101010.pl is one of the many independent Mastodon servers you can use to participate in the fediverse.
101010.pl czyli najstarszy polski serwer Mastodon. Posiadamy wpisy do 2048 znaków.

Server stats:

474
active users

#pqc

0 posts0 participants0 posts today
Frederic Jacobs<p>⚛️ The Lean roadmap for Ethereum introduces Post-Quantum security</p><p>👉 At the consensus layer, hash-based aggregate signatures upgrade BLS signatures</p><p>👉 At the data layer, hash-based DAS commitments upgrade KZG commitments</p><p>👉 A ZK-friendly, possibly RISC-V-based, execution layer where a hash-based real-time zkVMs upgrades EVM re-execution</p><p><a href="https://blog.ethereum.org/en/2025/07/31/lean-ethereum" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.ethereum.org/en/2025/07/3</span><span class="invisible">1/lean-ethereum</span></a></p><p>Follow Progress: <a href="https://leanroadmap.org" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">leanroadmap.org</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a></p>
Frederic Jacobs<p>This paper has learnings outside of cryptocurrencies in how to prepare for the post-quantum transition.</p><p>Protocols using seeds as private keys, can generate post-quantum private keys from that seed, and then prove in zero knowledge of the "seed" used in key derivation. </p><p>EdDSA signatures (Cosmos) provide this out of the box, making them post-quantum ready whereas ECDA (Bitcoin) private keys expose the scalar in derivation and therefore don't have the same properties</p><p><a href="https://eprint.iacr.org/2025/1368" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">eprint.iacr.org/2025/1368</span><span class="invisible"></span></a><br><a href="https://mastodon.social/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Cryptomator" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cryptomator</span></a>: Our Roadmap to Post-Quantum <a href="https://mastodon.thenewoil.org/tags/Cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cryptography</span></a></p><p><a href="https://cryptomator.org/blog/2025/07/24/post-quantum-roadmap/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cryptomator.org/blog/2025/07/2</span><span class="invisible">4/post-quantum-roadmap/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a> <a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a></p>
the magnificent rhys<p>Apropos nothing, Daniel Bernstein's post from earlier in the year on the viability of quantum computing.</p><p><a href="https://mastodon.rhys.wtf/tags/quantum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quantum</span></a> <a href="https://mastodon.rhys.wtf/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a> <a href="https://mastodon.rhys.wtf/tags/cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cryptography</span></a> </p><p><a href="https://blog.cr.yp.to/20250118-flight.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.cr.yp.to/20250118-flight.</span><span class="invisible">html</span></a></p>
PGPkeys EU<p>News from the coalface: </p><p>Upgrading the <a href="https://infosec.exchange/tags/Hockeypuck" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hockeypuck</span></a> <a href="https://infosec.exchange/tags/openpgp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openpgp</span></a> <a href="https://infosec.exchange/tags/keyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keyserver</span></a> in-place has historically not been a smooth experience. In particular, the search indexes are only updated on write during normal operation, and the database schema is not updated at all. When major changes are made to the back end code, the dataset therefore has to be dumped and reloaded. This requires double the disk space and adds to the burden of maintaining a keyserver.</p><p>In preparation for <a href="https://infosec.exchange/tags/rfc9580" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rfc9580</span></a> and <a href="https://infosec.exchange/tags/pqc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pqc</span></a> keys, we have been working on in-place migrations for the search indexes and database schemas. The hockeypuck master branch now reindexes search terms transparently on startup, which will ensure consistent search results after any changes to the indexing policy. We are also testing a feature to reload the full dataset in-place after an upgrade, which must be run in offline mode due to concurrency limitations, but should otherwise be seamless and does not affect resource usage. Together these changes will reduce the maintenance burden for keyserver operators, and smooth the path for future upgrades.</p><p>In-place post-upgrade migrations, plus improved sync resilience, and hopefully a few additional improvements (watch this space!), will be available in the forthcoming 2.3 release, which is generously supported by <span class="h-card" translate="no"><a href="https://mastodon.xyz/@NGIZero" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>NGIZero</span></a></span> Core.</p>
Conan the Sysadmin<p>For others chasing the moving target of post-quantum cryptography, it seems that openssl-oqs-provider changed the name of the hybrid algorithm p384_mlkem1024 to SecP384r1MLKEM1024 at version 0.9.0, making my nginx.conf file suddenly invalid. Meanwhile, I *think* that Microsoft's indexing bots were about the only clients using pure p384r1.<br><a href="https://mstdn.social/tags/OQS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OQS</span></a> <a href="https://mstdn.social/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a> <a href="https://mstdn.social/tags/PostQuantum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PostQuantum</span></a> <a href="https://mstdn.social/tags/QuantumSafe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QuantumSafe</span></a> <a href="https://mstdn.social/tags/cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cryptography</span></a> <a href="https://mstdn.social/tags/Nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nginx</span></a></p>
Scott Francis<p>Nice -- IBM is donating its CBOM (cryptographic bill of materials) toolset to the Linux Foundation. This is a key component to cryptographic agility, which is NIST's recommended approach to adopting <a href="https://infosec.exchange/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a>.</p><p><a href="https://research.ibm.com/blog/cryptographic-cbom-linux-foundation" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">research.ibm.com/blog/cryptogr</span><span class="invisible">aphic-cbom-linux-foundation</span></a></p>
