-
Listen Now
EPISODE 281
Broadcast Date:
February 27, 202326 minutes
Podcast Feb 27, 2023Root Causes 281: Google Proposes Optional OCSP
Google has proposed removing the requirement for OCSP revocation checking for public SSL certificates meeting certain specific conditions.
-
Listen Now
EPISODE 280
Broadcast Date:
February 24, 202320 minutes
Podcast Feb 24, 2023Root Causes 280: Did an AI Break CRYSTALS-Kyber?
Recent news reports might suggest that an AI-enhanced side attack has defeated the CRYSTALS-Kyber PQC algorithm.
-
Listen Now
EPISODE 279
Broadcast Date:
February 20, 202316 minutes
Podcast Feb 20, 2023Root Causes 279: ChatGPT Watermarking
In this episode we discuss the idea of "watermarking" ChatGPT content, including stenography, randomness, entropy, and how to destroy the watermarks.
-
Listen Now
EPISODE 278
Broadcast Date:
February 17, 202311 minutes
Podcast Feb 17, 2023Root Causes 278: Microsoft on Certificates and FIDO
Recent public discussion of FIDO and digital certificates reveal details of Microsoft's approach to consumer digital authentication.
-
Listen Now
EPISODE 277
Broadcast Date:
February 13, 202315 minutes
Podcast Feb 13, 2023Root Causes 277: Privacy Sandbox
Google has announced the Privacy Sandbox. In this episode we describe concepts like k-anonymity and differential privacy.
-
Listen Now
EPISODE 276
Broadcast Date:
February 9, 20238 minutes
Podcast Feb 09, 2023Root Causes 276: ChatGPT and Identity Reputation
People may use ChatGPT for reputation analysis, KYC, and other info about individuals and companies. This is subject to error and deliberate misdirection.
-
Listen Now
EPISODE 275
Broadcast Date:
February 6, 20238 minutes
Podcast Feb 06, 2023Root Causes 275: No Fly List Stolen
An attacker gained a copy of the full 2019 TSA No Fly list, including subject PII, all enabled by failures in digital identity and encryption.
-
Listen Now
EPISODE 274
Broadcast Date:
February 3, 202314 minutes
Podcast Feb 03, 2023Root Causes 274: New Quantum Readiness Law
The U.S. government has a new law requiring that government agencies create plans for migrating to PQC in response to threats from quantum computers.
-
Listen Now
EPISODE 273
Broadcast Date:
January 30, 202321 minutes
Podcast Jan 30, 2023Root Causes 273: A Deep Dive on CA Agnostic
We catalog the various ways a Certificate Lifecycle Management (CLM) system can be "CA agnostic."
-
Listen Now
EPISODE 272
Broadcast Date:
January 27, 202312 minutes
Podcast Jan 27, 2023Root Causes 272: OCSP's Privacy Problem
Concerns recently have been raised about OCSP real-time certificate checking and its potential to violate privacy.
-
Listen Now
EPISODE 270
Broadcast Date:
January 20, 202312 minutes
Podcast Jan 20, 2023Root Causes 270: What Is the Difference Between KEM and PKE?
We explain the difference between Public Key Exchange (PKE) and Key Encapsulation Methods (KEM) and why we're moving from one to another.
-
Listen Now
EPISODE 269
Broadcast Date:
January 16, 202310 minutes
Podcast Jan 16, 2023Root Causes 269: Did a Patent Dispute Nearly Derail PQC?
On July 5, 2022 NIST announced its Round 3 PQC winners. That same day, a patent cleared that made this possible.