Lightnews — Scholar-powered news

Reposted by Sofia Celi

Maria Corte-Real Santos @maria.isogeny.club · 19d

The Isogeny Club Season 7 starts today! At 5pm CEST, Bruno Sterner will talk about finding large smooth twins from short lattice vectors. More details at isogeny.club

1 7 10

Reposted by Sofia Celi

Mrs. Betty Bowers @mrsbettybowers.bsky.social · Sep 11

Decrying violence against political opponents rings a bit hollow when you pull Secret Service protection from your political opponents.

650 10K 39K

Sofia Celi @claucece.bsky.social · Sep 9

Woo!! Coral goes to S&P! eprint.iacr.org/2025/1420 Coral is an amazing system to check over ZKP that a document conforms to a grammar (JSON, C, TOML). Super happy with this work and the amazing work of all the co-authors!

1 8

Reposted by Sofia Celi

Lindsay Ellis @lindsayellis.bsky.social · Aug 26

youtu.be/QwpanShgOp4?...

The Unforgivable Sin of Ms Rachel

YouTube video by Lindsay Ellis

youtu.be

150 1.9K 6K

Reposted by Sofia Celi

Katav 🐺 g(r)ay wolf 🐏 bighorn(y) ram @katav.gay · Aug 27

a fantastic video about important topics and with a worthy fundraiser, and best of all it has this amazing moment

8 180 720

Sofia Celi @claucece.bsky.social · Aug 19

Two super nice things this week!! Thank you, AsiaCCS (really happy there are such things as reviewer's awards, as we need good reviews!) and @iacrcrypto.bsky.social !

9

Reposted by Sofia Celi

mccurley.bsky.social @mccurley.bsky.social · Aug 14

Anyone who has been an IACR member in 2023-2026 should have received a link to respond to a survey about conferences and publishing. So far over 500 people have responded, but it will remain open for responses until Sept 12, 2025. I would also encourage people to use their forum invitations.

International Association for Cryptologic Research

A place to discuss matters related to IACR

discuss.iacr.org

6 9

Reposted by Sofia Celi

Martin R. Albrecht @malb.bsky.social · Aug 13

11 Sep UK Crypto Day in Manchester: uk-crypto-day.github.io/2025/09/11/u...

Together with @rikkebjerg.bsky.social I'll be talking about our upcoming work with @bedow.bsky.social and Simone Colombo: At-Compromise Security: The Case for Alert Blindness

Screenshot of https://uk-crypto-day.github.io/2025/09/11/uk-crypto-day/ with text:

Rikke Bjerg Jensen & Martin Albrecht: At-Compromise Security: The Case for Alert Blindness

We start from the observation (Blanchette’12) that cryptography broadly intuits security goals – as modelled in games or ideal functionalities – while claiming realism. This stands in contrast to cryptography’s attentive approach towards examining assumptions and constructions through cryptanalysis and reductions. To close this gap, we introduce a technique for determining security goals. Given that games and ideal functionalities model specific social relations between various honest and adversarial parties, our approach is grounded in a careful social science methodology for studying social relations in their contexts: ethnography. As a first application of this technique, we study security at-compromise (neither pre- nor post-) and introduce the security goal of alert blindness. Specifically, as observed in our 2024/2025 ethnographic fieldwork with protesters in Kenya, alert blindness captures a security goal of abducted persons who were taken by Kenyan security forces for their presumed activism. It may have applications elsewhere.

Joint work with Simone Colombo and Benjamin Dowling.

See also: Social Foundations of Cryptography

Bios. Rikke Bjerg Jensen is a Professor in the Information Security Group at Royal Holloway, University of London. Her work is ethnographic and grounded in explorations of information security practices and needs among groups of people living and working at the margins of societies.

Martin Albrecht is a Professor of Cryptography at King’s College London. He works broadly across the field of cryptography but focuses on the analysis of deployed or soon-to-be deployed cryptographic solutions and on analysing the security of lattice-based cryptography against classical and quantum computers.

2 3

Reposted by Sofia Celi

Marcel Keller @mkskeller.bsky.social · Aug 13

USENIX chair report: "six individuals appear as co-authors on 20 or more submissions, with two authors appearing on 36 and 39 submissions respectively. At such volume, it becomes difficult not to question the nature and depth of the contributions" www.usenix.org/sites/defaul...

www.usenix.org

3 11

Reposted by Sofia Celi

Diego F. Aranha @dfaranha.bsky.social · Jul 31

I just learned that Claus Schnorr passed away last June, aged 81 — a significant loss for the cryptographic community: mittelhessen-gedenkt.de/traueranzeig...