Jan Schaumann<p>So I don't do <a href="https://mstdn.social/tags/Java" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Java</span></a> for a reason, but trying to get a <a href="https://mstdn.social/tags/pqc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pqc</span></a> client speaking X25519MLKEM768 using BouncyCastle took me overriding the keyshare extension manually, and that can't be right.</p><p><a href="https://gist.github.com/jschauma/118c8ba8ae7f61cba0f45fc36091e8fe" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gist.github.com/jschauma/118c8</span><span class="invisible">ba8ae7f61cba0f45fc36091e8fe</span></a></p><p>Any Java folks out here able to tell me that that's stupid and how to do it the right way?</p>
patpro<p>Hello, I’m hosting a <a href="https://social.patpro.net/tags/vaultwarden" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vaultwarden</span></a> server behind <a href="https://social.patpro.net/tags/caddy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Caddy</span></a> 2.10 and made the following test:</p><p>Tuning Caddy to allow only <a href="https://social.patpro.net/tags/pqc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a> curves:</p><pre><code> tls { curves x25519mlkem768 } </code></pre><p>Trying to connect with <a href="https://social.patpro.net/tags/firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Firefox</span></a> Mac -&gt; OK<br>Trying to connect with <a href="https://social.patpro.net/tags/bitwarden" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bitwarden</span></a> <a href="https://social.patpro.net/tags/android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>android</span></a> client -&gt; Fail</p><p>Without the <a href="https://social.patpro.net/tags/tls" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TLS</span></a> tuning, the Bitwarden Android client will happily connect to the server.</p><p>Is it a problem with the Bitwarden Android client or with Android, or both?</p>
Paul Hoffman<p>The IETF working group that I co-chair, PQUIP, had its first RFC published today. RFC 9794, "Terminology for Post-Quantum Traditional Hybrid Schemes", lists and describes terms used in post-quantum cryptography that are specific to the hybrid schemes that have become the focus for much of the PQC development work.</p><p>In short hybrid schemes are those that fully mix both post-quantum and traditional asymmetric algorithms. There are a lot of ways to mix them (some better than others), and thus there are a lot of properties that different mixtures have. The result is a lot of potentially confusing vocabulary full of similar-looking four-word chains. This document lays out all the differences so that other groups (other IETF working groups, other standards development organizations, governments making standards, ...) can be precise about what schemes they are adopting and why.</p><p>Congrats to the WG and the RFC authors!</p><p><a href="https://datatracker.ietf.org/doc/rfc9794/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">datatracker.ietf.org/doc/rfc97</span><span class="invisible">94/</span></a></p><p><a href="https://infosec.exchange/tags/ietf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ietf</span></a> <a href="https://infosec.exchange/tags/rfc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rfc</span></a> <a href="https://infosec.exchange/tags/pqc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pqc</span></a><br>(not using hashtag-hybrid because this ain't about cars, and certainly not using hashtag-crypto because bleaugh)</p>
OOTS<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@todb" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>todb</span></a></span> I'd argue <a href="https://infosec.exchange/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a> as a technology is legit, but selling it to companies as a product sure smells a lot like snake oil.</p><p><a href="https://infosec.exchange/tags/cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cryptography</span></a> <a href="https://infosec.exchange/tags/quantumcomputing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quantumcomputing</span></a> <a href="https://infosec.exchange/tags/postquantumcryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>postquantumcryptography</span></a></p>
todb in Vegas<p>It's not just me, right? Post-quantum crytography aka <a href="https://infosec.exchange/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a>, especially quantum-resistant cryptography, smells an awful lot like snake oil.</p><p>I cannot figure out how people sell this stuff with apparent sincerity when it's clearly impossible to test in production.</p>
rPGP<p>New release: <a href="https://mastodon.social/tags/rPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rPGP</span></a> version 0.16.0 🧰🔐✨</p><p><a href="https://github.com/rpgp/rpgp/releases/tag/v0.16.0" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/rpgp/rpgp/releases/</span><span class="invisible">tag/v0.16.0</span></a></p><p><a href="https://mastodon.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGP</span></a> implemented in pure <a href="https://mastodon.social/tags/Rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rust</span></a>, permissively licensed</p><p>This release features streaming message support: Now rPGP can process arbitrarily large messages, with modest memory requirements.</p><p>It adds experimental support for the upcoming OpenPGP <a href="https://mastodon.social/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a> IETF standard <a href="https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-pqc" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">datatracker.ietf.org/doc/html/</span><span class="invisible">draft-ietf-openpgp-pqc</span></a></p><p>This release also brings various improvements for key generation, support for X448/Ed448, and many minor fixes.</p>
Scott Francis<p>in particular, you should look at this graph which nicely portrays the advances: as Schneier says, "attacks only get better”. Since 2010 we have now seen 3 orders of magnitude improvement in resources required to factor RSA, and the rate of improvement is itself accelerating. <a href="https://infosec.exchange/tags/quantum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quantum</span></a> <a href="https://infosec.exchange/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a></p>
