Prof B Buchanan OBE FRSE

In cybersecurity, we have a love/hate relationship with ECDSA. It is the foundation element of Bitcoin & Ethereum, and has a magical element that was used by Satoshi Nakamoto that allowed any Bitcoin client to extract the public key from the signature. asecuritysite.com/ecdsa/ecdsa_pu…

Linking The Distributed Web With The Centralised Web — The Web Returns To Its Roots billatnapier.medium.com/linking-the-di…

XMSS (eXtended Merkle Signature Scheme) and LMS (Leighton-Micali Hash-Based Signature) are standardised for use in NIST SP 800-208 ... you just have to keep track of the private keys you have used, and not re-use them. lnkd.in/gkQTukqs

With commutative encryption with stream ciphers asecuritysite.com/commul/go_comm

The greatest changes in the Web are happening now, get ready for PQC migration and decentralisation, and learn a bit of crypto: asecuritysite.com

In the EU, Less Than Five Years To Migrate to PQC for High-Risk Areas Read more: billatnapier.medium.com/in-the-eu-less…

We're glad to announce our new 2025/26 ENUSEC committee! President - Connor Gallagher Vice President - Scott Downie Secretary - Lewis Morrison Treasurer - Xander Wilson-Hill Media Officer - Edan Osborne Social Secretary- Elle Ward We hope it's a good year for everyone!

If lightweight cryptography was a good idea, we’d just call it “cryptography.”

With Oil and Vinegar, Have Some MAYO billatnapier.medium.com/with-oil-and-v…

The PQC “Lord of the Rings” billatnapier.medium.com/the-pqc-lord-o…

So what are the key sizes & ciphertext data sizes required for PQC KEM and signatures? Well, here is a quick guide for current and possible future standards. In the graphic, we see ML-KEM generally has relatively small keys compared with other methods. asecuritysite.com/liboqs/liboqs_…

I've run some tests on KEM methods for PQC. The results are given below in the graphic (performance is the number of operations over three seconds). asecuritysite.com/liboqs/liboqs_…

Getting CROSS! PQC Signature Performance in 2025 Here is the evaluation of some of these against the current methods using liboqs: medium.com/asecuritysite-…

A great place to prototype and investigate post-quantum KEMs and signatures, and all in beautiful C code (and none of that C++ syntax): asecuritysite.com/liboqs/index

LMS and XMSS Signatures: asecuritysite.com/liboqs/liboqs_…

Here is key pair generation, encapsulation and decapsulation for ML-KEM, HQC, Kyber, McEliece, FrodoHEM and sntrup761 using liboqs (note: I've not used McEliece as it takes too long for the key generation): asecuritysite.com/liboqs/liboqs_…

In Banking, Healthcare, or Critical Infrastructure? This One’s for You. Professor Bill Buchanan, OBE, FRSE, explains why migration is urgent, and why tested standards like FIPS are your starting point. 👉 Spotify: hubs.li/Q03x_gh-0 👉 Apple: hubs.li/Q03x_hm30

PQC Signatures — And What’s Next? In this case, we will implement ML-DSA, FALCON and SPHINCS+, along with a number of other methods that are proposed in Round 2 and which are included in liboqs: billatnapier.medium.com/pqc-signatures…

Like it or not, we will have to say goodbye to RSA, ECDSA, and EdDSA. Luckily, NIST is standardising ML-DSA (FIPS 204), FALCON (FIPS 206) and SPHINCS+ (FIPS 205) for PQC (Post Quantum Cryptography) signatures (and others). Here they are in action: asecuritysite.com/liboqs/liboqs_…

ML-DSA-65 provides us with an alternative to RSA, ECDSA and Ed25519 for quantum-robust digital signing. Here is the implementation of ML-DSA-64 using the liboqs open source library: asecuritysite.com/liboqs/liboqs_…