cases, it is bad practice for users to design and/or implement their own cryptography; this applies to Advanced Cryptography even more than traditional cryptography because of the complexity of the algorithms. It also applies to writing your own application based on a cryptographic library that implements the Advanced Cryptography primitive operations, because subtle flaws in how they are used can lead to serious security weaknesses.
To avoid having to deal with further issues relating to RSA keys, I've decided to migrate all my SSH keys to Ed25519.
Potential issues with RSA keys
- Key length growth: Will gradually require more bits to stay secure as compute capacity advances (Current minimum: 2048 bits)
- Not future proof: Potentially vulnerable to breaking by quantum computers
Advantages of Ed25519 (EdDSA) keys: - Performance: Ed25519 is the fastest performing algorithm across all metrics
- Security: EdDSA provides the highest security level as compared to other algorithms with the same key length (Source)
- Dummy proof: No need to specify number of bits when generating keys
- Shorter public keys: No wrangling with unwieldily long public key strings like in RSA 4096-bit
For context, 253 bits EdDSA is equivalent in strength to RSA ~3000 bits. As you can see, Ed25519 blows all other cryptographic algorithms out the water in terms of performance.
It’s hard to have a conversation with anyone in Washington these days without using Signal. I hate the app. It’s just one more messaging app that must be checked. Everyone in Washington, it seems, has Signal. Government officials use it. Reporters use it. Politicians on Capitol Hill use it. Hillary Clinton used an insecure email server. Everyone else just uses Signal, which, at least, is end-to-end encrypted.
With China thoroughly infiltrating our telecom system, no officials in DC are using built in phone messaging apps or voice to communicate important information now. Apple’s iMessage is robust and secure if the bubbles are blue. But someone may have their iCloud backup turned on, which would capture the chat. What’s App is fine and secure. But, again, someone might have a backup. Signal is secure and once a message is deleted, it is deleted. It is the preferred app.
For members of the Trump Administration, which last term saw rogue embedded progressives leaking classified information and even now has seen ICE raid information leak, bypassing government approved means of communications for Signal makes sense — the rogue bureaucrats provided the incentive.
But that is no excuse to add a reporter to a secure group chat trading information related to bombing the Houthis as the Trump national security team did. //
- This whole mess really does suggest that the Trump Administration, like the Biden Administration, has no clue how to get the Chinese out of our telecom networks.
The U.K. government appears to have quietly scrubbed encryption advice from government web pages, just weeks after demanding backdoor access to encrypted data stored on Apple’s cloud storage service, iCloud.
Once the backdoor exists, others will attempt to surreptitiously use it. A technical means of access can’t be limited to only people with proper legal authority. Its very existence invites others to try. In 2004, hackers—we don’t know who—breached a backdoor access capability in a major Greek cellphone network to spy on users, including the prime minister of Greece and other elected officials. Just last year, China hacked U.S. telecoms and gained access to their systems that provide eavesdropping on cellphone users, possibly including the presidential campaigns of both Donald Trump and Kamala Harris. That operation resulted in the FBI and the Cybersecurity and Infrastructure Security Agency recommending that everyone use end-to-end encrypted messaging for their own security. //
It’s a question of security vs. security. Yes, we are all more secure if the police are able to investigate and solve crimes. But we are also more secure if our data and communications are safe from eavesdropping. A backdoor in Apple’s security is not just harmful on a personal level, it’s harmful to national security. We live in a world where everyone communicates electronically and stores their important data on a computer. These computers and phones are used by every national leader, member of a legislature, police officer, judge, CEO, journalist, dissident, political operative, and citizen. They need to be as secure as possible: from account takeovers, from ransomware, from foreign spying and manipulation. Remember that the FBI recommended that we all use backdoor-free end-to-end encryption for messaging just a few months ago.
Securing digital systems is hard. Defenders must defeat every attack, while eavesdroppers need one attack that works. Given how essential these devices are, we need to adopt a defense-dominant strategy. To do anything else makes us all less safe. //
Stéphan • February 26, 2025 7:37 AM
It will be interesting to see if the UK Govt is satisfied with the disabling of ADP, because that would confirm the backdoor is already in place for non-ADP iCloud accounts. Which would mean it is likely also in place for non-E2E-encrypted cloud services like Google and MS365 accounts. With this move Apple came up with a clever canary about the true underlying situation.
End-to-end encryption for things that matter.
Keybase is secure messaging and file-sharing.
When the FBI urges E2EE, you know it's serious business. //
In the wake of the Salt Typhoon hacks, which lawmakers and privacy advocates alike have called the worst telecoms breach in America's history, the US government agencies have reversed course on encryption.
After decades of advocating against using this type of secure messaging, "encryption is your friend," Jeff Greene, CISA's executive assistant director for cybersecurity, told journalists last month at a press briefing with a senior FBI official, who also advised us to use "responsibly managed encryption" for phone calls and text messages.
In December, CISA published formal guidance [PDF] on how to keep Chinese government spies off mobile devices, and "strongly urged" politicians and senior government officials — these are "highly targeted" individuals that are "likely to possess information of interest to these threat actors" — to ditch regular phone calls and messaging apps and instead use only end-to-end encrypted communications.
It's a major about-face from the feds, which have historically demanded law enforcement needs a backdoor to access people's communications — but only for crime-fighting and terrorism-preventing purposes.
"We know that bad guys can walk through the same doors that are supposedly built for the good guys," Virtru CEO and co-founder John Ackerly told The Register. "It's one thing to tap hardline wires or voice communication. It's yet another to open up the spigot to all digital communication." //
Pete 2Silver badge
Who's who?
"We know that bad guys can walk through the same doors that are supposedly built for the good guys,"
Although which are the good / bad guys is increasingly difficult to determine. //
Aleph0
Reply Icon
Re: Who's who?
The Patrician to Captain Vimes, in Guards! Guards!: "I believe you find life such a problem because you think there are the good people and the bad people," said the man. "You're wrong, of course. There are, always and only, the bad people, but some of them are on opposite sides.". //
Al fazed
Reply Icon
WTF?
Re: I bet . . .
and the only people interested in spying on you are good people, who have your best interests at heart.
A few of us don't believe this bullsh*t, even here in the UK.
ALF. //
Caffeinated Sponge
Reply Icon
Re: I bet . . .
The last I heard, British Conservatives were still all over the idea that 'only people with something to hide should want encryption'.
Of course, as with the Sir Pterry quote above, whilst this is actually true it is built around the easy to sell misconception that the only people with anything to hide are bad people.
Ente Auth
Open source 2FA authenticator, with end-to-end encrypted backups
Secure Backups
Auth provides end-to-end encrypted cloud backups so you don't have to worry about losing your tokens. Our cryptography has been externally audited.
Cross platform sync
Auth has an app for every platform. Mobile, desktop and web. Your codes sync across all your devices, end-to-end encrypted.