Lightnews — Scholar-powered news

Reposted by Carsten Baum

Christina Gravert @cgravert.bsky.social · Jun 10

Denmark is best in EU in getting workers back into jobs (twice the average rate). They also do tons of RCTs to find out what works and apply behavior science. Can’t say it’s causal, but it’s an interesting correlation at least.

Bente Sorgenfrey @bentesorgenfrey.bsky.social · Jun 10

I 2024 var Danmark bedst i #EU til at få ledige i job. 40,8 pct. af de ledige i et givent kvartal, kom i job i det efterfølgende kvartal, hvilket er væsentligt over EU-gennemsnittet på 24,2 pct. Det er 14. år i træk, at Danmark er EU-mestre i at få ledige i job #dkpol www.ae.dk/analyse/2025...

Danmark er EU-mestre for 14. år i træk: Bedst til at få ledige i job

Gennemsnitligt 40,8 pct. af de ledige i et givent kvartal kom i job i det efterfølgende kvartal i 2024. Det er den højeste andel i EU – for 14. år i træk. Danmark er også bedst til at få langtidsledig...

www.ae.dk

3 7

Carsten Baum @cryptocarsten.bsky.social · Jun 11

SPD stabil an der Seite großindustrieller Gasproduzenten und nicht dem kleinen Mann.

Abbrennen den Laden, braucht niemand.

1

Carsten Baum @cryptocarsten.bsky.social · Jun 10

That one time you wish they'd have used ChatGPT

2

Reposted by Carsten Baum

Deirdre Connolly¹ ² @durumcrustulum.com · Jun 9

Apple announces that TLS client connections in version 26+ will be using hybrid PQ X25519MLKEM768 by default

support.apple.com/en-us/122756

Prepare your network for quantum-secure encryption in TLS - Apple Support

Learn about quantum-secure encryption in TLS and how to check if your organization's web servers are ready.

support.apple.com

3 15 46

Carsten Baum @cryptocarsten.bsky.social · Jun 4

Submission link: easychair.org/my/conferenc...

Important dates:

The deadline for contributed talks is Sunday, June 15th, 2025

Notification will be sent out no later than Sunday, June 22nd, 2025

Log in to EasyChair for CRYPTO-PPML 2025

easychair.org

1

Carsten Baum @cryptocarsten.bsky.social · Jun 4

The program will consist of a few invited talks and contributed talks. We encourage submissions exploring a range of techniques for privacy-preserving machine learning.

Confirmed invited speakers & call for contributed talks: crypto-ppml.github.io/2025/

Privacy-Preserving Machine Learning Workshop 2025

crypto-ppml.github.io

1

Carsten Baum @cryptocarsten.bsky.social · Jun 4

The 7th workshop on Privacy Preserving Machine Learning will take place on August 17, 2025 (Sunday), as an affiliated event of the 45th CRYPTO 2025 conference.

1 3 4

Carsten Baum @cryptocarsten.bsky.social · Jun 3

Congrats!

2

Reposted by Carsten Baum

Ben Adida @benadida.com · May 24

Ahem.

New York Times headline "Crypto investor charged with kidnapping and torturing man for weeks"

Xkcd #538, comparing crypto nerd imagination of breaking RSA vs reality of torturing the password holder.

2 5

Carsten Baum @cryptocarsten.bsky.social · May 23

Kandidat für den Ignoble?

Carsten Baum @cryptocarsten.bsky.social · May 23

Nice work! Great that you cut through all the marketing :)

1

Reposted by Carsten Baum

Claudio Orlandi @claudiorlandi.bsky.social · May 22

Save the date! The next NordiCrypt will take place on Monday June 30th in Aarhus. We will start around 10:00. More details soon at sites.google.com/view/nordicr...

NordiCrypt - NordiCrypt Summer 2025

Venue: The next NordiCrypt will take place at Aarhus University on Monday June 30th. More details under "Location". Schedule: Scientific Program from 10:00 to 16:00/17:00 ish. Dinner at 18:00. Final p...

sites.google.com

3 4

Carsten Baum @cryptocarsten.bsky.social · May 20

Oh wow, this is really great work. Recent results on PCGs allowed much more efficient MPC preprocessing (among other things) using somewhat new assumptions. Apparently, these assumptions are too strong.

