david wong

Hey! I'm David, cofounder of zkSecurity and the author of the Real-World Cryptography book. I was previously a crypto architect at O(1) Labs (working on the Mina cryptocurrency), before that I was the security lead for Diem (formerly Libra) at Novi (Facebook), and a security consultant for the Cryptography Services of NCC Group. This is my blog about cryptography and security and other related topics that I find interesting.

CryptoMag is looking for articles posted July 2018

Hey you!

You want to teach someone about a crypto concept, something 101 that could be explained in 1-2 pages with a lot of diagrams? Look no more, we need you.

Concept

The idea is to have a recurrent benevolent e-magazine (like POC||GTFO) that focuses on:

  • cryptography: duh! That being said, cryptography does include: implementations, cryptocurrencies, protocols, at scale, politics, etc. so there are more topics that we deem interesting than just theoretical cryptography.
  • pedagogy: heaps of diagrams and a focus on teaching. Taking an original writing style is a plus. We're looking not to bore readers.
  • 101: we're looking for introductions to concepts, not deeply technical articles that require a lot of initial knowledge to grasp.
  • short: articles should be similar to a blog post, not a full-fledged paper. With that in mind articles should be around 1, 2 or 3 pages. We are not looking for something dense though, so no posters, rather a submission should be a light read that can be part of a series or influence the reader to read more about the topic.

Topics

Preferably, authors should write about something they are familiar with, but here is a list of topics that would likely be interesting for such a light magazine:

  • what is SSH?
  • what is SHA-3?
  • what is functional encryption?
  • what is TLS 1.3?
  • what is a linear differential attack?
  • what is a cache attack?
  • how does LLL work?
  • what are common crypto implementation tricks?
  • what is R-LWE?
  • what is a hash-based signature?
  • what is an RFC?
  • what is the IETF?
  • what is the IACR?
  • why are companies encrypting databases?
  • what is x509, .pem, asn.1 and base64?
  • etc...

Format

LaTeX if possible.

Deadline

No deadline at the moment.

How to submit

send me a dropbox link or something on the contact page, you can also send it to me via twitter

PS: I am going to annoy you if you don't use diagrams in your article

comment on this story

Decentralized Application Security Project posted April 2018

Last month I was in Singapore with Mason to talk about vulnerabilities in Ethereum smart contracts at Black Hat Asia. As part of the talk we released the DASP, a top 10 of the most damaging or surprising security vulnerabilities that we have observed in the wild or in private during audits we perform as part of our jobs.

dasp

The page is on github as well and we welcome contributions to the top 10 and the list of known exploits. In addition we're looking to host more projects related to the Ethereum space there, if you are looking for research projects or are looking to contribute on tools or anything that can make smart contracts development more secure, file an issue on github!

Note that I will be giving the talk again at IT Camp in Cluj-Napoca in a few months.

comment on this story

On Real World Crypto and Secure Messaging posted January 2018

Paul Rösler and Christian Mainka and Jörg Schwenk released More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema in July 2017.

Today Paul Rösler came to Real World Crypto to talk about the results, which is a good thing. Interestingly, in the middle of the talk Wired released a worrying article untitled WhatsApp Security Flaws Could Allow Snoops to Slide Into Group Chats.
Interestingly as well, at some point during the day Matthew Green also wrote about it in Attack of the Week: Group Messaging in WhatsApp and Signal.

They make it seem really worrisome, but should we really be scared about the findings?

Traceable delivery is the first thing that came up in the presentation. What is it? It’s the check marks that appear when your recipient receives a message you sent. It's mostly a UI feature but the fact that no security is tied to it allows a server to fake them while dropping messages, making you think that your recipient has wrongly received the message. This was never a security feature to begin with, and nobody never claimed it was one.

Closeness is the fact that the WhatsApp servers can add a new participant into your private group chat without your consent (assuming you’re the admin). This could lead people to share messages to the group including to a rogue participant. The caveat is that:

  • previous messages cannot be decrypted by the newcomer because a new key is generated when someone new joins the mix

  • everybody is receiving a notification that somebody joined, at this point everyone can choose to willingly send messages to the group

Again, I do not see this as a security vulnerability. Maybe because I’ve understood how group chats can work (or miswork) from growing up with shady websites and applications. But I see this more as a UI/UX problem.

The paper is not bad though, and I think they’re right to point out these issues. Actually, they do something very interesting in it, they start it up with a nice security model that they use to analyse several messaging applications:

Intuitively, a secure group communication protocol should provide a level of security comparable to when a group of people communicates in an isolated room: everyone in the room hears the communication (traceable delivery), everyone knows who spoke (authenticity) and how often words have been said (no duplication), nobody outside the room can either speak into the room (no creation) or hear the communication inside (confidentiality), and the door to the room is only opened for invited persons (closeness).

Following this security model, you could rightfully think that we haven’t reached the best state in secure messaging. But the fuss about it could also wrongfully make you think that these are worrisome attacks that need to be dealt with.

The facts are here though, this paper has been blown out of proportion. Moxie (one of the creator of Signal) reacts on hackernews:

To me, this article reads as a better example of the problems with the security industry and the way security research is done today, because I think the lesson to anyone watching is clear: don't build security into your products, because that makes you a target for researchers, even if you make the right decisions, and regardless of whether their research is practically important or not.

I'd say the problem is in the reaction, not in the published analysis. But it's a sad reaction indeed.

Good night.

comment on this story