Reading
Below is a list of links that I found interesting:In theoretical cryptography, the message to be hashed (for signing in a signature) is always referred to as a sequence of bytes. But in practice, what information should we include in the message? How to structure the information? This is also important in security, but left as the responsibility of the engineers.
I know David Wong from his book, Real-World Cryptography, and his blog His explanations are always clear and easy to understand. From this video, I learned that well-known experts sometimes have difficulty understanding things, but they find ways to overcome it.
We know how AES work, but we don't know what makes it a secure algorithm. Why are there Key Schedule, SubBytes, ShiftRows, MixColumns, AddRoundKey? This video explain the AES from a designers' perspective.
This is a simple explanation of big endian and little endian.
This tutorial provides a step-by-step template attack on AES.
This video presents the history and the techniques behind QR codes.
This presentation is very informative: the stories behind the paper, many new research directions after the paper, what's going on this industry, what's next...
This paper presents different interesting attacks on 5 encrypted cloud storage providers.
This blog explains how they accelerate x25519 and Ed25519 in x86_64 and Arm64 micro-architectures.
This is a gentle introduction about parings for beginners. I love the author's shares about his learning journey.
This interesting attack shows why constant-time implementation is important in crypto.
This is an excellent blog about the encryption feature in Telegram. I quote my favorite paragraph: "My strong suspicion is that many people who join Telegram for its social media features also end up using it to communicate privately. And I think Telegram knows this, and tends to advertise itself as a “secure messenger” and talk about the platform's encryption features precisely because they know it makes people feel more comfortable."
This a gentle introduction about template attacks. It provides detailed steps of the attack concept and explains the intuition behind.
This is a master thesis. I enjoyed the step-by-step explanation with a toy example about SASCA.
This paper explained what glitches are and how they affect the DPA security. This is a fundamental paper leading to the invention of modern masking schemes such as Threshold Implementation. The explanations are very easy to understand.
This paper presented many approaches of computing Pearson correlation in side-channel analysis. The authors started from a naïve computation algorithm, then pointed out the limitation in terms of time and/or memory, especially when a large number of traces is used for the computation. From that, they proposed many improved versions for the computation algorithm and thoroughly compared their efficiency.
This is an easy-to-understand introduction about the concept of SNR. The author started by explaining SNR from a statistical point of view, then linked it to the context of side-channel analysis (SCA).