Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted

Update: 2023-11-07

Description

We're back! Signal rolled out a protocol change to be post-quantum resilient! Someone was caught intercepting Jabber TLS via certificate transparency! Was the same-origin policy in web browers just a dirty hack all along? Plus secure message format formalisms, and even more beating of the dead horse that is E2EE in the browser.

Transcript: https://securitycryptographywhatever.com/2023/11/07/PQXDH-etc

Links:

- https://zfnd.org/so-you-want-to-build-an-end-to-end-encrypted-web-app/
- https://github.com/superfly/macaroon
- https://cryspen.com/post/pqxdh/
- https://eprint.iacr.org/2023/1390.pdf

"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Comments

Top Podcasts

The Best New Comedy Podcast Right Now – June 2024 The Best News Podcast Right Now – June 2024 The Best New Business Podcast Right Now – June 2024 The Best New Sports Podcast Right Now – June 2024 The Best New True Crime Podcast Right Now – June 2024 The Best New Joe Rogan Experience Podcast Right Now – June 20 The Best New Dan Bongino Show Podcast Right Now – June 20 The Best New Mark Levin Podcast – June 2024

In Channel

A Little Bit of Rust Goes a Long Way with Android's Jeff Vander Stoep

2024-10-1501:13:55

Campaign Security with [REDACTED]

2024-10-1301:23:39

Telegram with Matthew Green

2024-09-0701:04:04

Summertime Sadness

2024-07-2557:26

Zero Day Markets with Mark Dowd

2024-06-2401:25:49

ekr

2024-05-2401:48:16

STIR/SHAKEN with Paul Grubbs and Josh Brown

2024-04-3001:01:47

Cryptography Tier List

2024-03-2319:28

Post-Quantum iMessage with Douglas Stebila

2024-03-0355:34

High-assurance Post-Quantum Crypto with Franziskus Kiefer and Karthik Bhargavan

2024-01-2956:13

Encrypting Facebook Messenger with Jon Millican and Timothy Buck

2023-12-2859:35

Attacking Lattice-based Cryptography with Martin Albrecht

2023-11-1357:20

Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted

2023-11-0701:19:05

'Jerry Solinas deserves a raise' with Steve Weis

2023-10-1257:31

Cruel Summer: hybrid signatures, Downfall, Zenbleed, 2G downgrades

2023-09-1358:35

Why do we think anything is secure, with Steve Weis

2023-06-2946:17

Elon's Encrypted DMs with Matthew Garrett

2023-05-2952:28

WhatsApp Key Transparency with Jasleen Malvai and Kevin Lewi

2023-05-0655:43

Messaging Layer Security (MLS) with Raphael Robert

2023-04-2255:02

Real World: Crypto (2023)

2023-03-2554:51

00:00

1.0x

Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted

Security, Cryptography, Whatever

#box-pro-ellipsis-173075440152669{-webkit-line-clamp:2;}Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted

Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted

Security, Cryptography, Whatever

Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted