RSS.Social

Neil Madden

follow: @[email protected]

Posts

No, no, no. You’re still not doing REST right!

Streaming public key authenticated encryption with insider auth security

Are we overthinking post-quantum cryptography?

A look at CloudFlare’s AI-coded OAuth library

The square roots of all evil

Digital signatures and how to avoid them

Machine Learning and the triumph of GOFAI

Galois/Counter Mode and random nonces

SipHash-based encryption for constrained devices

Newsletter

A controversial opinion about REST API design

Regular JSON

I still don’t really get “hash shucking”

Entity authentication with a KEM

Book review: The Joy of Cryptography

A few programming language features I’d like to see

On PBKDF2 iterations

A few clarifications about CVE-2022-21449

CVE-2022-21449: Psychic Signatures in Java

Is Datalog a good language for authorization?

Why the OAuth mTLS spec is more interesting than you might think

Multiple input MACs

From KEMs to protocols

How do you use a bearer URL?

Towards a standard for bearer token URLs

When a KEM is not enough

Hybrid encryption and the KEM/DEM paradigm

Making things

XSS doesn’t have to be game over

Parse, don’t type-check