banner
lambda.bsky.social
Daniel Hugenroth
@lambda.bsky.social
250 followers 47 following 27 posts
Computer Security Researcher @ Cambridge (https://www.danielhugenroth.com) and Co-Founder @ Light Squares (https://www.lightsquares.dev)
www.danielhugenroth.com)
Posts Media Videos Starter Packs
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jul 29
One of my favourite CoverDrop details: out-of-band verification of the trusted organization key which signs the entire key hierarchy. Its digest is included in the imprint of every printed Guardian newspaper, removing the need to trust CAs 🔑🗞️ more details: www.coverdrop.org
The picture shows a smartphone and the imprint of a newspaper. The smartphone displays a screen from the SecureMessaging feature showing a key digest. The newspaper imprint shows the same digest. The digest consists of a number of randomly-looking letters and digits.
1 29 60
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jul 19
Audits of AI/ML systems while protecting model IP and keeping the audit data confidential 🤫

@inxoy.bsky.social is at the ICML TAIG workshop today, presenting our work on Attestable Audits: arxiv.org/html/2506.23... with Bill Marino and @arberesford.bsky.social
Attestable Audits: Verifiable AI Safety Benchmarks Using Trusted Execution Environments
arxiv.org
3 3
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jul 17
Super excited that Jenny is presenting our new paper on "Web Authentication and Recovery in the Age of E2EE" at PETS today! 🎉🎉

Tons of interesting insights for a world in which we are moving away from passwords, and E2EE data becomes more long-term and critical. petsymposium.org/popets/2025/...
petsymposium.org
1 1 4
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 27
↩️ Back-link to the launch post: bsky.app/profile/lamb...
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 27
There are a lot of insights in both the original PETS paper (petsymposium.org/2022/files/p...) and Diana's PhD thesis (www.repository.cam.ac.uk/items/ec87dd...).
1 1
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 27
CoverDrop involved users from the very beginning—avoiding the “solution looking for problem” trap. Big shout out to @mansoor.bsky.social , Diana, and @arberesford.bsky.social for getting this right from the very beginning by running two very insightful workshops with journalists and engineers.
1 4
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 20
And if you like to learn more about the CoverDrop research behind SecureMessaging: www.coverdrop.org
CoverDrop: Blowing the Whistle Through A News App
www.coverdrop.org
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 20
This announcement really should have our lead Rustaceans @itsibitzi.dev and @zekehg.bsky.social on top 🦀! CoverDrop's implementation journey has been demonstrating the immense strengths that lie in Rust's type system and the mature tool chain. Looking forward to all the talk in September!
rustconf.com
RustConf @rustconf.com · Jun 18
🎤 #rustconf Session Announcement: Daniel Hugenroth (@lambda.bsky.social), Sam Cutler, & Zeke Hunter-Green
“Secure Messaging: Leveraging Rust to Create the Guardian’s Anonymous Whistleblowing System”
rustconf.com/schedule/#1473
#rustlang
1 2
Reposted by Daniel Hugenroth
niemanlab.org
Nieman Lab @niemanlab.org · Jun 9
The Guardian app’s own data flows make leaks indistinguishable from regular traffic — cutting off one of the easiest ways for a repressive government or a corporate boss to identify a leaker. www.niemanlab.org/2025/06/the-...
The Guardian’s new whistleblower tool buries leaks to journalists within its own readers’ everyday traffic
Think "I am Spartacus!" — but for leakers.
www.niemanlab.org
1 23 47
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 9
Yes, the full CoverDrop system is open-source, we had an OTF-sponsored audit, and we have shared the design early with other researchers for feedback. github.com/guardian/cov...
GitHub - guardian/coverdrop: Blowing the whistle through a news app
Blowing the whistle through a news app. Contribute to guardian/coverdrop development by creating an account on GitHub.
github.com
1 2
Reposted by Daniel Hugenroth
martin.kleppmann.com
Martin Kleppmann @martin.kleppmann.com · Jun 9
Congratulations @lambda.bsky.social! Today @theguardian.com is launching a new way for whistleblowers to anonymously contact journalists, based on years-long research by Daniel and other colleagues. www.theguardian.com/gnm-press-of...
