Feisty Duck

@feistyduck

The place for TLS and PKI education. Publishers of Bulletproof TLS and PKI. Authors of Practical TLS and PKI training. Cryptography & Security Newsletter.

London, UK

Joined March 2009

28Following

2KFollowers

Feisty Duck@feistyduck · 13 h

Logjumps is a recently discovered technique for modular reduction over large prime fields. baincapitalcrypto.com/a-deep-dive-in…

feistyduck's tweet card. Logjumps is a recently discovered technique for modular reduction over large prime fields.

124

Feisty Duck@feistyduck · Jul 22

Latacora’s Cryptographic Right Answers: Post Quantum Edition is nearly a year old, but it’s still a good read. latacora.com/blog/2024/07/2…

170

Feisty Duck@feistyduck · Jul 21

A Trail of Bits blog post by Benjamin Samuels highlights that private key compromise is the single biggest cause of cryptocurrency hacks, at 43.8 percent. More importantly, the post focuses on how protocols can be designed to resist this class of attack. blog.trailofbits.com/2025/06/25/mat…

feistyduck's tweet card. Private key compromise accounted for 43.8% of crypto hacks in 2024, yet traditional smart contract audits rarely address architectural access control weaknesses. This post introduces a four-level...

196

Feisty Duck@feistyduck · Jul 18

The ACME Renewal Information (ARI) extension has been published as RFC 9773. When this extension is supported, CAs can signal to clients the need to rotate certificates earlier—for example, if they need to be revoked. datatracker.ietf.org/doc/rfc9773/

190

Feisty Duck@feistyduck · Jul 16

Matthew McPherrin has dug into Mozilla’s telemetry data to show us the most often encountered public CAs in Firefox. linkedin.com/posts/mcpherri…

feistyduck's tweet card. Mozilla provides public data from Firefox's telemetry on how many times a CA is used to successfully validate certificates. This is a pretty good measure for how "big" a CA is. The data is pretty...

175

Feisty Duck@feistyduck · Jul 15

If you’d like to learn more about quantum computation, take a look at Peter Shor’s lecture notes from 2022. math.mit.edu/~shor/435-LN/

148

Feisty Duck@feistyduck · Jul 14

IBM says it will deliver Quantum Starling—a large-scale, fault-tolerant quantum computer—by 2029. ibm.com/quantum/blog/l…

feistyduck's tweet card. IBM has developed a detailed framework for achieving large-scale fault-tolerant quantum computing by 2029, and we’re updating our roadmap to match.

147

Feisty Duck@feistyduck · Jul 11

New Java and C# releases of the Bouncy Castle library improve post-quantum cryptography and interoperability. bouncycastle.org/resources/boun…

feistyduck's tweet card. Bouncy Castle Java and C# .NET releases with critical updates in Post-Quantum Cryptography (PQC), interoperability, and lightweight cryptography for IoT

217

Feisty Duck@feistyduck · Jul 10

Twitter has a new protocol for encrypted direct messages, but it’s not great. Matthew Garrett mjg59.dreamwidth.org/71646.html and Matthew Green blog.cryptographyengineering.com/2025/06/09/a-b… explain in more detail.

feistyduck's tweet card. Update 6/10: Based on a short conversation with an engineering lead at X, some of the devices used at X are claimed to be using HSMs. See more further below. Matthew Garrett has a nice post about T…

167

Feisty Duck@feistyduck · Jul 9

KEYMASTER talks about certificate linting for private PKIs. ejbca.org/resources/keym…

210

Feisty Duck@feistyduck · Jul 8

The Electronic Frontier Foundation is weighing in on the European Union’s “encryption roadmap,” which continues to push for access to private communication. eff.org/deeplinks/2025…

feistyduck's tweet card. EFF has joined more than 80 civil society organizations, companies, and cybersecurity experts in signing a letter urging the European Commission to change course on its recently announced “Technology

155

Feisty Duck@feistyduck · Jul 7

Frank Denis makes a passionate plea for better user interfaces for OpenSSL cipher suite selection. 00f.net/2025/06/06/cip…

287

Feisty Duck@feistyduck · Jul 3

The next release of Apple’s operating system, due this fall, will provide post-quantum security for TLS by default for all network communications that rely on the modern, recommended APIs. support.apple.com/en-gb/122756 This video from WWDC25 has more info. developer.apple.com/videos/play/ww…

192

Feisty Duck@feistyduck · Jul 1

The EU has published its guidelines for migration to post-quantum cryptography. The timelines are as follows: triage by the end of 2026, migration of high-risk properties by the end of 2030, and migration of the remaining properties by the end of 2035. digital-strategy.ec.europa.eu/en/library/coo…

532

Feisty Duck@feistyduck · Jun 30

Cryptography & Security Newsletter is out! In this issue: - Internet PKI to Integrate DNSSEC - Short News feistyduck.com/newsletter/iss…

2.0K

Feisty Duck@feistyduck · Jun 27

Microsoft added a variety of post-quantum crypto algorithms to its early adopters channel and detailed its adoption roadmap. techcommunity.microsoft.com/blog/microsoft…

feistyduck's tweet card. Introduction As the digital landscape continues to evolve, the emergence of quantum computing presents both significant opportunities and challenges....

419