Joined December 2020
- Tweets 42
- Following 218
- Followers 158
- Likes 268
4 Photos and videos
Pinned Tweet
9 Jan 2023
Much broken crypto, one common thread: bespoke, ill-designed cryptographic protocols.
Matrix, Mega, Threema, Telegram: secure primitives are not enough in complex applications. The new mantra shall be "don't roll your own protocol".
We (@winterdeaf @kientuong114 and I) took a deep dive on Threema, a Swiss-made secure messaging app. We found 6 new cryptographic vulnerabilities. Full paper at breakingthe3ma.app; mini-thread follows. #threema
3
25
63
22,834
Matteo retweeted
7 Jan 2025
The 2nd Cryptographic Applications Workshop (#CAW) will be at Eurocrypt 2025!
#CAW focuses on the construction and analysis of cryptography built for practice, bridging the gap between research and real-world applications.
Our call of talks is open: caw.cryptanalysis.fun
1
7
16
3,696
Matteo retweeted
27 Jul 2023
New from the TLS meeting at IETF 117: Encrypted Client Hello (ECH) is enabled for 1% of Chrome stable users. A big step for privacy online!
datatracker.ietf.org/doc/dra…
2
37
103
21,371
Matteo retweeted
29 Jun 2023
#WAC6 talks:
Matteo Scarlata @winterdeaf will present "why Threema failed in practice" lessons learned from 7 cryptographic attacks against a secure messenger.
The paper with @kientuong114 @kennyog will be presented at USENIX '23.
Full workshop program: cryptanalysis.fun
1
2
9
721
Matteo retweeted
28 Mar 2023
6
36
6,535
Matteo retweeted
2 Mar 2023
I would like to thank the chairs for letting us use heart emojis in the paper title. I think this is a very important step forward for academia and research.
Can't wait to use "👀" for related work and "🤨" for limitations on the next one
1 Mar 2023
Are you working with stubborn aarch64 code? Check out @cyan_pencil's upcoming @USENIXSecurity #SEC23 paper on efficiently rewriting ARM binaries. Insight: using heuristics for optimization on a safe baseline is key! nebelwelt.net/files/23SEC3.p… Comments welcome!
5
63
6,763
Matteo retweeted
1 Mar 2023
No one sees ChatGPT for the first time and thinks "just some n-gram correlations" or "no real knowledge inside".
Those unintuitive beliefs trickle down from some experts, who should know better than to teach their controversial theories as established fact: 🧵 (1/12)
19
117
849
219,485
Matteo retweeted
27 Jan 2023
NEW EPISODE! THREEEEEMAAAAAAAA
We recorded this almost two weeks ago, yay it's out!
With special guests @kennyog @kientuong114 @winterdeaf
youtu.be/QVt6RkYfGy0
2
10
28
7,800
The team here is always happy to supply fresh stunt crypto attacks for your enjoyment. 😁 @kientuong114 @winterdeaf
1
1
4
643
Matteo retweeted
9 Jan 2023
In early 2022 I started working with Kenny and Matteo on analyzing Threema, the messenger used by 🇨🇭govt, army and 🇩🇪 chancellor. Happy to say that the disclosure period is over and results are out! Fun vulnerabilities included :)
Check out our website: breakingthe3ma.app
We (@winterdeaf @kientuong114 and I) took a deep dive on Threema, a Swiss-made secure messaging app. We found 6 new cryptographic vulnerabilities. Full paper at breakingthe3ma.app; mini-thread follows. #threema
3
33
147
42,821
Matteo retweeted
9 Jan 2023
"Why?"
"NO REASON!" [pointedly not looking at Threema]
I’d like to borrow 8192 cores for a week. Anyone out there got some spare compute lying around to help out with a cool research project?
1
5
18
3,606
Matteo retweeted
9 Jan 2023
ETH cryptographers @kennyog, @winterdeaf and @kientuong114 have conducted a security analysis and discovered various vulnerabilities in the secure messaging app Threema. Read their full paper here: breakingthe3ma.app
#threema #Security #messenger
bit.ly/3vPkhxE
1
18
41
7,138
9 Jan 2023
Much broken crypto, one common thread: bespoke, ill-designed cryptographic protocols.
Matrix, Mega, Threema, Telegram: secure primitives are not enough in complex applications. The new mantra shall be "don't roll your own protocol".
We (@winterdeaf @kientuong114 and I) took a deep dive on Threema, a Swiss-made secure messaging app. We found 6 new cryptographic vulnerabilities. Full paper at breakingthe3ma.app; mini-thread follows. #threema
3
25
63
22,834
9 Jan 2023
If your main product uses cryptography, at the very least have a crypto PhD on your team!
1
1
6
997
Matteo retweeted
31 Dec 2022
record score on ctftime since they introduced the new rating formula in 2017 🥳
7
13
118
20,572
Matteo retweeted
4 Dec 2022
Great day for rap-based cryptography!
@kientuong114 and Matilda burst onto the scene with some mellow key wrapping rap (youtube.com/watch?v=yh45UpVQ…).
@KhanhCrypto drops another stunner, with big names such as @cronokirby, @FouotsaB, and yours truly (youtube.com/watch?v=1z362xyQ…)
🔥💣🔥💣
2
13
42
With Matteo Scarlata, who deserves huge credit for building the CTF infra in support of our Applied Crypto course. #goldenowl #ethday @CSatETH
2
1
20
Matteo retweeted
11 Sep 2022
My first "Ultimate AI Art Competition" workshop at the VMI @ETH Scientific Staff Association Retreat was a resounding success
1
4
13
MEGA - Malleable Encryption Goes Awry: I'm excited to share details of some new research on the security of @MEGAprivacy. Details at: mega-awry.io (1/28)
7
133
324
Matteo retweeted
13 Dec 2021
Tupper's self-referential formula is a formula that visually represents itself when graphed at a specific location in the (x, y) plane.
53
972
5,974