HackerTrans
TopNewTrendsCommentsPastAskShowJobs

honzaik

no profile record

comments

honzaik
·11일 전·discuss
look at essentially any proceedings of any conference (in crypto we dont really do journals). see EUROCRYPT for example https://link.springer.com/book/10.1007/978-3-031-91098-2 in there, every paper will be cut down and referring to full version for proofs etc. which are typically on eprint.iacr.org
honzaik
·11일 전·discuss
cryptography, for example, which is essentially math + cs together
honzaik
·지난달·discuss
Location: Prague, Czechia (CET)

Remote: Yes

Willing to relocate: Open

Technologies: cryptography (post-quantum, provable security, applied cryptography, security protocols, elliptic curves), PKI, Rust, Java, PHP, Python, Sage, C++, SQL, SAML, AdES

CV: https://files.honza.phd/resume.pdf

Email: [email protected]

Security researcher specializing in post-quantum cryptography and applied protocol security. Experienced in designing and evaluating real-world migration strategies for cryptographic infrastructure (PKI, TLS, SAML), with contributions to open-source libraries and standards-related validation efforts.

I am finishing my PhD in cryptography in a month. The focus of my PhD work was to develop a migration plan to post-quantum cryptography for a Qualified Trust Service Provider in Luxembourg.
honzaik
·2개월 전·discuss
this is like arguing that laws are useless because theyre not bulletproof. please stop with this pseudological thinking
honzaik
·2개월 전·discuss
maybe they were using quantum computers the whole time https://eprint.iacr.org/2022/1178 /s
honzaik
·2개월 전·discuss
I can't wait to give Google more data about my browsing habits! Seriously, this is insane and everyone who supports this lost the plot.
honzaik
·2개월 전·discuss
although emdashes are not common on the internet, there are prevalent in books.
honzaik
·3개월 전·discuss
I was just wondering about that. Did they embrace it as a “signature look”? it cant be accidental, right?
honzaik
·3개월 전·discuss
last week's "truth" (https://truthsocial.com/@realDonaldTrump/posts/1164091464198...)

"I am willing to risk the giving up of my Rights and Privileges as a Citizen for our Great Military and Country! Our Military Patriots desperately need FISA 702, and it is one of the reasons we have had such tremendous SUCCESS on the battlefield."
honzaik
·3개월 전·discuss
I am aware that google will take looong time to act. that is why I mentioned that it is LinkedIn (Microsoft) or its contracted fingerprinting/"monitoring" partner who may have more direct ways to report this if they actually investigate malicious extensions.

but that doesn't really matter. for the sake of the argument assume the extensions are not malicious (as evidenced e.g. by the PQC one with ?16 users?) does that change the situation?
honzaik
·3개월 전·discuss
well if they have evidence why they dont report it? why are these extensions on the store? im sure linkedin has enough motion to report it directly to google

also, having a PQC enabled extension doesnt seem like a good "large user base capture" tactic.

the source code is as usual obfuscated react but that doesnt mean its malicious...

EDIT: i debuged the extension quickly and it doesnt seem to do anything malicious. it only sends https://pqc-extension.vercel.app/?hostname=[domain] request to this backend to which it has permissions. it doesnt seem to exfiltrate anything else. it might get triggered later but it has very limited permissions anyway so it doesnt seem to be a malicious extension. (but im no expert)
honzaik
·3개월 전·discuss
it apparently scans for something like "PQC Checker", an extension for checking if TLS connection is PQC-enabled? how is that a spam extension (and thats just a random one i saw)
honzaik
·3개월 전·discuss
1) yes, everything is affected, but everything else is being migrated to PQC as we speak

2) "256-bit encryption" has different meanings in different contexts. "256-bit security" generally refers to cryptosystem for which an attack takes roughly 2^256 operations. this is true for AES-256 (symmetric encryption) assuming classical adversaries. this is not true for elliptic curve-based algorithms even though the standard curves are "256-bit curves", but that refers to the size of the group and consequently to the size of the private key. the best general attacks use Pollard's rho algorithm which takes roughly 2^128 operations, i.e., 256-bit curves have 128-bit security.

in the context of quantum attackers, AES-256 is still fine although theoretically QCs halve the security; however its not that big of a deal in practice and ultimately AES-128 is still fine, because doing 2^64 "quantum operations" is presumed to be difficult to do in practice due to parallelization issues etc.

the elliptic curve signatures (used in Bitcoin) are attacked using Shor's algorithm where the big deal is that it is asymptotically polynomial (about O(n^3)) meaning that factoring a 256-bit number is only 256^3/4^3 = 262144x more difficult compared to factoring 15. this is a big difference from "standard" exponential complexity where the difficulty increases exponentially by factors of 2^n. (+ lets ignore that elliptic curve signatures dont rely on factoring but the problem is essentially the same because Shor does both because those are hidden subgroup problems)

the analysis is more complex but most of it is essentially in that paper and explains it nicely.
honzaik
·4개월 전·discuss
the NYT is reporting this was the US https://www.nytimes.com/2026/03/05/world/middleeast/iran-sch... i recommend employing more critical thinking in the future and less propaganda spreading
honzaik
·8개월 전·discuss
this comment feels so eerie as I am currently reading Zuboff's "The Age of Surveillance Capitalism," which itself is interesting to read now since its written before the huge AI leap.

Also, it reminded me of the following quote, mentioned in the book, from Langdon Winner

The changes and disruptions that an evolving technology repeatedly caused in modern life were accepted as given or inevitable simply because no one bothered to ask whether there were other possibilities.