Congratulations to the authors on their IACR grant slam of breaks :)

ePrint Updates @eprint.ing.bot · May 19

Practical cryptanalysis of pseudorandom correlation generators based on quasi-Abelian syndrome decoding (Charles Bouillaguet, Claire Delaplace, Mickaël Hamdad, Damien Vergnaud) ia.cr/2025/892

Abstract. Quasi-Abelian Syndrome Decoding (QA-SD) is a recently in- troduced generalization of Ring-LPN that uses multivariate polynomials rings. As opposed to Ring-LPN, it enables the use of small finite field such as GF(3) and GF(4). It was introduced by Bombar et al (Crypto 2023) in order to obtain pseudorandom correlation generators for Beaver triples over small fields. This theoretical work was turned into a concrete and efficient protocol called F4OLEage by Bombar et al. (Asiacrypt 2024) that allows several parties to generate Beaver triples over GF(2).

We propose efficient algorithms to solve the decoding problem underlying the QA-SD assumption. We observe that it reduce to a sparse multivariate polynomial interpolation problem over a small finite field where the adversary only has access to random evaluation points, a blind spot in the otherwise rich landscape of sparse multivariate interpolation. We develop new algorithms for this problem: using simple techniques we interpolate polynomials with up to two monomials. By sending the problem to the field of complex numbers and using convex optimization techniques inspired by the field of “compressed sensing”, we can interpolate polynomials with more terms.

This enables us to break in practice parameters proposed by Bombar et al. at Crypto’23 and Asiacrypt’24 as well as Li et al. at Eurocrypt’25 (IACR flagship conferences Grand Slam). In the case of the F4OLEage protocol, our implementation recovers all the secrets in a few hours with probability 60%. This not only invalidates the security proofs, but it yields real-life privacy attacks against multiparty protocols using the Beaver triples generated by the broken pseudorandom correlation generators.

1 5

Carsten Baum @cryptocarsten.bsky.social · May 12

Congratulations :)

Reposted by Carsten Baum

Martin R. Albrecht @malb.bsky.social · May 8

This is cool heimberger.xyz/oprfs.html

PQ-OPRF table

heimberger.xyz

6 14

Carsten Baum @cryptocarsten.bsky.social · May 7

Zählt ein dummer Hut?

1 1

Carsten Baum @cryptocarsten.bsky.social · May 7

Düpdüp... 🦈

2

Carsten Baum @cryptocarsten.bsky.social · May 7

Never thought I'd participate in making a whole scientific conference dance the Macarena.
Yet here we are.

4 9

Carsten Baum @cryptocarsten.bsky.social · May 6

Oops :)

Ignacio Cascudo @icascudo.bsky.social · May 6

Don't go over time!! Or do!

3

Carsten Baum @cryptocarsten.bsky.social · May 6

Spend them wisely!

1 1

Reposted by Carsten Baum

Sabine Oechsner 🟥 @proofnerd.bsky.social · May 5

Our paper on attacking concurrent MPC implementations is finally on eprint 🎉
(And @schollster.bsky.social will present it at S&P 2025!)

A summary 🧵

ePrint Updates @eprint.ing.bot · May 5

Rushing at SPDZ: On the Practical Security of Malicious MPC Implementations (Alexander Kyster, Frederik Huss Nielsen, Sabine Oechsner, Peter Scholl) ia.cr/2025/789

Abstract. Secure multi-party computation (MPC) enables parties to compute a function over private inputs while maintaining confidentiality. Although MPC has advanced significantly and attracts a growing industry interest, open-source implementations are still at an early stage, with no production-ready code and a poor understanding of their actual security guarantees. In this work, we study the real-world security of modern MPC implementations, focusing on the SPDZ protocol (Damgård et al., CRYPTO 2012, ESORICS 2013), which provides security against malicious adversaries when all-but-one of the participants may be corrupted. We identify a novel type of MAC key leakage in the MAC check protocol of SPDZ, which can be exploited in concurrent, multi-threaded settings, compromising output integrity and, in some cases, input privacy. In our analysis of three SPDZ implementations (MP-SPDZ, SCALE-MAMBA, and FRESCO), two are vulnerable to this attack, while we also uncover further issues and vulnerabilities with all implementations. We propose mitigation strategies and some recommendations for researchers, developers and users, which we hope can bring more awareness to these issues and avoid them reoccurring in future.

2 5 13

Reposted by Carsten Baum

Jaap-Henk Hoepman 🟥 ⬜️ 🟩 ⬛️ @xotoxot.bsky.social · May 5

I'm one of the signers of this open letter to the Commission asking to ensure that civil society, human rights lawyerd and academics get properly involved in the preparation of a Technology Roadmap on encryption. edri.org/our-work/tec...