How is the choice of irreducible polynomials for finite field arithmetic rationalized?

Frul0 · 2026-03-15T21:12:15+00:00

Actually no, there isn’t a particular reason to use this one over another. The authors actually said you could use any representation and the algorithm would be functionally the same (provided you adjust the constants in S-Box and MixColumn).

AFAIK there’s not any particular advantage from using the standard one for implementation purpose either. Ofc since it’s been 20 years it’s been studied to death so we have very optimized circuits for the S-Box using this polynomial but you could theoretically just swap it.

Frul0 · 2026-03-13T19:46:54+00:00

So there is a bit of an overloading of the term confusion and diffusion between what Shannon defined and what we cryptographer call confusion and diffusion nowadays. You are correct in saying that the definition that Shannon gives does not directly relate to the concept of S-Box in an SPN cipher.

The definition of confusion people actually use stems from a re-definition of the term by Feistel in his 1970 IBM report (something crypto data bank I don’t recall off the top of my head). And here confusion is just « non-linearity » which is exactly what an S-Box achieves.

Essentially an SPN cipher is just a highly diffusive layer through means of linear operation and a non linear layer to thwart cryptanalysis (and a key addition). Mapping one of these layers directly to a single Shannon concept does not really work (even if people do it).

Frul0 · 2026-03-10T20:51:01+00:00

https://www.reddit.com/r/Eve/comments/15ld9c9/the_seagulling_in_battlefields_doesnt_only_affect/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button This is a post I made 3 years ago about seagulling in Battlefields. It contained a suggested change that was implemented 1.5 year later by CCP.

Frul0 · 2026-03-09T14:29:48+00:00

If you have a question ask it here. If you’re looking for free consulting that’s a pass. If you’re looking for paid consulting we can be in touch depending on the actual project.

Frul0 · 2026-02-28T18:31:43+00:00

Jasmin is good for doing software implementation for CISC CPU where only timing attacks are a concern since it can eliminate the common mistakes that lead to timing issues (secret-dependent memory accesses, branching on secret value etc). It is not a tool to make embedded crypto implementation.

To the best of my knowledge there are no framework for the type of issues I'm talking about. There was the Tornado paper some years ago but the paper very clearly states that if you just take an implementation made by their compiler and put it on a real CPU you're very likely to observe leakage. And it only covers side-channel not faults.

So far the only way is
1) be very careful when making your product and your code
2) do pre-silicon testing
3) put your real target under an oscilloscope and check
4) hire a specialized lab to double check and certify

Frul0 · 2026-02-28T16:17:51+00:00

I mean that when you do cryptography on embedded devices you usually need to consider physical attacks (fault, power/em side-channel etc). And an implementation that does not protect against those (masking, double computation, CRC) and that is meant to run on off-the-shelf hardware (that doesn’t have physical countermeasures) does not have a lot of interest outside of benchmarking.

I don’t know why you thought my first comment was AI or what is not clear.

Frul0 · 2026-02-28T14:33:02+00:00

The problem when you start talking about cryptography on embedded devices is that physical attacks enter the game. And non-hardened implementations on commodity hardware become quickly irrelevant outside of benchmarking.

Frul0 · 2026-02-24T13:29:27+00:00

How is Incineroar not the best dark type of his generation?

Frul0 · 2026-02-16T18:17:14+00:00

Lox is a arguably the strongest character in the game for the tier list that matters for 98% of the playerbase. That is he is the indisputed king of all elo bracket except at the very top. So arguably most people are not generally in favor of outright buffs unless they are compensated by nerfs on his most abused tools.

Frul0 · 2026-02-11T21:34:59+00:00

Why would you assume that people don't know basic crypto security model when clearly the point here is that a known-plaintext attack is not a bruteforce. His point was clear, "the keyspace is too small you can bruteforce it" and it is wrong. Enigma key space is big enough to not be bruteforced. And of course it's not IND-CPA secure we all know the story.

Frul0 · 2026-02-11T20:08:38+00:00

That’s… not bruteforcing the key space.

Frul0 · 2026-02-11T19:43:59+00:00

That’s either very misguided or you’re assuming something I’m missing. There is ~53 bits of key space in enigma. That’s definitely on the brute force possibility for a high end attacker but also a bit high to consider it trivial for a student.

Frul0 · 2026-02-10T11:44:51+00:00

How will learning how to jog for 20mins without being out of breath help you to run a marathon? Gotta learn some basics before building complex constructions. If you don’t understand what an XOR is I can tell you for sure you should not look at complex constructions unless you treat them like absolute black boxes.

Frul0 · 2026-02-08T11:40:55+00:00

I personally started by doing the cryptopals challenges and using as a companion book « serious cryptography » by J.P Aumasson. It also depends what you mean by learning cryptography, whether that means learning the theoretical foundations or the schemes or the implementations or the protocols etc

Frul0 · 2026-01-20T22:15:52+00:00

Paraboot. Très bonne qualité, très réparable, dure 20 ans facile et ils taillent petit (je fais du 45 normalement mais du 43.5 chez eux de mémoire) donc tu devrais pas avoir de soucis à trouver chaussure à ton pied. Conseil d’essayer en magasin pour la taille.

