Cryptography coverage.

Show HN: Rscrypto, pure-Rust crypto with industry leading public benches

Rust crypto w/ zero default deps: BLAKE3, Ed25519/X25519, hashes, MACs, KDFs, AEADs, and checksums w/ full SIMD/ASM acceleration - loadingalias/rscrypto…

A Post-Quantum Future for Let's Encrypt

Let’s Encrypt is committed to a post-quantum-safe Web PKI. The path we’re planning to take is Merkle Tree Certificates (“MTCs”), a new approach that adds post-quantum authenticatio…

The French Have the Quantum Circuits

Craig Gidney's computer science blog…

The Crowd Joins the Race to Break Elliptic Curve Cryptography

Today a crazy quantum story just got wilder. On March 31, the Google Quantum AI team published a landmark result on Shor's algorithm for elliptic curve cryptography. Technically, …

Optimized Point Addition Circuits for Elliptic Curve Discrete Logarithms [pdf]

Shor's algorithm represents the main threat of quantum computers to cryptography. In order to precisely understand its feasibility, many authors have worked towards reducing its co…

Explainer of the most widely used zero-knowledge proof system

Groth16 is still the gold standard for succinct SNARKs: 128-byte proofs, constant-size verification, and a decade of real-world deployment. But despite its ubiquity, almost nobody …

wolfSSL releases a new product; wolfCOSE a zero alloc C embbedded COSE stack

A fast, portable, and lightweight COSE + CBOR implementation for embedded systems. Supports PQC, FIPS 140-3, DO-178, and MISRA C. Powered by wolfSSL. - wolfSSL/wolfCOSE…

Breaking Enigma with an FPGA, Just like at Bletchly Park

The pioneering work done by Alan Turing and others at Bletchley Park in England was perhaps as important in the history of technology as it was the history of the war. Given the la…

Autonomous LLM Agent Worms

Autonomous LLM agents operate as long-running processes with persistent workspaces, memory files, scheduled task state, and messaging integrations. These features create a new prop…

Security experts warn Bitcoin faces urgent quantum risks as adversaries stockpile encrypted data

Google Quantum AI cut qubit estimates to break Bitcoin's cryptography by 20x. With $450-500B in BTC exposed and adversaries stockpiling data, experts urge action.…

Is a basic understanding of PKI and Public Key Cryptography necessary to work in cyber ?

AI Propaganda factories with language models

AI-powered influence operations can now be executed end-to-end on commodity hardware. We show that small language models produce coherent, persona-driven political messaging and ca…

Zero-Knowledge Proofs: Proving You Know a Secret Without Revealing It

Suppose you need to prove you are over 18 without showing your birthdate, or that you know a password...…

Acme CAA Extensions to Become Mandatory

Product Update: Post-Quantum Cryptography meets <1s Kubernetes Syncs

Engineering teams are actively seeking alternatives to the operational complexity of legacy...…

Turning Bias into Bugs: Bandit-Guided Style Manipulation Attacks on LLM Judges

The known stylistic biases in LLM judges, such as a preference for verbosity or specific sentence structures, present an underexplored security vulnerability. In this work, we intr…

Furina: Fragmented Uncertainty-Driven Refusal Instability Attack

Safety alignment in large language models (LLMs) and multimodal large language models (MLLMs) is commonly assumed to operate as a near-binary threshold mechanism. We challenge this…

Quantinuum targets $12.7B valuation in US IPO, raising stakes for quantum computing’s crypto threat

Quantinuum targets a $12.7B valuation in its US IPO, aiming to raise $1.05B. Here's what the quantum computing listing means for crypto security.…

Tensor Cryptographic Behavioural Audit (TCBA)

TCBAPage on Physivitis . Physivitis manages 5 data types including investor documents.…

Plausible Deniability in Cryptography: Building a Duress Password in Rust

How to design a tool that, under coercion, reveals a decoy message that's cryptographically indistinguishable from the real one. And why your decoder should never return an error. …

Heimdall: Formally Verified eBPF-to-Rust Migration

Extended Berkeley Packet Filter (eBPF) programs are kernel extensions used for networking, observability, and security enforcement in the Linux kernel. The in-kernel eBPF verifier …

Show HN: Building Production MPC Wallets: Architecture and Solana Implementation

A practitioner's guide to building MPC wallets that actually work in 2026. Covers DKG, threshold signing with FROST, what BitForge taught the industry, and a working 2-of-3 referen…

ML-KEM + X-Wing Patches Posted For Linux To Help With Post-Quantum Security

Linux cryptography expert Eric Biggers of Google posted a set of patches on Monday for providing proof-of-concept support for ML-KEM and X-Wing for post-quantum cryptography.…

Announcing the Trust Identity Protocol (TIP): HTTPS for the AI Era

The Trust Identity Protocol is a free, open, post-quantum, patented standard for verified human identity and AI content provenance on the public internet. Built by The AI Lab Intel…

Individual Logarithm Reduction Step of Discrete Logarithm Problem

Watch now | Damian Weber's Sieve Reduction Algorithm for Descend Phase of DLP…

The Misattribution Gap: When Memory Poisoning Looks Like Model Failure in Agentic AI Systems

Multi-agent AI pipelines typically assume that agent misconduct originates from model misalignment. We identify a structural failure in this assumption, the \emph{Misattribution Ga…

PoisonForge: Task-Level Targeted Poisoning Benchmark for Instruction-Tuned LLMs

When practitioners fine-tune LLMs on unvetted datasets, an adversary can exploit the data supply chain through task-level poisoning: inserting a small number of crafted instruction…

