Pascal Schärli
@pascscha.ch
Cyber security master's graduate from ETH Zürich, now a dedicated Cryptography Engineer with a strong passion for coding and scripting.
https://schaerli.org
https://schaerli.org
Overall their findings align strongly with my review I've done on the Sharekey Messenger. Their file sharing had the same chunk-based integrity issue, their file headers leaked a lot of information and they controlled the PKI, among other ugly things. I had written about it here:
schaerli.org/2
schaerli.org/2
June 1, 2025 at 4:10 PM
Overall their findings align strongly with my review I've done on the Sharekey Messenger. Their file sharing had the same chunk-based integrity issue, their file headers leaked a lot of information and they controlled the PKI, among other ugly things. I had written about it here:
schaerli.org/2
schaerli.org/2
Providers often just care (know?) about confidentiality other properties like even just file integrity are not a focus. Many of these apps only provided file integrity on a chunk-by-chunk basis, and rely heavily on a PKI that they control, putting a lot of the apparently "zero" trust back to them.
June 1, 2025 at 4:10 PM
Providers often just care (know?) about confidentiality other properties like even just file integrity are not a focus. Many of these apps only provided file integrity on a chunk-by-chunk basis, and rely heavily on a PKI that they control, putting a lot of the apparently "zero" trust back to them.
NIST still accepts comments about this draft, so I've decided to write out my concerns and sent them an email to provide feedback. I know there are much more notable people than me that are going to comment on this, but I thought the experience might be interesting. Here is what I wrote:
November 30, 2024 at 2:24 PM
NIST still accepts comments about this draft, so I've decided to write out my concerns and sent them an email to provide feedback. I know there are much more notable people than me that are going to comment on this, but I thought the experience might be interesting. Here is what I wrote:
For example, both ECDH and ECDSA will be disallowed in 2035, instead of disallowing ECDH earlier than ECDSA.
November 28, 2024 at 2:51 PM
For example, both ECDH and ECDSA will be disallowed in 2035, instead of disallowing ECDH earlier than ECDSA.
I don't fully agree with their proposal. While they acknowledge that "store now decrypt later" attacks make migration of asymmetric encryption algorithms more pressing than digital signatures, they treat both types equally in their timeline.
November 28, 2024 at 2:51 PM
I don't fully agree with their proposal. While they acknowledge that "store now decrypt later" attacks make migration of asymmetric encryption algorithms more pressing than digital signatures, they treat both types equally in their timeline.
Listing password hashes as a usage, but then following with not a single example algorithm suitable for password hashing seems misplaced.
November 23, 2024 at 8:53 PM
Listing password hashes as a usage, but then following with not a single example algorithm suitable for password hashing seems misplaced.
I hope this summary is satire
November 23, 2024 at 8:44 PM
I hope this summary is satire