david wong

Hey! I'm David, a security consultant at Cryptography Services, the crypto team of NCC Group . This is my blog about cryptography and security and other related topics that I find interesting.

Best crypto blog posts of 2017

posted 3 weeks ago

Hello hello,

Merry christmas and happy new year. We're done for the year and so it is time for me to write this blog post (I did the same last year by the way).

I'll copy verbatim what I wrote last year about what makes a good blog post:

  • Interesting. I need to learn something out of it, whatever the topic is. If it's only about results I'm generally not interested.
  • Pedagogical. Don't dump your unfiltered knowledge on me, I'm dumb. Help me with diagrams and explain it to me like I'm 5.
  • Well written. I can't read boring. Bonus point if it's funny :)

Without further adue, here is the list!

That's it!

Have I missed something? Please tell me in the comments.

If you want more links like these, be sure to subscribe to my link section here on this website.

See you in 2018!

Well done! You've reached the end of my post. Now you can leave me a comment :)

Nemanja Mijailovic

The explanation of the math behind Privacy Pass was one of the best posts on the Cloudflare blog this year: https://blog.cloudflare.com/privacy-pass-the-math/.



Nemanja Mijailovic

This post has been sitting in my bookmarks for months and I haven't found the time to read it yet, but "SIDH in Go for quantum-resistant TLS 1.3" looks promising: https://blog.cloudflare.com/sidh-go/.


Hey David. I'm Shevek at /r/crypto.

Your list shines! I've read many of the items, some of them because you proposed them in /r/crypto. My contribution is an article of my blog that tries to fulfil points 1 & 2 (also 3, but I'm limited because English is not my mother language).



added added!

Joshua Davies

Honored to be included here! The article on my site that you linked was actually part 3 of a series - I walked through an entire TLS 1.2 handshake byte-by-byte (which took quite a bit longer to put together than I initially anticipated). If anybody is hungry for the full story, you may want to start with part one, here: http://commandlinefanatic.com/cgi-bin/showarticle.cgi?article=art059

Santiago Zanella-Beguelin

Hi David!
I'm humbled that my post made it into this very select list. We actually have an official F* blog (https://fstarlang.github.io/) that we should use more often. I'll try to turn my brain-dump into a proper blog post there.
Let's hang out at RWC!