Conference talk presenting a unified framework for deniability analysis of Signal handshake protocols, including a deniable ring signature from Falcon/MAYO.
Conference talk presenting the BAKE framework for Signal's handshake protocols, covering X3DH, PQXDH, and the fully post-quantum RingXKEM.
The Signal protocol relies on a handshake protocol, formerly X3DH and now PQXDH, to set up secure conversations. One of its privacy properties, of value to Signal, is deniability, …
The Signal protocol relies on a special handshake protocol, formerly X3DH and now PQXDH, to set up secure conversations. Prior analysis of these protocols (or proposals for …
We propose higher-security parametersets of CSIDH, and present highly-optimized implementations. We measure the performance when using these parameters in TLS, and show that the …
We prove the security of KEMTLS in two Tamarin models. One mode is based on the Cremers et al. model of TLS 1.3; the other closely resembles our pen-and-paper proofs. These models …
Invited lecture about TLS, its history and making TLS post quantum. I also discuss KEMTLS.
An introduction to formal analysis and our proof of the security of KEMTLS.
We make KEMTLS more efficient in scenarios where the client already has the server's long-term public key, for example through caching or because it's pre-installed.
In this paper, we study implementations of post-quantum signature schemes on resource-constrained devices. We focus on verification of signatures and cover NIST PQC round-3 …