Podcast

Blockchains as Government? 2023-05-12

• In which I try to naively apply the Fiscal Theory of the Price Level (a theory of inflation and fiat currency valuation) to tokens and blockchains.

Woops, Another Proof Framework 2023-05-09

• In which I ramble about some ideas for a new graphical language for cryptographic proofs, and why proofs matter anyways.

Idealized Models for Free 2023-03-10

• In which I talk about stealing the notion of parametricity from functional programming to define idealized models of cryptographic objects.

Sketches of Meta-Cryptography 2023-03-09

• In which I describe some very early research thoughts about so-called "meta-cryptography": the analysis of cryptographic models and their interconnections. Guest starring "Category Theory".

Procrastinating on my Master's Thesis 2023-03-08

• In which I talk about some research I intend to undertake this semester, from threshold ECDSA, to bulletin boards, to robust Schnorr signatures.

Cool Another Interesting Threshold Signature In The House 2023-03-07

• In which I talk about CAIT-SITH, and why it's a pretty cool threshold ECDSA scheme with good implementation ideas and performance.

2023 is the New 1971 2023-01-07

• Or why AI will not cause the economy to grow a bajillion times by 2030

They Don't Know about Non-Interactive MPC 2022-11-23

• In which I rant about how much mindspace Homomorphic Encryption occupies, and how this is similar to Machine Learning vs Computing.

Bulletin but not Bored 2022-10-12

• Why alphabetical references are better than numerical, why round complexity is of limited utility, and more!

Threshold ECDSA in Excessive Detail 2022-10-08

• In which I talk about ECDSA, and various ways of thresholdizing it.

Some Thoughts on Threshold Signatures 2022-10-05

• In which I give a high level overview of threshold signatures and how they work.

On Comparing SNARKs 2022-09-24

• Why it's difficult to compare SNARKs together, and why it would be nice to have a centralized table benchmarking and comparing them nonetheless, among other topics.

What is security? 2022-09-21

• What do we mean when we say some piece of cryptography is secure? What are cryptographic assumptions? How does modelling security fail in practice?

Thoughts on the Fiat-Shamir Transform 2022-09-18

• In which I explain what the Fiat-Shamir transform is, and go over some thoughts on good ways to implement it in practice.

On Security against Time Traveling 2022-09-07

• In which I talk about my recent paper of the same name.

Can Machines Learn Without Knowledge 2022-08-27

• On Zero-Knowledge Proofs and Machine Learning, the centralizing force of Machine Learning, and more!

Ok Algebraic Automaton 2022-08-24

• What exactly counts as a SNARK? Why do some proof systems need structured computation, and what are its limits? Why are boolean circuits so neat? And more!

Can You Cheat a Semi-Honest M 2022-08-20

• How useful is the semi-honest security model? How to integrate MPC at scale? Block producer privacy, and more!

MPC In The Head 2: Thoughts About Rem-Boo 2022-08-17

• On boolean circuits and their various representations. Why WASM is an interesting ZK proof bytecode. Chunky vs SIMD operations, and more!

We're Not in Kansas Anymore 2022-08-10

• What is Tornado Cash anyways? Why is the U.S. Treasury sanctioning it? What are the consequences of this decisions? How should we regulate privacy coins anyways?

MPC In The Head Special 2022-08-06

• Did you know that not all ZK proofs are SNARKs? Do you want to know how to make concretely efficient ZK proofs? (Terms and conditions may apply). This is the episode for yo

A Tower of Cryptographic Abstractions 2022-08-03

• Press F for SIDH, and then... Problems, Primitives, Schemes, Protocols, and Applications oh my!

Post-Quantum Cryptography Special 2022-06-30

• What is Post-Quantum Cryptography? Can we trust the NIST standardization process? Can we update secure messaging protocols to a Post-Quantum world? And more!

Attack of the 20 page appendix 2022-06-26

• Why are appendices in cryptography papers so long? Can we augment LLVM for boolean and arithmetic circuits? What's the deal with STARK to SNARK composition?