Quantum ‘Jamming’ Could Help Unlock the Mysteries of Causality

To keep communications secure in a post-quantum world, cryptographers are digging down into the concept of cause and effect.…

Don't Roll Your Own

I Built a Post-Quantum Cryptographic Identity SDK for AI Agents — Here's Why It Needs to Exist

AI agents are buying concert tickets and controlling browsers. Nobody is asking who authorized them. Cord Protocol fixes that.…

Are we overthinking post-quantum cryptography? (2025)

tl;dr: yes, contra thingamajig’s law of wotsits. Before the final nail has even been hammered on the coffin of AI, I hear the next big marketing wave is “quantum”. Quantum computin…

Apple shares iPhone and Mac post-quantum cryptography code on GitHub

Apple today published new corecrypto source code on GitHub, alongside a detailed technical post explaining the intricate work behind its post-quantum cryptography efforts.…

Measuring Security Without Fooling Ourselves: Why Benchmarking Agents Is Hard

The benchmarks used to evaluate AI agents in security-critical roles suffer from crucial weaknesses. Building on recent empirical evidence, we characterize three core challenges th…

A blueprint for formal verification of Apple corecrypto

With the latest release of corecrypto, we’re publishing our implementations of quantum-secure ML-KEM and ML-DSA algorithms, along with the mathematical proofs we built to assure th…

Show HN: An open source tool that checks for post-quantum crypto

Post-Quantum Cryptography. Contribute to The-CISO-Network/pqc development by creating an account on GitHub.…

Heartbeat-Bound Hierarchical Credentials: Cryptographic Revocation for AI Agent Swarms

Autonomous AI agents that spawn sub-agent swarms create a safety gap: existing credential revocation mechanisms, OAuth~2.0 introspection, OCSP, and W3C Status Lists, require networ…

An Application-Layer Multi-Modal Covert-Channel Reference Monitor for LLM Agent Egress

A large language model (LLM) agent that sends messages can leak data inside them. Destination allowlists and content scanners do not police whether an otherwise-benign payload is i…

6.04 million Bitcoin exposed to quantum risk, says Glassnode

Glassnode data shows 6.04M BTC, or 30.2% of issued supply, is exposed to quantum risk due to visible public keys on-chain. Here's what that means.…

Bashiir

To prepare for a future where powerful quantum computers come online, we've upgraded our WARP client with post-quantum cryptography. This protects both consumers and enterprises fr…

Ethereum plans to move from BLS signatures to post quantum secure signatures

Learn how Ethereum could replace BLS validator signatures with post-quantum leanSig, covering hash-based keys, Merkle proofs, aggregation, and trade-offs.…

Agent Security Is a Systems Problem

We take the position that agent security must be approached as a systems problem: the AI model powering the agent must be treated as an untrusted component, and security invariants…

BSC’s quantum defense works. The trade-off is 40% slower transaction throughput.

BSC’s quantum defense works. The trade-off is 40% slower transaction throughput.…

Agentic AI Runtime Security and Self-Defense (2025)

The A2AS framework is introduced as a security layer for AI agents and LLM-powered applications, similar to how HTTPS secures HTTP. A2AS enforces certified behavior, activates mode…

Linux AF_ALG Crypto Code Removing Zero-Copy Support Out Of Security Concerns

Given all the recent Linux kernel security concerns and new bugs being discovered, the Linux cryptographic subsystem is proactively dropping zero-copy functionality from AF_ALG due…

Who Owns This Agent? Tracing AI Agents Back to Their Owners

AI agents are increasingly deployed to act autonomously in the world, yet there is still no reliable way to trace a harmful agent back to the account that deployed it. This creates…

Digital Signatures: The “Trust Me Bro” Detector for Junior Cybersecurity Engineers

A practical explanation of how digital signatures prove authenticity and integrity, why hashing matters, and what junior cybersecurity engineers should verify before trusting signe…

OPAQUE: Password Authentication That Never Sends the Password

The standard way to log in — type a password, send it to the server, hope the server hashes it well —...…

Autonomous Intelligent Agents for Natural-Language-Driven Web Execution with Integrated Security Assurance

Modern web test suites rot. A UI refactor breaks locators, a timing change causes race conditions, and within weeks developers abandon the suite entirely. This paper presents an AI…

Hidden in Memory: Sleeper Memory Poisoning in LLM Agents

Large language models are increasingly augmented with persistent memory, allowing assistants to store user-specific information across sessions for personalization and continuity. …

So you want to deploy FN-DSA

FN-DSA (née Falcon) is a proposed post-quantum signature standard that keeps polarizing engineers. Cryptography engineers on the one hand, tasked with potentially implementing this…

Additive FFT Explained: Fast Fourier Transforms over Binary Fields

Warning: This post is more math heavy than other articles. Introduction In this article we continue our study of towers of binary fields, motivated by the proposal of Diamond …

The Futility of Lava Lamps: What Random Really Means

Lava lamps are cool, but there are better ways to get random numbers.…

JWT Is Not Quantum-Safe — So I Built a Library That Is

I built @pq-jwt/core — a post-quantum JWT library using NIST FIPS 204 (ML-DSA) and FIPS 205...…

How AI Can Help You Recover Your Bitcoin

Introduction When people talk about Artificial Intelligence today, the conversation...…

What Happened in There? A Tamper-Evident Audit Trail for AI Agents

How nono records every AI agent action in an append-only Merkle tree with cryptographic proof the record was not forged, edited, or truncated.…