banner
malb.bsky.social
Martin R. Albrecht
@malb.bsky.social
820 followers 300 following 91 posts
Cryptography Professor at King's College London and Principal Research Scientist at SandboxAQ. Erdős–Bacon Number: 6. He/him or they/them. https://malb.io
malb.io
Posts Media Videos Starter Packs
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · Aug 27
Internship Position on the Lattice Estimator martinralbrecht.wordpress.com/2025/08/27/i...
Internship Position on the Lattice Estimator
Eamonn and I are looking to hire an intern for four months to work on the Lattice Estimator. The internship will be based at King’s College London and is funded by a gift from Zama. We are ideally …
martinralbrecht.wordpress.com
2 2
Reposted by Martin R. Albrecht
mikaelabrough.bsky.social
Mikaela Brough @mikaelabrough.bsky.social · Aug 26
New ethnographic work with @rikkebjerg.bsky.social and @malb.bsky.social on information security in the UK climate movement -- accepted and presented recently at USENIX Security ’25 in Seattle 🌱 www.usenix.org/conference/u...
On the Virtues of Information Security in the UK Climate Movement | USENIX
www.usenix.org
1 1
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · Aug 25
We are recruiting for at Postdoc Position in Lattice-Based Cryptography at King's College London martinralbrecht.wordpress.com/2025/08/24/p...
Postdoc Position in Lattice-Based Cryptography
We are recruiting a postdoc to work with us on “practical advanced post-quantum cryptography from lattices”, the title of my ERC selected, UKRI Frontier Research funded project: Standardisation eff…
martinralbrecht.wordpress.com
5 8
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · Aug 13
11 Sep UK Crypto Day in Manchester: uk-crypto-day.github.io/2025/09/11/u...

Together with @rikkebjerg.bsky.social I'll be talking about our upcoming work with @bedow.bsky.social and Simone Colombo: At-Compromise Security: The Case for Alert Blindness
Screenshot of https://uk-crypto-day.github.io/2025/09/11/uk-crypto-day/ with text: Rikke Bjerg Jensen & Martin Albrecht: At-Compromise Security: The Case for Alert Blindness We start from the observation (Blanchette’12) that cryptography broadly intuits security goals – as modelled in games or ideal functionalities – while claiming realism. This stands in contrast to cryptography’s attentive approach towards examining assumptions and constructions through cryptanalysis and reductions. To close this gap, we introduce a technique for determining security goals. Given that games and ideal functionalities model specific social relations between various honest and adversarial parties, our approach is grounded in a careful social science methodology for studying social relations in their contexts: ethnography. As a first application of this technique, we study security at-compromise (neither pre- nor post-) and introduce the security goal of alert blindness. Specifically, as observed in our 2024/2025 ethnographic fieldwork with protesters in Kenya, alert blindness captures a security goal of abducted persons who were taken by Kenyan security forces for their presumed activism. It may have applications elsewhere. Joint work with Simone Colombo and Benjamin Dowling. See also: Social Foundations of Cryptography Bios. Rikke Bjerg Jensen is a Professor in the Information Security Group at Royal Holloway, University of London. Her work is ethnographic and grounded in explorations of information security practices and needs among groups of people living and working at the margins of societies. Martin Albrecht is a Professor of Cryptography at King’s College London. He works broadly across the field of cryptography but focuses on the analysis of deployed or soon-to-be deployed cryptographic solutions and on analysing the security of lattice-based cryptography against classical and quantum computers.
2 3
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · Jun 24
Slides of my talk titled "Lattices give us KEMs and FHE, but where are the efficient lattice PETs? -- By Example of (Verifiable) Oblivious PRFs" given at spiqe-workshop.github.io are here: github.com/malb/talks/b...

Thanks @kennyog.bsky.social and @jurajsomorovsky.bsky.social for inviting me.
github.com
4 12
Reposted by Martin R. Albrecht
eprint.ing.bot
ePrint Updates @eprint.ing.bot · Jun 19
Wedges, oil, and vinegar – An analysis of UOV in characteristic 2 (Lars Ran) ia.cr/2025/1143
Abstract. The Unbalanced Oil and Vinegar construction (UOV) has been the backbone of multivariate cryptography since the fall of HFE-based schemes. In fact, 7 UOV-based schemes have been submitted to the NIST additional call for signatures, and 4 of these made it to the second round. For efficiency considerations, most of these schemes are defined over a field of characteristic 2. This has as a side effect that the polar forms of the UOV public maps are not only symmetric, but also alternating. In this work, we propose a new key-recovery attack on UOV in characteristic 2 that makes use of this property. We consider the polar forms of the UOV public maps as elements of the exterior algebra. We show that these are contained in a certain subspace of the second exterior power that is dependent on the oil space. This allows us to define relations between the polar forms and the image of the dual of the oil space under the Plücker embedding. With this, we can recover the secret oil space using sparse linear algebra. This new attack has an improved complexity over previous methods and reduces the security by 4, 11, and 20 bits for uov-Ip, uov-III, and uov-V, respectively. Furthermore, the attack is applicable to MAYO₂ and improves on the best attack by 28 bits. Image showing part 2 of abstract.
4 6
Reposted by Martin R. Albrecht
sejaques.bsky.social
Sam Jaques @sejaques.bsky.social · Jun 19
An out-of-schedule update to my quantum landscape chart: sam-jaques.appspot.com/quantum_land..., prompted by
@craiggidney.bsky.social 's new paper: arxiv.org/abs/2505.15917.