Traueranzeigen von Claus Peter Schnorr | mittelhessen-gedenkt.de

Besuchen Sie die Gedenkseite von Claus Peter Schnorr. Lesen Sie die Traueranzeige und gedenken Sie des Verstorbenen mit einer Kerze oder Kondolenz.

mittelhessen-gedenkt.de

3 17

Reposted by Sofia Celi

Fight for the Future @fightforthefuture.org · Aug 7

BREAKING: New investigation exposes Microsoft for enabling surveillance + killing of Palestinians.

www.theguardian.com/world/2025/a...

‘A million calls an hour’: Israel relying on Microsoft cloud for expansive surveillance of Palestinians

Revealed: The Israeli military undertook an ambitious project to store a giant trove of Palestinians’ phone calls on Microsoft’s servers in Europe

www.theguardian.com

2 33 43

Reposted by Sofia Celi

ACLU @aclu.org · Aug 6

We sent a letter to all superintendents in Arkansas warning them not to display the Ten Commandments in schools after a federal judge this week ruled that a state law requiring the displays is “obviously unconstitutional.”

Every school district has an obligation to abide by the First Amendment.

43 620 2.5K

Sofia Celi @claucece.bsky.social · Aug 5

Proud of this work, and of the amazing work of Eli!

ePrint Updates @eprint.ing.bot · Aug 5

Coral: Fast Succinct Non-Interactive Zero-Knowledge CFG Proofs (Sebastian Angel, Sofía Celi, Elizabeth Margolin, Pratyush Mishra, Martin Sander, Jess Woods) ia.cr/2025/1420

Abstract. We introduce Coral, a system for proving in zero- knowledge that a committed byte stream corresponds to a structured object in accordance to a Context Free Grammar. Once a prover establishes the validity of the parsed object with Coral, they can selectively prove facts about the object—such as fields in Web API responses or in JSON Web Tokens—–to third parties or blockchains. Coral reduces the problem of correct parsing to a few simple checks over a left-child right-sibling tree and introduces a novel segmented memory abstraction that unifies and extends prior constructions for RAM in zkSNARKs. Our implementation of Coral runs on a standard laptop, and non-interactively proves the parsing of real Web responses (JSON) and files (TOML and C) in seconds. The resulting proofs are small and cheap to verify.

5

Reposted by Sofia Celi

Robin Wilton 🇱🇧 @komadori.bsky.social · Jul 31

Just as it did with the Apple "backdoor" demand, the UK Government has got itself into a ridiculous mess over age estimation and VPNs. Here's a Govt spokesperson saying that young users must not be encouraged to use VPNs. 1/n

2 4 6

Reposted by Sofia Celi

khanhcrypto.bsky.social @khanhcrypto.bsky.social · Jul 16

Together with Ky Nguyen, we're organising the Young Cryptographers Forum 2025 in Hanoi, Vietnam! Two days (24-25.08) of awesome crypto talks. Check it out! (Registration deadline for stipends is coming up)
viasm.edu.vn/hdkh/YCF2025

Young Cryptographers Forum-Viện nghiên cứu cao cấp về toán

viasm.edu.vn

1 4

Reposted by Sofia Celi

Internet Research Task Force @irtf.org · Jul 14

At IETF-123 next week, the IRTF's HRPC research group will host talks about the constraints and considerations of legal frameworks in armed conflict, about censorship in Iran, and a talk by Maria Farrell, author of "We Need to Rewild the Internet.
datatracker.ietf.org/doc/agenda-1...

Agenda IETF123: hrpc

datatracker.ietf.org

1 1

Reposted by Sofia Celi

Krijn Reijnders @krijn.isogeni.es · Jun 19

Single author, fifteen pages, reduces the bit complexity of millenia-old UOV instances!!

ePrint Updates @eprint.ing.bot · Jun 19

Wedges, oil, and vinegar – An analysis of UOV in characteristic 2 (Lars Ran) ia.cr/2025/1143

Abstract. The Unbalanced Oil and Vinegar construction (UOV) has been the backbone of multivariate cryptography since the fall of HFE-based schemes. In fact, 7 UOV-based schemes have been submitted to the NIST additional call for signatures, and 4 of these made it to the second round. For efficiency considerations, most of these schemes are defined over a field of characteristic 2. This has as a side effect that the polar forms of the UOV public maps are not only symmetric, but also alternating.

