Deirdre Connolly, Thomas Ptacek, David Adrian

Security Cryptography Whatever

Some cryptography & security people talk about security, cryptography, and whatever else is happening.

Author

Deirdre Connolly, Thomas Ptacek, David Adrian

Category

Technology

Latest episode

Jul 2, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Cancellable Crypto Takes and Real World Crypto 13.04.2022

Live from Amsterdam, it's cancellable crypto hot takes! A fun little meme, plus a preview of the Real World Crypto program! Transcript : https://securitycryptographywhatever.com/2022/04/12/cancellable-crypto-takes-and-real-world-crypto/ Links: Tony's twete: https://twitter.com/bascule/status/1512539700220805124 Real World Crypto 2022: https://rwc.iacr.org/2022 Merch! https://merch.scwpod...

Lattices and Michigan Football with Chris Peikert 13.03.2022

We're back! With an episode on lattice-based cryptography, with Professor Chris Peikert of the University of Michigan, David's alma mater. When we recorded this, Michigan football had just beaten Ohio for the first time in a bajillion years, so you get a nerdy coda on college football this time! Transcript: https://securitycryptographywhatever.com/2022/03/12/lattices-and-michigan-footbal...

Biscuits with Geoffroy Couprie 29.01.2022

We've trashed JWTs, discussed PASETO, Macaroons, and now, Biscuits! Actually, multiple iterations of Biscuits! Pairings and gamma signatures and Datalog, oh my! 🍪 Transcript: https://securitycryptographywhatever.com/2022/01/29/biscuits-with-geoffroy-couprie/ Links: Biscuits V2 : https://www.biscuitsec.org Experiments iterating on  Biscuits: https://github.com/biscuit-auth/biscuit/tree/master...

Tailscale with Avery Pennarun and Brad Fitzpatrick 15.01.2022

“Can I Tailscale my Chromecast?” You love Tailscale, I love Tailscale, we loved talking to Avery Pennarun and Brad Fitzpatrick from Tailscale about, I dunno, Go generics. Oh, and TAILSCALE! And DNS. And WASM. Transcript: https://securitycryptographywhatever.com/2022/01/15/tailscale-with-avery-pennarun-brad-fitzpatrick/ People: Avery Pennarun (@apenwarr) Brad Fitzpatrick (@bradfitz) Deirdre Connoll...

The feeling's mutual: mTLS with Colm MacCárthaigh 29.12.2021

We recorded this months ago, and now it's finally up!   Colm MacCárthaigh joined us to chat about all things TLS, S2N , MTLS, SSH, fuzzing, formal verification, implementing state machines, and of course, DNSSEC. Transcript: https://securitycryptographywhatever.com/2021/12/29/the-feeling-s-mutual-mtls-with-colm-maccarthaigh/ Find us at: https://twitter.com/scwpod https://twitter.com/durumcrus...

Holiday Call-in Spectacular! 22.12.2021

Happy New Year! Feliz Navidad! Merry Yule! Happy Hannukah! Pour one out for the log4j incident responders! We did a call-in episode on Twitter Spaces and recorded it, so that's why the audio sounds different. We talked about BLOCKCHAIN/Web3 (blech), testing, post-quantum crypto, client certificates, ssh client certificates, threshold cryptography, U2F/WebAuthn, car fob attacks, geese, and mor...

WireGuard with Jason Donenfeld 05.12.2021

Hey, a new episode! We had a fantastic conversation with Jason Donenfeld, creator of our favorite modern VPN protocol: WireGuard! We touched on kernel hacking, formal verification, post-quantum cryptography, developing with disassemblers, and more! Transcript: https://securitycryptographywhatever.com/2021/12/05/wireguard-with-jason-donenfeld/ Links:  WireGuard: https://www.wireguard.com Tamarin :...

PAKEs, oPRFs, algebra with George Tankersley 26.10.2021

A conversation that started with PAKEs (password-authenticated key exchanges) and touched on some cool math things: PRFs, finite fields, elliptic curve groups, anonymity protocols, hashing to curve groups, prime order groups, and more. With special guest, George Tankersley! Transcript: https://securitycryptographywhatever.com/2021/10/26/pakes-oprfs-algebra-with-george-tankersley/ Links:  SRP depre...

"Patch, Damnit!" 20.09.2021

A lot of fixes got pushed in the past week! Please apply your updates! Apple, Chrome, Matrix, Azure, and more nonsense. Transcript: https://securitycryptographywhatever.com/2021/09/20/patch-damnit/ Find us at: https://twitter.com/scwpod https://twitter.com/durumcrustulum https://twitter.com/tqbf https://twitter.com/davidcadrian Links! The accuvant story in MIT Technology Review All the Apple platf...

How to be a Certificate Authority with Ryan Sleevi 06.09.2021

Not the hero the internet deserves, but the one we need: it's Ryan Sleevi! We get into the weeds on becoming a certificate authority, auditing said authorities, DNSSEC, DANE, taking over country code top level domains, Luxembourg, X.509, ASN.1, CBOR, more JSON (!), ACME, Let's Encrypt, and more, on this extra lorge episode with the web PKI's Batman. Transcript: https://securitycrypt...

Apple's CSAM Detection with Matthew Green 28.08.2021

We're talking about Apple's new proposed client-side CSAM detection system . We weren't sure if we were going to cover this, and then we realized that not all of us have been paying super close attention to what the hell this thing is, and have a lot of questions about it. So we're talking about it, with our special guest Professor Matthew Green. We cover how Apple's syste...

Platform Security Part Deux with Justin Schuh 21.08.2021

We did not run out of things to talk about: Chrome vs. Safari vs. Firefox. Rust vs. C++. Bug bounties vs. exploit development. The Peace Corps vs. The Marine Corps. Transcript: https://securitycryptographywhatever.com/2021/08/21/platform-security-part-deux-with-justin-schuh/ Find us at: https://twitter.com/scwpod https://twitter.com/durumcrustulum https://twitter.com/tqbf https://twitter.com/david...

What do we do about JWT? with Jonathan Rudenberg 12.08.2021

🔥JWT🔥 We talk about all sorts of tokens: JWT, PASETO, Protobuf Tokens, Macaroons, and Biscuits. With the great Jonathan Rudenberg! After we recorded this, Thomas went deep on tokens even beyond what we talked about here: https://fly.io/blog/api-tokens-a-tedious-survey/ Transcript: https://securitycryptographywhatever.com/2021/08/12/what-do-we-do-about-jwt-with-jonathan-rudenberg/ Find us at: htt...

The Great "Roll Your Own Crypto" Debate with Filippo Valsorda 31.07.2021

Special guest Filippo Valsorda joins us to debate with Thomas on whether one should or should not "roll your own crypto", and how to produce better cryptography in general. After we recorded this, David went even deeper  on 'rolling your own crypto' in a blog post here: https://dadrian.io/blog/posts/roll-your-own-crypto/ Transcript: https://securitycryptographywhatever.com/2021...

NSO group, Pegasus, Zero-Days, i(OS|Message) security 26.07.2021

Deirdre, Thomas and David talk about NSO group, Pegasus,  whether iOS a burning trash fire, the zero-day market, and whether rewriting all of iOS in Swift is a viable strategy for reducing all these vulns. Transcript: https://securitycryptographywhatever.com/2021/07/26/nso-group-pegasus-zero-days-i-os-message-security/ Find us at: https://twitter.com/durumcrustulum https://twitter.com/tqbf https:/...

Listen to the Security Cryptography Whatever podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.