A startling jump (20x) in how easy quantum factoring can be!

Also: much improved web design!
A chart for quantum computers, of number of qubits versus error rate, on a logarithmic scale. Broadly it shows a large gap between current quantum computers in the bottom left, and a curve in the top right of the resources they need to break RSA.
3 26 61
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · Jun 14
New blog post on our (with @rikkebjerg.bsky.social and @mikaelabrough.bsky.social) USENIX'25 paper "On the Virtues of Information Security in the UK Climate Movement" where I end up reflecting on writing this, for me, unusual work.

martinralbrecht.wordpress.com/2025/06/14/o...
On the Virtues of Information Security in the UK Climate Movement
Our paper – titled “On the Virtues of Information Security in the UK Climate Movement” – was accepted at USENIX Security’25. Here’s the abstract: We report on an ethnographic study with members of …
martinralbrecht.wordpress.com
2 2
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · Jun 4
Eamonn and I received a Zama Cryptanalysis Grant to help with the lattice estimator github.com/malb/lattice.... We hope to hire interns to work on the estimator over two periods over the next 18 months.

Zama are still taking applications for this grant, see here: www.zama.ai/post/announc...
GitHub - malb/lattice-estimator: An attempt at a new LWE estimator
An attempt at a new LWE estimator. Contribute to malb/lattice-estimator development by creating an account on GitHub.
github.com
1 4 11
Reposted by Martin R. Albrecht
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · Apr 15
10 June: Jean-François Blanchette Talk and Discussion on "Burdens of Proof" in London

