Name

Erin Alexis Owen Shepherd

Index

Non-Contributory Keys in the Matrix

Soatok yesterday alleged a pair of vulnerabilities in the Matrix Vodzemac cryptography library. I’m going to focus on the first here,

The basic gist of the issue is this:

  • Normally in Elliptic Curve Diffie-Hellman, you multiply your private key by the other party’s public key.
  • If, instead of their public key, they send you the “identity” curve element, then the output of the multiplication is also the identity element
  • This means that the output of your ECDH operation is the identity element.
  • This means that the keys securing your communications are all-zero, and a passive observer can now decrypt your messages.

Now that sounds bad, I’ll agree. RFC 7748, which defines X25519, calls this case out:

Right of Reply

Who’s allowed to reply to your posts?

Truthfully, anyone who can see it (and nothing can prevent someone who wants to from seeing something you make public). If they have to, they can link, copy and paste or screenshot it, and fundamentally there’s no way of stopping them.

But that’s not really what we’re talking about when we talk about replies on social network’s. What we’re really talking about is who’s replies get to show up under your post; or, in other words, who gets to borrow your audience.

A better moderation system is possible for the social web

The Fediverse has a bit of a moderation problem. In fact, it’s had one for quite a while.

When I wrote the first draft of the ActivityPump spec back in 2014, it had an Authorization section which began like this:

Authorization

This is a stub, to be expanded. OAuth 2.0 is an open question.

ActivityPump uses authorization for two purposes; first, to authenticate clients to servers, and secondly in federated implementations to authenticate servers to each other. These methods are based upon the OAuth 2.0 authorization framework as specified in RFC6749.

Permutations: Replacing the block cipher?

History

For the past few decades, the block cipher has been the primary symmetric cryptographic primitive. Aside from the odd stream cipher (primarily RC-4), pretty much every common cryptographic primitive from before 2010 can be seen as built from a block cipher.

Quick note: How do we define a block cipher? A block cipher is a function with the form c = f(p, k) where c, p are an N-bit ciphertext and plaintext respectively, and k is an M-bit key.