Subscribe to Cryptography Dispatches for more!
Subscribe
25 Sep 2024
The FIPS Compliance of HKDF
21 Aug 2024
Let’s All Agree to Use Seeds as ML-KEM Keys
17 Jul 2024
age Plugins
08 Jul 2024
Geomys, a blueprint for a sustainable open source maintenance firm
26 Jun 2024
XAES-256-GCM
06 Apr 2024
My Maintenance Policy
14 Feb 2024
PINs for Cryptography with Hardware Secure Elements
30 Jan 2024
Post-quantum Cryptography for the Go Ecosystem
07 Nov 2023
Enough Polynomials and Linear Algebra to Implement Kyber
24 Oct 2023
Why We Don’t Generate Elliptic Curves Every Day
05 Oct 2023
Announcing the $12k NIST Elliptic Curves Seeds Bounty
06 Jul 2023
I want XAES-256-GCM/11
11 Apr 2023
A Cryptographic Near Miss
23 Mar 2023
Planning Go 1.21 Cryptography Work
03 Mar 2023
Avoid The Randomness From The Sky
02 Feb 2023
I’m Now a Full-Time Professional Open Source Maintainer
08 Jan 2023
ssh whoami.filippo.io
04 Jan 2023
Go 1.20 Cryptography
28 Dec 2022
My age+YubiKeys Password Management Solution
09 Nov 2022
A GC-Friendly Go Interning Cache
02 Nov 2022
Why Did the OpenSSL Punycode Vulnerability Happen
26 Oct 2022
The Reciprocal Value of Access to Maintainers
29 Sep 2022
age and Authenticated Encryption
12 Sep 2022
Planning Go 1.20 Cryptography Work
04 Aug 2022
A Wide Reduction Trick
29 Jul 2022
KEMs and Post-Quantum age
17 Mar 2022
How to pay professional maintainers
11 Dec 2021
Professional maintainers: a wake-up call
16 Sep 2021
Automatic Cipher Suite Ordering in crypto/tls
10 Jan 2021
The Most Backdoor-Looking Bug I’ve Ever Seen
18 Dec 2020
Re-Deriving the edwards25519 Decoding Formulas
08 Oct 2020
Reconstruct Instead of Validating
08 Sep 2020
NaCl Is Not a High-Level API
22 Aug 2020
Registries Considered Harmful
19 Jul 2020
Replace PGP With an HTTPS Form
04 Jul 2020
DSA Is Past Its Prime
27 May 2020
Is X25519 Associative? Sometimes!
24 Apr 2020
OpenSSH 8.2 Just Works with U2F/FIDO2 Security Keys
18 Apr 2020
Hacking together a USB-C charger for a cheap Chromebook
15 Mar 2020
Install Go tools from modules with brew-gomod
28 Feb 2020
New Crypto in Go 1.14
10 Feb 2020
The Linux CSPRNG Is Now Good!
18 Jul 2019
Efficient Go APIs with the mid-stack inliner
06 Jul 2019
Hello World, and OpenPGP Is Broken
18 May 2019
Using Ed25519 signing keys for encryption
02 Apr 2019
A Go implementation of Poly1305 that makes sense
07 Jan 2019
mkcert: valid HTTPS certificates for localhost
10 Sep 2018
Touch-to-operate password-store with YubiKey 4
03 May 2018
Making a Gmail bot with Apps Script and TypeScript
07 Feb 2018
Easy Windows and Linux cross-compilers for macOS
14 Oct 2017
Live streaming Cryptopals
04 Oct 2017
The scrypt parameters
28 Sep 2017
We need to talk about Session Tickets
16 Sep 2017
A secure captive portal browser with automatic DNS detection
06 Sep 2017
Playing with kernel TLS in Linux 4.13 and Go
29 Aug 2017
restic cryptography
15 Aug 2017
rustgo: calling Rust from Go with near-zero overhead
13 Aug 2017
Cleaning up my GOPATH with Homebrew
23 Apr 2017
Reproducing Go binaries byte-by-byte
31 Mar 2017
Setting a custom FileVault (macOS FDE) passphrase
09 Feb 2017
Finding Ticketbleed
07 Feb 2017
Go Time #32 - Hellogopher, whosthere?
01 Feb 2017
TLS 1.3 at 33c3
23 Jan 2017
How to protect yourself from the WebEx extension
02 Jan 2017
So you want to expose Go on the Internet
06 Dec 2016
I'm giving up on PGP
12 Oct 2016
TLS nonce-nse
25 Sep 2016
An overview of TLS 1.3
31 Aug 2016
So I lost my OpenBSD FDE password
18 Jul 2016
The complete guide to Go net/http timeouts
05 Jul 2016
Securing a travel iPhone
03 Jul 2016
Analyzing Go Vendoring with BigQuery
02 Jul 2016
git fixup: --amend for older commits
13 Jun 2016
Stale GOROOT and gorebuild
26 May 2016
Untrusting an intermediate CA on OS X
09 May 2016
Self-host analytics for better privacy and accuracy
09 May 2016
vendorcheck: the simplest Go static analysis tool
07 May 2016
"LuckyMinus20": Yet Another Padding Oracle in OpenSSL CBC Cipher Suites
17 Apr 2016
Shrink your Go binaries with this one weird trick
04 Apr 2016
Understanding Metrics in the Age of the TSDB
23 Mar 2016
Technical notes: mixing speaker and slides recording with FFmpeg
22 Jan 2016
Coverage for end-to-end tests of Go programs
05 Jan 2016
Bleichenbacher'06 signature forgery in python-rsa
18 Dec 2015
Most Go tools now work with GO15VENDOREXPERIMENT
08 Dec 2015
SSLv2 redux: patching Go crypto/tls to work with IE6
11 Nov 2015
"Automated Testing with go-fuzz" @ GothamGo
29 Oct 2015
Creative foot-shooting with Go RWMutex
26 Aug 2015
Building Python modules with Go 1.5
06 Aug 2015
DNS parser, meet Go fuzzer
04 Aug 2015
A deep look at CVE-2015-5477
04 Aug 2015
ssh whoami.filippo.io
03 Aug 2015
Quick and dirty annotations for Go stack traces
03 Aug 2015
Technical notes: convert a partition image to a bootable disk image
01 Jul 2015
Setting Go variables at compile time
18 Jun 2015
Go has a debugger—and it's awesome!
06 Jun 2015
How Plex is doing HTTPS for all its users
21 May 2015
Logjam explained
08 Apr 2015
The unofficial Chrome SHA1 deprecation FAQ
31 Mar 2015
The sad state of SMTP encryption
20 Feb 2015
Komodia/Superfish SSL Validation is broken
20 Feb 2015
Make your own Superfish infected VM
12 Feb 2015
So I lost my NAS password
11 Jan 2015
scrypt all the things!
10 Nov 2014
PSA: enable automatic updates. Please.
29 Jun 2014
"The Heartbleed Test" @ OWASP / NYU Poly
28 May 2014
Salt & Pepper, please: a note on password storage
31 Mar 2014
On Keybase.io and encrypted private key uploading
26 Mar 2014
Why Go is elegant and makes my code elegant
18 Mar 2014
My remote shell session setup
13 Mar 2014
Native scrolling and iTerm2
12 Dec 2013
How the new Gmail image proxy works and what this means for you
10 Nov 2013
The ECB Penguin
Subscribe to Cryptography Dispatches for more!
Subscribe