Highlights
Zero-knowledge proofs
The author team released a video about zkp and discussed the challenges in the production process. It emphasizes that zero-knowledge proof is simple and elegant in theory, but in practice it involves many complexities. In-depth learners are recommended to read Oded Goldreich's classic cryptography book: Foundations of Cryptography.
作者团队发布了一段关于 zkp 的视频,并讨论了制作过程中的挑战。强调零知识证明在理论上简单而优雅,但实际上涉及许多复杂性。建议深入学习者阅读 Oded Goldreich 的经典密码学书籍: Foundations of Cryptography。
I can prove I’ve solved this Sudoku without revealing it
I can convince you that I’ve solved a sudoku without giving you any information about my solution. We discuss how to do this using what cryptographers call a zero-knowledge proof, and how the same tricks can be used for almost any other problem you can think of.
我可以说服你,我已经解决了数独问题,而无需向你透露任何有关我的解决方案的信息。我们讨论了如何使用密码学家所谓的零知识证明来实现这一点,以及如何将相同的技巧用于你能想到的几乎所有其他问题。
Quantum Speedup Found for Huge Class of Hard Problems
It’s been difficult to find important questions that quantum computers can answer faster than classical machines, but a new algorithm appears to do it for some critical optimization tasks.
一直很难找到量子计算机能够比传统机器更快地回答的重要问题,但一种新算法似乎可以完成一些关键的优化任务。
ICICLE-Snark: The Fastest Groth16 Prover in the World
Transpiling a Halo2 circuit into CCS
The article introduces halo2-ccs+ - a transpiler that converts Halo2 (Plonkish Proof System) circuits to CCS (Customizable Constraint System), and provides benchmark results for the Poseidon hash function.
Updates
Analysis of the Telegram Key Exchange
TL;DR
Telegram's key exchange protocol provides some security, but the design is complex and non-standard, making security proof difficult. The use of SHA-1, short session IDs, lack of ciphertext integrity, and other issues affect the security of the protocol. Some security relies on non-standard assumptions, which may lead to future attacks on the protocol.
The research found a potential session binding vulnerability, which Telegram has fixed, but it is still recommended to improve the design. It is recommended that Telegram adopt more standard cryptographic methods, such as SHA-256, KDF, and AE schemes to improve security.
Telegram 的密钥交换协议提供了一定的安全性,但设计复杂且不标准,导致安全证明困难。使用 SHA-1、会话 ID 过短、缺乏密文完整性等问题,影响协议的安全性。某些安全性依赖于非标准假设,这可能导致协议在未来遭受攻击。
研究发现了一个潜在的会话绑定漏洞,Telegram 已修复,但仍然建议改进设计。建议 Telegram 采用更标准的密码学方法,如 SHA-256、KDF 和 AE 方案,以提高安全性。
The Future of Ethereum Scaling: Native Rollups Explained
This talk breaks down what Native Rollups are, how they leverage Ethereum’s core infrastructure for execution and validation, and why they're crucial for stronger security, better composability, and sustainable Ethereum growth.
本期对谈详细介绍了什么是 Native Rollups,它们如何利用以太坊的核心基础设施进行执行和验证,以及它们为何对增强安全性、提高可组合性和可持续的以太坊增长至关重要。
Timelines for migration to post-quantum cryptography
Applicable to: Cybersecurity professionals, large organizations, public sector
The guide is published by the UK National Cybersecurity Centre (NCSC) and aims to provide the UK government, critical infrastructure operators, and large enterprises with a timetable and recommendations for post-quantum cryptography (PQC) migration to ensure long-term cybersecurity under the threat of quantum computing.
适用对象:网络安全专业人士、大型组织、公共部门
该指南由英国国家网络安全中心(NCSC) 发布,旨在为英国政府、关键基础设施运营商、大型企业提供后量子密码学(PQC)迁移的时间表和建议,确保在量子计算威胁下的长期网络安全。
zkSummit13
May 12, 2025 in Toronto.
2025 年 5 月 12 日在多伦多举办。