Blue Ghost<p>09.05.2025: GnuPG announces release of 2.5.6 for public testing, finalized PQC algorithms are supported.<br>Source: <a href="https://lists.gnupg.org/pipermail/gnupg-announce/2025q2/000492.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lists.gnupg.org/pipermail/gnup</span><span class="invisible">g-announce/2025q2/000492.html</span></a></p><p>PQC: <a href="https://wikipedia.org/wiki/Post-quantum_cryptography" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">wikipedia.org/wiki/Post-quantu</span><span class="invisible">m_cryptography</span></a><br>GnuPG: <a href="https://mastodon.online/@blueghost/111974048270035570" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.online/@blueghost/111</span><span class="invisible">974048270035570</span></a><br>Harvest now, decrypt later: <a href="https://mastodon.online/@blueghost/111357939714657018" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.online/@blueghost/111</span><span class="invisible">357939714657018</span></a></p><p><a href="https://mastodon.online/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a> <a href="https://mastodon.online/tags/PostQuantum" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PostQuantum</span></a> <a href="https://mastodon.online/tags/Cryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cryptography</span></a> <a href="https://mastodon.online/tags/GnuPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GnuPG</span></a> <a href="https://mastodon.online/tags/GPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPG</span></a> <a href="https://mastodon.online/tags/Encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encryption</span></a> <a href="https://mastodon.online/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a> <a href="https://mastodon.online/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://mastodon.online/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.online/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://mastodon.online/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.online/tags/QuantumSafe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QuantumSafe</span></a></p>
Linux G. Fossman<p><span class="h-card" translate="no"><a href="https://social.librem.one/@eighthave" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>eighthave</span></a></span> Agreed. People talking about <a href="https://social.vivaldi.net/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a> and breaking <a href="https://social.vivaldi.net/tags/e2ee" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>e2ee</span></a> in the future, while closed source apps, OSes and <a href="https://social.vivaldi.net/tags/ClientSideScanning" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClientSideScanning</span></a> ML/AI agents can simply take a detour around it today!</p>
Heiko<p>New blog article on "Post-quantum cryptography in <a href="https://floss.social/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenPGP</span></a>":</p><p><a href="https://openpgp.foo/posts/2025-05-pqc/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">openpgp.foo/posts/2025-05-pqc/</span><span class="invisible"></span></a></p><p><a href="https://floss.social/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a> <a href="https://floss.social/tags/IETF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IETF</span></a></p>
ADMIN magazine<p>OpenSSL 3.5 is available now and will be supported until April 2030<br><a href="https://www.admin-magazine.com/News/OpenSSL-3.5-Released?utm_source=mam" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">admin-magazine.com/News/OpenSS</span><span class="invisible">L-3.5-Released?utm_source=mam</span></a><br><a href="https://hachyderm.io/tags/OpenSSL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSSL</span></a> <a href="https://hachyderm.io/tags/QuantumComputing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QuantumComputing</span></a> <a href="https://hachyderm.io/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a> <a href="https://hachyderm.io/tags/TLS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TLS</span></a> <a href="https://hachyderm.io/tags/QUIC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QUIC</span></a></p>
CosicBe<p>🚨 Save the date! 🚨<br>Join us in sunny Albena for the PQCSA Summer School, 16–20 June 2025!<br>🔐 Learn the fundamentals of <a href="https://mastodon.social/tags/PostQuantumCryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PostQuantumCryptography</span></a><br>📚 Dive into NIST's PQC standards<br>🛠️ Explore integration challenges &amp; future research<br>🌊 Beach + crypto = perfect combo</p><p>💸 Early bird: €310 (before 23/05)<br>🎟️ Regular: €360</p><p><a href="https://mastodon.social/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/CryptoSummerSchool" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoSummerSchool</span></a> <a href="https://mastodon.social/tags/PQCSA2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQCSA2025</span></a></p><p>Registration and info: <a href="https://www.esat.kuleuven.be/cosic/events/pqcsa-summer-school/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">esat.kuleuven.be/cosic/events/</span><span class="invisible">pqcsa-summer-school/</span></a></p>
Frederic Jacobs<p>Great call to action by Robbie King on finding more useful quantum algorithms. </p><p>Billions of euros have been spent on research for advancing the development of quantum computers, but what are they useful for?</p><p>As the post-quantum transition progresses, the main incentive for quantum computers is going away.</p><p>Robbie claims "The bar for meaningful progress is lower than it might seem, and even incremental advances are valuable.”</p><p><a href="https://quantumfrontiers.com/2025/04/20/quantum-algorithms-a-call-to-action/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">quantumfrontiers.com/2025/04/2</span><span class="invisible">0/quantum-algorithms-a-call-to-action/</span></a></p><p><a href="https://mastodon.social/tags/QuantumComputing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>QuantumComputing</span></a> <a href="https://mastodon.social/tags/PQC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PQC</span></a></p>