In this work, we propose a new key-recovery attack on UOV in characteristic 2 that makes use of this property. We consider the polar forms of the UOV public maps as elements of the exterior algebra. We show that these are contained in a certain subspace of the second exterior power that is dependent on the oil space. This allows us to define relations between the polar forms and the image of the dual of the oil space under the Plücker embedding. With this, we can recover the secret oil space using sparse linear algebra.

This new attack has an improved complexity over previous methods and reduces the security by 4, 11, and 20 bits for uov-Ip, uov-III, and uov-V, respectively. Furthermore, the attack is applicable to MAYO₂ and improves on the best attack by 28 bits.

1 3 13

Reposted by Sofia Celi

Mathy Vanhoef @vanhoefm.bsky.social · Jul 12

Yikes. Turns out you can send a plaintext radio signal to cause any train in the USA to do an emergency break. The original 'security' was just a checksum, no encryption or authentication. Reporting this took them 12 years (!) because the vendor dismissed it initially www.cisa.gov/news-events/...

End-of-Train and Head-of-Train Remote Linking Protocol | CISA

www.cisa.gov

11 65 190

Reposted by Sofia Celi

Mike Stabile @mikestabile.bsky.social · Jul 10

Starting July 25, Bluesky will require users in the UK to scan their face, upload an ID or verify their identity with a bankcard.

I realize that platforms feel they have no choice but to comply with the government surveillance schemes, but shocking nonetheless.

Bluesky is rolling out age verification in the UK

Bluesky users in the UK can verify their age using their face, ID, or payment card.

www.theverge.com

390 1.9K 3.5K

Reposted by Sofia Celi

Andrea Basso @andreavbasso.bsky.social · Jun 10

We (finally) published all the material from this course on SQIsign, including lecture slides and exercise sheets for the Sage laboratory. Available here: github.com/andreavico/S...

1 16 17

Reposted by Sofia Celi

Etienne - Tek @tek.randhome.io · Jul 11

Former Mexican president investigated over allegedly taking bribes from spyware industry https://therecord.media/former-mexican-president-investigated-spyware-bribes

Former Mexican president investigated over allegedly taking bribes from spyware industry

The investigation comes in response to an account in the Israeli business publication TheMarker, which reported that the contracts included a deal to buy Pegasus — the powerful spyware manufactured by Israel-based NSO Group.

therecord.media

5 3

Reposted by Sofia Celi

Martijn Grooten @martijngrooten.bsky.social · Jul 11

Russia labels many foreign NGOs as 'undesirable', then forges contract between local org and a foreign NGO as a pretext for a raid of said org www.article19.org/resources/ru...

Russia: ARTICLE 19 denounces FSB raid on Revolt Centre based on falsified contract - ARTICLE 19

Today Russian Security Forces (FSB) raided a cultural centre in Syktyvkar, northern Russia, because of alleged ties with ARTICLE 19, which is designated an ‘undesirable’ organisation in Russia. Russi...

www.article19.org

4 5

Reposted by Sofia Celi

Meredith Whittaker @meredithmeredith.bsky.social · Jul 1

How to be classy, how to be cute, how to actually walk the walk...

Love you for this, @cloudflare.social ❤️

www.nytimes.com/2025/07/01/t...

Cloudflare Introduces Default Blocking of A.I. Data Scrapers

www.nytimes.com

9 110 530

Reposted by Sofia Celi

Brooklyn Zelenka @expede.wtf · Jun 30

It didn't work for me even a few weeks ago on a fresh Chrome download — tried now and it works 🎉 Finally: Ed25519 support in all major browsers (Chrome was the holdout)

Thanks to @burrito.space , @igalia.com , @protocollabs.bsky.social & many others for ushering this multi-year process through 👏

A screenshot of caniuse.com showing Ed25519 support in all major browsers, importantly now including Chrome!

3 28 110

Reposted by Sofia Celi

PQCSA @pqcsa.bsky.social · Jun 27

We will host another workshop on 7 November, in Frankfurt!
Join us at the Kimpton Main to learn more about "PQC Migration & Supply Chain Readiness for the Automotive Industry", organised by @cosic.bsky.social .
More information: www.esat.kuleuven.be/cosic/events...

PQCSA: PQC Migration & Supply Chain Readiness for the Automotive Industry – Co-located with ESCAR event in Frankfurt

www.esat.kuleuven.be

2 1