No not the movie: the secure group messaging protocol! Or rather all the bugs and vulns that a team of researchers found when trying to formalize said protocol. Martin Albrecht and Dan Jones joined us to walk us through "Practically-exploitable Cryptographic
Vulnerabilities in Matrix".
Transcript:
https://securitycryptographywhatever.com/2022/11/02/Matrix-with-Martin-Albrecht-Dan-Jones/
Links:
- https://nebuchadnezzar-megolm.github.io/static/paper.pdf
- https://nebuchadnezzar-megolm.github.io
- Signal Private Group system: https://eprint.iacr.org/2019/1416.pdf
- https://signal.org/blog/signal-private-group-system/
- https://spec.matrix.org/latest/
- WhatsApp Security Whitepaper: https://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf
- https://www.usenix.org/conference/usenixsecurity21/presentation/albrecht FS, PCS etc
- Other clients: https://nvd.nist.gov/vuln/detail/CVE-2022-39252 https://nvd.nist.gov/vuln/detail/CVE-2022-39254 https://nvd.nist.gov/vuln/detail/CVE-2022-39264
- https://dadrian.io/blog/posts/roll-your-own-crypto/
- https://podcasts.apple.com/us/podcast/the-great-roll-your-own-crypto-debate-feat-filippo-valsorda/id1578405214?i=1000530617719
- WhatsApp End-to-End Encrypted Backups: https://blog.whatsapp.com/end-to-end-encrypted-backups-on-whatsapp
- Roll your own and Telegram: https://mtpsym.github.io/
"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@dadrian)
Fler avsnitt av Security Cryptography Whatever
Visa alla avsnitt av Security Cryptography WhateverSecurity Cryptography Whatever med Deirdre Connolly, Thomas Ptacek, David Adrian finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.