• The sins of the 90s: Questioning a puzzling claim about mass surveillance https://blog.cr.yp.to/20241028-surveillance.html 193 comments 28/10/2024
• Bibliography keys: It's as easy as [1], [2], [3] http://blog.cr.yp.to/20240612-bibkeys.html 27 comments 12/6/2024
• Double encryption: Analyzing the NSA/GCHQ arguments against hybrids https://blog.cr.yp.to/20240102-hybrid.html 56 comments 2/1/2024
• Another way to botch the security analysis of Kyber-512 https://blog.cr.yp.to/20231125-kyber.html 2 comments 25/11/2023
• Reducing "gate" counts for Kyber-512 contradicting NIST's calculation https://blog.cr.yp.to/20231023-clumping.html 7 comments 23/10/2023
• Debunking NIST's calculation of the Kyber-512 security level https://blog.cr.yp.to/20231003-countcorrectly.html 201 comments 3/10/2023
• Measuring "efficiency" in document prepration: Microsoft Word vs. LaTex https://blog.cr.yp.to/20201206-msword.html 157 comments 8/12/2020
• Why EdDSA held up better than ECDSA against Minerva https://blog.cr.yp.to/20191024-eddsa.html 26 comments 25/10/2019
• Daniel J. Bernstein: The death of due process https://blog.cr.yp.to/20160607-dueprocess.html 4 comments 7/6/2016
• Break a dozen secret keys, get a million more for free http://blog.cr.yp.to/20151120-batchattacks.html 16 comments 20/11/2015
• The Death of Optimizing Compilers http://blog.cr.yp.to/20150314-optimizing.html 49 comments 14/3/2015
• Some small suggestions for the Intel instruction set http://blog.cr.yp.to/20140517-insns.html 37 comments 18/5/2014
• NIST's cryptographic standardization process http://blog.cr.yp.to/20140411-nist.html 2 comments 11/4/2014
• How to design an elliptic-curve signature system http://blog.cr.yp.to/20140323-ecdsa.html 9 comments 23/3/2014

• cr.yp.to: blog http://blog.cr.yp.to/ 2 comments 19/4/2015 compsci , math , person , security
• How to design an elliptic-curve signature system http://blog.cr.yp.to/20140323-ecdsa.html 5 comments 23/3/2014 security

• The sins of the 90s: Questioning a puzzling claim about mass surveillance https://blog.cr.yp.to/20241028-surveillance.html 3 comments 28/10/2024 signal
• cr.yp.to: 2024.08.03: Clang vs. Clang https://blog.cr.yp.to/20240803-clang.html 2 comments 3/8/2024 c_programming
• cr.yp.to: 2024.08.03: Clang vs. Clang https://blog.cr.yp.to/20240803-clang.html 10 comments 3/8/2024 crypto
• cr.yp.to: 2023.11.25: Another way to botch the security analysis of Kyber-512 https://blog.cr.yp.to/20231125-kyber.html 28 comments 28/11/2023 crypto
• cr.yp.to: 2023.10.03: The inability to count correctly [re: Kyber/NTRU @ NIST PQC] https://blog.cr.yp.to/20231003-countcorrectly.html 17 comments 4/10/2023 crypto
• DJB announces 2nd lawsuit against US government (suspects NSA sabotages crypto again) https://blog.cr.yp.to/20220805-nsa.html 37 comments 6/8/2022 programming
• NSA, NIST, and post-quantum cryptography: Announcing my second lawsuit against the U.S. government. https://blog.cr.yp.to/20220805-nsa.html 2 comments 5/8/2022 privacy
• cr.yp.to: 2022.08.05: NSA, NIST, and post-quantum cryptography http://blog.cr.yp.to/20220805-nsa.html 22 comments 5/8/2022 crypto
• NSA, NIST, and post-quantum crypto: my second lawsuit against the US government by D. J. Bernstein http://blog.cr.yp.to/20220805-nsa.html 5 comments 5/8/2022 privacy
• 2022.01.29: Plagiarism as a patent amplifier: Understanding the delayed rollout of post-quantum cryptography. https://blog.cr.yp.to/20220129-plagiarism.html 4 comments 29/1/2022 crypto
• Why EdDSA held up better than ECDSA against Minerva https://blog.cr.yp.to/20191024-eddsa.html 7 comments 25/10/2019 crypto
• cr.yp.to: 2019.04.30: An introduction to vectorization https://blog.cr.yp.to/20190430-vectorize.html 3 comments 6/5/2019 crypto
• cr.yp.to: 2017.11.05: Reconstructing ROCA https://blog.cr.yp.to/20171105-infineon.html 6 comments 5/11/2017 crypto
• cr.yp.to: 2017.07.23: Fast-key-erasure random-number generators https://blog.cr.yp.to/20170723-random.html 9 comments 23/7/2017 crypto
• DJB: Break a dozen secret keys, get a million more for free [2015] https://blog.cr.yp.to/20151120-batchattacks.html 6 comments 4/4/2017 programming
• Security fraud in Europe's "Quantum Manifesto" -- djb https://blog.cr.yp.to/20160516-quantum.html 8 comments 16/5/2016 crypto
• Thomas Jefferson and Apple versus the FBI https://blog.cr.yp.to/20160315-jefferson.html 17 comments 17/3/2016 crypto
• Question about coding crypto without timing info leak http://blog.cr.yp.to/20140323-ecdsa.html 16 comments 14/4/2014 crypto
• DJB pimping ed25519 http://blog.cr.yp.to/20140323-ecdsa.html 5 comments 13/4/2014 netsec
• Dan Bernstein's comments on NIST's cryptographic standardization process http://blog.cr.yp.to/20140411-nist.html 3 comments 11/4/2014 netsec
• Dan Bernstein's comments on NIST's cryptographic standardization process http://blog.cr.yp.to/20140411-nist.html 13 comments 11/4/2014 crypto
• DJB: A subfield-logarithm attack against ideal lattices http://blog.cr.yp.to/20140213-ideal.html 3 comments 22/2/2014 netsec
• Entropy Attacks!(First post of D. J. Bernstein's new Blog cr.yp.to) http://blog.cr.yp.to/20140205-entropy.html 14 comments 5/2/2014 crypto
• DJB: Entropy Attacks! http://blog.cr.yp.to/20140205-entropy.html 20 comments 5/2/2014 programming
• DJB: Entropy Attacks! http://blog.cr.yp.to/20140205-entropy.html 6 comments 5/2/2014 netsec