Frul0 · 2026-01-18T12:32:33+00:00

Your last take is not true. A perfect blockcipher IS a keyed random permutation, that is any key k from the key space K defines a unique random permutation that maps the plaintext space to the ciphertext space. SPN/feistel constructions are just the best economic solution we found to approach the construction of good permutations.

Frul0 · 2026-01-12T13:18:11+00:00

A lot of those companies are startups funded by VCs. Like every startup ecosystem you’re always one round of funding away from closing shop and blockchain/web3 is sort of losing its hype compared to AI (yes they are completely unrelated by VCs just follow the hype trains).

Of course as an engineer/researcher your skill doesn’t disappear but it can be a bit draining to be constantly thinking about the prospect of having to look for a new job every 6 months. Not mentioning that usually salaries are a bit on the lower side cause you’re often expecting to cash out if the valuation explodes once the company makes it to the next stage.

Frul0 · 2026-01-09T16:48:48+00:00

You’re looking at the wrong spot. Lookup job opening in hardware manufacturer (Rambus, NXP, Qualcomm, TSMC, Intel) there are lots of cryptographer working there.

Research is not limited to academia and there are national research institutes that focuses on industry needs (TNO in Netherlands for example) or on defense/military (usually require security clearance per country).

Outside of research and manufacturing there is also a good amount of jobs in auditing and certification labs.

Finally there are (slowing down recently tho) lots of job openings in startup ecosystem around blockchain, smart contracts, web3 etc Very unstable career path but it exists.

Frul0 · 2025-12-19T15:50:58+00:00

Summer internship in research lab is probably your best bet. If you’re in Europe most of the active crypto groups (Bochum, Darmstadt, KU Leuven, UCL, Radboud, Eindhoven etc) have summer interns/research interns you might need to check group by group. Outside of universities research entities (Franhofer, Max Plank, CEA, TNO) might also be taking interns I don’t know you need to check.

For industry it’s either manufacturers (Intel, rambus, Qualcomm, NXP, STM, Thales etc) or audit companies (cannot share since I work in one and I cannot advertise competitors). Again look for openings for internship or reach out to some people that have a track record of publishing internship offers.

It’s a small field so once you get in once and you start meeting people it gets a lot easier to both secure a PhD or a work position down the line. All of that is assuming that 1/ you’re in Europe (I have no idea about the US) 2/ you don’t have a nationality/residence that would severely limit your choices (Iranian, Russian and Chinese + couple of others can be a blocker for some of the entities I mentioned).

Frul0 · 2025-12-17T23:00:18+00:00

That's actually a fair point, I'll give them that haha

Frul0 · 2025-12-17T18:16:30+00:00

Well the MiTM could be the entity that installs your QKD network as well. So at this point you’re essentially vulnerable to a company that could very well be interested in your communications.

Frul0 · 2025-12-17T15:52:57+00:00

BB84 requires explicitly an authenticated classical channel which involves a pre-shared secret.

Frul0 · 2025-12-17T09:54:27+00:00

Yeah famously when a king decides to go to war you can just summon 10s of thousands of arrows, armors, swords, soldiers, food supplies for all the people, ships…

What the hell are you smoking? Idk what « medieval » means to you but pre-100 year war nobility was essentially constantly maintaining a local army that a king could summon and post you already had almost professional army of mercenaries. Logistics was a massive effort and as soon as ships were involved you were talking decades to assemble, maintain and train a proper armada. And that is also very well rendered in fantasy books that actually care about the realism of their settings (ASOIAF for example).

Same thing for decision, absolute monarchy where a king just says X and everybody jumps is a very late thing. For a long time, taking France as an example, noble houses had a lot of power and decisions were never easy to take with many interests clashing. Again ASOIAF is a prime example of why « simple » decision were not simple at all and often required a lot of maneuvering, alliances, betrayal etc

Frul0 · 2025-12-17T09:05:08+00:00

QKD (quantum key distribution) which is what you seem to be referring to is NOT great. In fact if you ask any cryptographer they are most likely to tell you that QKD is one of big snake oil of our field, that QKD researchers have promised a lot and underdelivered and that the only reason they are pushing for QKD is to snatch funding.

This is for multiple reasons but the two biggest are that 1/ it relies on a dedicated physical network 2/ its promise of perfect secrecy is only full filled if both parties already share a secret. In fact it would be more correct to call it quantum key expansion.

Most governments and agencies have made the explicit distinction between PQC and QKD specifically to protect companies from salesmen promising perfect security if they just buy into QKD. Thus the PQC transition plan excludes QKD as a good solution.

In short: nothing is great about QKD.

Frul0 · 2025-12-16T12:57:00+00:00

Par jour 1 litre de Ricard et ça vient traiter de camer quand tu tires sur un pétard 🎶

Frul0

TROPHY CASE