The Guardian launches Secure Messaging, a world-first from a media organisation, in collaboration with the University of Cambridge
Secure Messaging is a new innovation for confidential story-sharing and source protection, underpinning the Guardian’s commitment to investigative journalism. The Guardian has published the open sourc...
www.theguardian.com
1 150 400
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 9
Thank you so much @martin.kleppmann.com for all your help, guidance, and feedback during this project! Especially with the tricky bits around key rotation and concurrency. And glad that we were able to distill some insights from the production world already into our P79 course.
13
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 9
There’s a lot more to say, and I’ll highlight some aspects that I’m particularly excited about over the next few weeks.
3
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 9
Our CoverDrop white paper has a lot more technical details and we are immensely grateful to everyone who have provided us with valuable feedback throughout this project: www.cl.cam.ac.uk/techreports/...
www.cl.cam.ac.uk
2 3
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 9
The university team has prepared a lil’ announcement as well: www.cam.ac.uk/research/new...
Whistleblowing tech based on Cambridge research launched by the Guardian
Whistleblowers can contact journalists more securely thanks to a new confidential and anonymous messaging technology co-developed by University of Cambridge
www.cam.ac.uk
1 2
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 9
The launch article by Katharine Viner provides a great overview on how CoverDrop works, our collaboration with The Guardian, and why this system is so important: www.theguardian.com/membership/2...
In a dangerous era for journalism – a powerful new tool to help protect sources
Today, the Guardian, in collaboration with the University of Cambridge, launches Secure Messaging, a world-first from a media organisation
www.theguardian.com
1 1 1
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jun 9
We launched CoverDrop 🎉 providing sources with a secure and anonymous way to talk to journalists. Having started five years ago as a PhD research project, this now ships within the Guardian app to millions of users—all of which provide cover traffic. Paper, code, and more info: www.coverdrop.org
CoverDrop: Blowing the Whistle Through A News App
www.coverdrop.org
1 20 59
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Apr 28
GitHub repo here: github.com/lambdapionee...
1
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Apr 28
PETS paper here: petsymposium.org/popets/2024/...
1
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Apr 28
Greatly enjoyed talking at JKU Linz about our Sloth 🦥 library which uses Secure Enclaves (SEs) for key stretching and deniable encryption. Importantly, it works around Android/iOS API limitations and, therefore, Sloth is available to regular apps on most smartphones without modifications.
Panorama of Linz
1
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Apr 7
The final slides are online now: bsky.app/profile/lamb...
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Apr 7
It's done! The final lecture slides and notes for "P79 Cryptography and Protocol Engineering" are now online: www.cl.cam.ac.uk/teaching/242... 🎉. This is the first time that @martin.kleppmann.com and I have done this course—we very much welcome feedback, corrections, and suggestions for next time
Department of Computer Science and Technology – Course pages 2024–25: Cryptography and Protocol Engineering – Course materials
www.cl.cam.ac.uk
2 1 3
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Apr 7
It's done! The final lecture slides and notes for "P79 Cryptography and Protocol Engineering" are now online: www.cl.cam.ac.uk/teaching/242... 🎉. This is the first time that @martin.kleppmann.com and I have done this course—we very much welcome feedback, corrections, and suggestions for next time
Department of Computer Science and Technology – Course pages 2024–25: Cryptography and Protocol Engineering – Course materials
www.cl.cam.ac.uk
2 5 28
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Feb 17
The slides are updated as-we-go on the course website: www.cl.cam.ac.uk/teaching/242... Currently, the highlight are the great X25519/Ed25519 slides by Martin. Content should be complete by begin of March :)
1
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jan 29
The lectures are not recorded, but we will upload the slides and lecture notes online. There will be another post when the full set becomes available.
1 4
lambda.bsky.social
Daniel Hugenroth @lambda.bsky.social · Jan 29
We believe that simply preaching "Don't roll your own crypto" does not cut it anymore—the next generation of engineers and researchers needs to be able to critically evaluate available implementations and competently navigate risks and trade-offs.
6