DiscoverSecurity Cryptography WhateverSignal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted
Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted

Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted

Update: 2023-11-071
Share

Description

We're back! Signal rolled out a protocol change to be post-quantum resilient! Someone was caught intercepting Jabber TLS via certificate transparency! Was the same-origin policy in web browers just a dirty hack all along? Plus secure message format formalisms, and even more beating of the dead horse that is E2EE in the browser.

Transcript: https://securitycryptographywhatever.com/2023/11/07/PQXDH-etc

Links:

- https://zfnd.org/so-you-want-to-build-an-end-to-end-encrypted-web-app/
- https://github.com/superfly/macaroon
- https://cryspen.com/post/pqxdh/
- https://eprint.iacr.org/2023/1390.pdf


"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Comments 
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted

Signal's Post-Quantum PQXDH, Same-Origin Policy, E2EE in the Browser Revisted

Security, Cryptography, Whatever