Protecting Data-in-Use from Internal Adversaries
Why perimeter defenses aren’t enough; how to model internal adversaries; and which cryptographic techniques—HE, MPC, and pseudonymization—offer practical, privacy-respecting protections
- Insider Threats
- Honest-but-Curious
- Data-in-Use
- Homomorphic Encryption
- MPC
- Pseudonymization
- DORA
- ENISA
- HE
- Zero Trust
- E2EE
How to kickstart Secure Message Transfer with Short Authentication Strings & Out-of-Band Channels
A practitioner’s guide to SAS + OOB bootstrapping for secure messaging
- eprint
- secure-messaging
- authentication
- protocols
Pseudonymization: A Practical Guide to Techniques, Architectures & Risks
A practical guide to pseudonymization vs. anonymization, cryptographic techniques (hashing, salts, HMAC, deterministic & authenticated encryption, FPE), tokenization, linkage risks, k-anonymity & differential privacy, and key management best practices.
- pseudonymization
- privacy
- gdpr
- cryptography
- tokenization
- differential-privacy
- k-anonymity
On the Fallacy of Client-Side-Scanning and Chatcontrol measures.
EU is debating on chatcontrol, while the dominant opinions from technical experts and the factual state of affairs on the efficacy of the technical measures suggest its nonsense. What are these opionions?
- E2EE
- Client-side Scanning (CSS)