Possible to get a free audit for a protocol?
We are making [a federated end-to-end encrypted messaging protocol]( and implementation. I understand the importance of getting any security-related software audited by qualified cryptographers. Most other secure messengers have got an audit. However there is no business invovled here, just me and 2 friends involved in making it (and mostly just me), and I don't view forking over a ton of money for this as a reasonable option. I found the [Open Crypto Audit]( project which sounds like exactly what I'm looking for, but I don't think they exist anymore, their website and twitter account haven't been updated since 2015. I contacted them anyway just incase but haven't got a response. Any other options?

Trail of Bits is publicly disclosing critical vulnerabilities that break the soundness of multiple implementations of zero-knowledge proof systems, including PlonK and Bulletproofs. These vulnerabilities are caused by insecure implementations of the Fiat-Shamir transformation that allow malicious users to forge proofs for random statements.

Paper: Breaking Rainbow Takes a Weekend on a Laptop
> **Abstract:** "This work introduces new key recovery attacks against the Rainbow signature scheme, which is one of the three finalist signature schemes still in the NIST Post-Quantum Cryptography standardization project. [...]"

New Directions in Cryptography (1976 paper by Whitfield Diffie and Martin E. Hellman)
**“WE STAND TODAY on the brink of a revolution in cryptography.”** this paper marks the introduction of public-key cryptography in the open literature.

cryptography (noun). The discipline concerned with communication security (eg, confidentiality of messages, integrity of messages, sender authentication, non-repudiation of messages, and many other related issues), regardless of the used medium such as pencil and paper or computers.

This community is for links about and discussion of cryptography specifically. For privacy technology more generally, use !privacy.

This community is explicitly not about cryptocurrency; see !crypto for that.

  • 0 users online
  • 1 user / day
  • 2 users / week
  • 4 users / month
  • 8 users / 6 months
  • 55 subscribers
  • 23 Posts
  • Modlog