martinralbrecht.wordpress.com/2025/04/15/1...
1 3 1
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · May 15
Isn't the answer mostly Heartbleed?
1
Reposted by Martin R. Albrecht
danwilshirejones.bsky.social
Dan Jones @danwilshirejones.bsky.social · May 8
Ooh -- also: The "More is Less" paper (eprint.iacr.org/2017/713 ) pointed out this group membership issue with WhatsApp in 2017 -- almost 8 years ago!
More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema
Secure instant messaging is utilized in two variants: one-to-one communication and group communication. While the first variant has received much attention lately (Frosch et al., EuroS&P16; Cohn-Gordo...
eprint.iacr.org
2 10
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · May 8
Dan wrote a nice thread about our work on WhatsApp presented at Eurocrypt earlier today and discussed in @dangoodin.bsky.social's article linked below.
danwilshirejones.bsky.social
Dan Jones @danwilshirejones.bsky.social · May 8
How does WhatsApp implement encrypted group chats? And are they secure? @malb.bsky.social, @bedow.bsky.social and myself were keen to figure this out. After two years of reverse-engineering, analysis and a few too many proofs, I presented our work at Eurocrypt earlier today. So, what did we learn?
Formal Analysis of Multi-Device Group Messaging in WhatsApp
WhatsApp provides end-to-end encrypted messaging to over two billion users. However, due to a lack of public documentation and source code, the specific security guarantees it provides are unclear. Se...
ia.cr
1
Reposted by Martin R. Albrecht
danwilshirejones.bsky.social
Dan Jones @danwilshirejones.bsky.social · May 8
... who have to constantly monitor the UI for changes to the member list. And it is a burden that is unnecessary: Signal deploys cryptographic control of group membership at scale, for example. Thanks @dangoodin.bsky.social for your coverage of our work in this piece: arstechnica.com/security/202...
WhatsApp provides no cryptographic management for group messages
The weakness creates the possibility of an insider or hacker adding rogue members.
arstechnica.com
1 3 8
Reposted by Martin R. Albrecht
danwilshirejones.bsky.social
Dan Jones @danwilshirejones.bsky.social · May 8
How does WhatsApp implement encrypted group chats? And are they secure? @malb.bsky.social, @bedow.bsky.social and myself were keen to figure this out. After two years of reverse-engineering, analysis and a few too many proofs, I presented our work at Eurocrypt earlier today. So, what did we learn?
Formal Analysis of Multi-Device Group Messaging in WhatsApp
WhatsApp provides end-to-end encrypted messaging to over two billion users. However, due to a lack of public documentation and source code, the specific security guarantees it provides are unclear. Se...
ia.cr
1 15 30
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · May 8
This is cool heimberger.xyz/oprfs.html
PQ-OPRF table
heimberger.xyz
6 14
Reposted by Martin R. Albrecht
kennyog.bsky.social
Kenny Paterson @kennyog.bsky.social · May 4
Just about ready to set off to Madrid for #eurocrypt 2025, where I’ll have the great honour of giving the 2025 IACR Distinguished Lecture on Tuesday afternoon. #iacr #cryptography
2 3 30
Reposted by Martin R. Albrecht
eprint.ing.bot
ePrint Updates @eprint.ing.bot · May 5
Formal Analysis of Multi-Device Group Messaging in WhatsApp (Martin R. Albrecht, Benjamin Dowling, Daniel Jones) ia.cr/2025/794
Abstract. WhatsApp provides end-to-end encrypted messaging to over two billion users. However, due to a lack of public documentation and source code, the specific security guarantees it provides are unclear. Seeking to rectify this situation, we combine the limited public documentation with information we gather through reverse-engineering its implementation to provide a formal description of the subset of WhatsApp that provides multi-device group messaging. We utilise this description to state and prove the security guarantees that this subset of WhatsApp provides. Our analysis is performed within a variant of the Device-Oriented Group Messaging model, which we extend to support device revocation. We discuss how to interpret these results, including the security WhatsApp provides as well as its limitations.
2 8
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · May 4
Okay, this is fun github.com/Jacksaur/Gor... I like the DOOM one.
GitHub - Jacksaur/Gorgeous-GRUB: Collection of decent Community-made GRUB themes. Contributions welcome!
Collection of decent Community-made GRUB themes. Contributions welcome! - Jacksaur/Gorgeous-GRUB
github.com
3
Reposted by Martin R. Albrecht
susurrusus.bsky.social
John Schanck @susurrusus.bsky.social · May 3
We teach a broad range of political perspectives here at Harvard... ranging from those of *checks notes*... center-right military officials to... *squints* ultra-right market absolutists, and you should be more grateful for that.
A paragraph from Boaz Barak's recent NY Times op-ed: 'You might think I can avoid politics in the classroom only because I am a computer scientist. This is not the case. Faculty members who are determined enough can inject politics into any topic, and after all, computer science has brought huge and significant changes to society. The interaction of computer science and policy sometimes arises in my classes, and I make sure to present multiple perspectives. When I teach cryptography, a topic at the heart of the tension between privacy and security, I share with my students writings by former National Security Agency officials as well as "The Crypto Anarchist Manifesto."'
3 8
Reposted by Martin R. Albrecht
matthewdgreen.bsky.social
Matthew Green @matthewdgreen.bsky.social · May 3
The idea that you can just “teach computer science” and be apolitical is a beautiful dream that expired in the 2000s, at the latest. Computer science has re-organized every facet of our society: it is inherently political. Instead of taking this idea seriously, we ran from it. Now we live in hell.
5 60 240
Reposted by Martin R. Albrecht
ducu.bsky.social
Durham UCU @ducu.bsky.social · Apr 29
Day two of the strike, and we've ben getting a lot of questions from students about the action. What's it for, why are we doing it now, and how can they help.

So let's run through some Strike Questions! 🧵
1 10 19
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · Apr 28
If someone is up for helping with some bitrot in FPLLL, FPyLLL and G6K, that'd be nice.

- github.com/fplll/fplll/...
- github.com/fplll/fplll/...
- github.com/fplll/fpylll...
clang-format on Ubuntu 24.04 has different ideas · Issue #538 · fplll/fplll
It seems clang-format on Ubuntu 24.04 flags some code as non-compliant that previously was considered compliant
github.com
1 2
malb.bsky.social
Martin R. Albrecht @malb.bsky.social · Apr 28
NCSC-née-GCHQ have a whitepaper on FHE, PIR, MPC, ZK, PSI and ABE out: www.ncsc.gov.uk/whitepaper/a...
Advanced Cryptography
Deciding when to use Advanced Cryptography to protect your data
www.ncsc.gov.uk
6 13
Reposted by Martin R. Albrecht
phillipanderson.bsky.social
🎃 Phillip Anderson is UNDEAD 🧛🏻‍♀️ @phillipanderson.bsky.social · Apr 15
There’s just so much shady shit in this story, but this really sticks out. Folks in NLRB’s IT unit were so freaked out by what they saw DOGE doing that they wanted to notify the Cybersecurity and Infrastructure Security Agency. Then this happened:
The new revelations about DOGE's activities at the labor agency come from a whistleblower in the IT department of the NLRB, who disclosed his concerns to Congress and the U.S. Office of Special Counsel in a detailed report that was then provided to NPR. Meanwhile, his attempts to raise concerns internally within the NLRB preceded someone "physically taping a threatening note" to his door that included sensitive personal information and overhead photos of him walking his dog that appeared to be taken with a drone, according to a cover letter attached to his disclosure filed by his attorney, Andrew Bakaj of the nonprofit Whistleblower Aid.
160 3.8K 8K