cryptologie.net

cryptography, security, and random thoughts

Hey! I'm David, cofounder of zkSecurity, research advisor at Archetype, and author of the Real-World Cryptography book. I was previously a cryptography architect of Mina at O(1) Labs, the security lead for Libra/Diem at Facebook, and a security engineer at the Cryptography Services of NCC Group. Welcome to my blog about cryptography, security, and other related topics.

← back to all posts

◦

NSA was not aware of the Heartbleed bug

2014-04-12 blog

NSA is not happy. NSA is tweeting, tumblring (is this a verb?) and shouting loud and for all of who wants to hear it : they didn’t know about the Heartbleed bug.

by the way they’re talking about a “zero day” vulnerability, and now is a good time to learn what it is:

a so-called “Zero day” vulnerability because the developers of the vulnerable software have had zero days to fix it

I’m akin to trust them since… well. So many US websites were using OpenSSL and… it’s not really nice if someone else eavesdrop on american citizen…

Anyway, this shows that the NSA has a long way to build trust again.

suggested reads:

→ Heartbleed : serious vulnerability in open SSL • blog

→ A Brief History of NSA Backdoors. • blog

→ How Heartbleed works thanks to XKCD • blog

← back to all posts blog • 2014-04-12

currently reading:

NSA was not aware of the Heartbleed bug

04-12 blog

recent posts:

New cryptologie.net

07-20 blog

Weaponizing AI Assistants: With Their Permission

07-20 blog

What are Schwartz-Zippel circuits? How do they relate to iterative constraint systems?

05-29 blog

Short Note On Montgomery Reduction: Why Operating Modulo b?

05-24 blog

Still confused by Plonk's permutation?

03-13 blog

Partial evaluations and linearization

03-12 blog

The trap of the top-down approach

03-07 blog

My company is looking for interns

02-25 blog

Vlogging attempts

02-16 blog

I like whiteboards

10-17 blog

↓ scroll

📖 my book

Real-World Cryptography is available from Manning Publications.

A practical guide to applied cryptography for developers and security professionals.

🎙️ my podcast

Two And A Half Coins on Spotify.

Discussing cryptocurrencies, databases, banking, and distributed systems.

📺 my youtube

Cryptography videos on YouTube.

Video explanations of cryptographic concepts and security topics.

currently reading:

NSA was not aware of the Heartbleed bug

04-12 blog

recent posts:

New cryptologie.net

07-20 blog

Weaponizing AI Assistants: With Their Permission

07-20 blog

What are Schwartz-Zippel circuits? How do they relate to iterative constraint systems?

05-29 blog

Short Note On Montgomery Reduction: Why Operating Modulo b?

05-24 blog

Still confused by Plonk's permutation?

03-13 blog

📖 my book

Real-World Cryptography is available from Manning Publications.

A practical guide to applied cryptography for developers and security professionals.

🎙️ my podcast

Two And A Half Coins on Spotify.

Discussing cryptocurrencies, databases, banking, and distributed systems.

📺 my youtube

Cryptography videos on YouTube.

Video explanations of cryptographic concepts and security topics.