Using Ed25519 signing keys for encryption

@Benjojo12 and I are building an encryption tool that will support SSH keys as recipients. For Ed25519 keys that requires converting points between different elliptic curves. Let's see why and how.… »

A Go implementation of Poly1305 that makes sense

Cryptography code could be understandable if only we commented it. This Poly1305 implementation is an attempt to prove it. It should be readable with just an idea of what MACs are for, a beginner level of Go, and high school math.… »

mkcert: valid HTTPS certificates for localhost

(or for any other name) The web is moving to HTTPS, preventing network attackers from observing or injecting page contents. But HTTPS needs TLS certificates, and while deployment is increasingly a solved issue thanks to the ACME protocol and Let's Encrypt, development still mostly ends up happening over HTTP because… »

Touch-to-operate password-store with YubiKey 4

There are dozens of tutorials on how to fight GnuPG to use YubiKeys for everything, but my favorite overlooked feature of the YubiKey 4 is "touch to operate", where each cryptographic operation takes a physical touch of the gold surface. That pairs particularly well with password-store, a PGP… »

Making a Gmail bot with Apps Script and TypeScript

Google Apps Script is one of the best hidden features of Gmail. Did you ever want just a bit more flexibility from a filter? Maybe the ability to remove a label, or match on a header, or just decide the order they are applied in. Apps Script can do all… »