Some important additions

slides/2-1.tex

@@ -1769,6 +1769,75 @@
 	\end{columns}
 \end{frame}
 
+\begin{frame}{The Cypherpunk Manifesto (1993)}
+	\begin{columns}[c]
+		\begin{column}{1\textwidth}
+			\begin{itemize}[<+->]
+				\item \textbf{Key principles}:\footnote{\url{https://www.activism.net/cypherpunk/manifesto.html}}
+				      \begin{itemize}
+					      \item Cryptography essential for privacy
+					      \item Cannot trust governments/corporations
+					      \item ``We must defend our own privacy''
+				      \end{itemize}
+				\item \textbf{``Cypherpunks write code''}:
+				      \begin{itemize}
+					      \item Software defends privacy
+					      \item Code is free for all to use
+					      \item ``Software can't be destroyed''
+				      \end{itemize}
+				\item \textbf{Vision}: Cryptography will spread globally, enabling anonymous transactions
+			\end{itemize}
+		\end{column}
+	\end{columns}
+\end{frame}
+
+\begin{frame}{The Moral Character of Cryptographic Work}{Rogaway, 2015}
+	\begin{itemize}[<+->]
+		\item \textbf{Core thesis}: Cryptography is inherently political - it configures power
+		      \begin{itemize}
+			      \item Not just puzzles and math, but tools that shape society
+			      \item Confers intrinsic moral dimension on the field
+		      \end{itemize}
+		\item \textbf{The Snowden wake-up call}:
+		      \begin{itemize}
+			      \item Ordinary people lack basic communication privacy
+			      \item Mass surveillance threatens democracy and human dignity
+			      \item Cryptography's failure: focused on theory, not protecting people
+		      \end{itemize}
+		\item \textbf{Academic cryptography's problems}:
+		      \begin{itemize}
+			      \item Divorced from real-world privacy concerns
+			      \item Serves governments and corporations, not ordinary people
+			      \item Marginalized secure messaging and anti-surveillance work
+		      \end{itemize}
+		\item \textbf{Distinction}: Crypto-for-security (commercial) vs. crypto-for-privacy (social/political)
+	\end{itemize}
+\end{frame}
+
+\begin{frame}{Rogaway's call to action}
+	\begin{itemize}[<+->]
+		\item \textbf{Cryptographers' moral obligations}:
+		      \begin{itemize}
+			      \item Remember responsibility to humanity
+			      \item Consider societal implications of work
+			      \item Use academic freedom to resist mass surveillance
+		      \end{itemize}
+		\item \textbf{Concrete recommendations}:
+		      \begin{itemize}
+			      \item Develop anti-surveillance technologies
+			      \item Think twice about military funding
+			      \item Work on secure messaging and privacy tools
+			      \item Apply practice-oriented provable security to privacy
+		      \end{itemize}
+		\item \textbf{Vision for the field}:
+		      \begin{itemize}
+			      \item Build cryptographic commons beyond corporate/government reach
+			      \item Make surveillance more expensive
+			      \item Create ``boring crypto'' that just works for people
+		      \end{itemize}
+	\end{itemize}
+\end{frame}
+
 \begin{frame}{FREAK}
 	\bigimagewithcaption{tls_freak.png}{}
 \end{frame}

website/index.html

@@ -215,6 +215,7 @@
 							<li><i class="icon ph-duotone ph-scroll"></i>Chris Alexander and Ian Goldberg, <a href="papers/#otr-auth"><em>Improved User Authentication in Off-The-Record Messaging</em></a>, Workshop on Privacy in the Electronic Society, 2007.</li>
 							<li><i class="icon ph-duotone ph-arrow-square-out"></i>Henry de Valence, <a href="https://hdevalence.ca/blog/2020-10-04-its-25519am/"><em>It's 255:19AM. Do you know what your validation criteria are?</em></a>, hdevalence.ca, 2020.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Nadhem J. Alfardan and Kenneth G. Paterson, <a href="papers/#lucky-thirteen"><em>Lucky Thirteen: Breaking the TLS and DTLS Record Protocols</em></a>, IEEE Symposium on Security and Privacy, 2013.</li>
+							<li><i class="icon ph-duotone ph-scroll"></i>Whitfield Diffie and Martin E. Hellman, <a href="papers/#diffie-hellman"><em>New Directions in Cryptography</em></a>, IEEE Transactions on Information Theory, 1976.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Paul Rösler, Christian Mainka and Jörg Schwenk, <a href="papers/#group-chats"><em>More is Less: On the End-to-End Security of Group Chats in Signal, WhatsApp, and Threema</em></a>, IEEE European Symposium on Security and Privacy, 2018.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Nikita Borisov, Ian Goldberg and Eric Brewer, <a href="papers/#otr-messaging"><em>Off-the-Record Communication, or, Why Not To Use PGP</em></a>, Workshop on Privacy in the Electronic Society, 2004.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Karthikeyan Bhargavan and Ga&euml;tan Leurent, <a href="papers/#inria-sweet32"><em>On the Practical (In-)Security of 64-bit Block Ciphers</em></a>, ACM CCS, 2016.</li>
@@ -231,9 +232,10 @@
 							<li><i class="icon ph-duotone ph-arrow-square-out"></i>Tarek Galal, <a href="https://tgalal.com/blog/the-curves-of-zokrates"><em>The Curves of ZoKrates</em></a>, tgalal.com, 2025.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Marc Stevens, Elie Bursztein, Pierre Karpman, Ange Albertini and Yarik Markov, <a href="papers/#shattered-sha1"><em>The First Collision for Full SHA-1</em></a>, IACR Crypto, 2017.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Zakir Durumeric, James Kasten, David Adrian, J. Alex Halderman, Michael Bailey, Frank Li, Nicholas Weaver, Johanna Amann, Jethro Beekman, Mathias Payer and Vern Paxson, <a href="papers/#matter-heartbleed"><em>The Matter of Heartbleed</em></a>, ACM IMC, 2014.</li>
+							<li><i class="icon ph-duotone ph-scroll"></i>Philip Rogaway, <a href="papers/#moral-character"><em>The Moral Character of Cryptographic Work</em></a>, IACR Cryptology ePrint Archive, 2016.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Ran Canetti, Oded Goldreich and Shai Halevi, <a href="papers/#rom-methodology"><em>The Random Oracle Model Methodology, Revisited</em></a>, Journal of the ACM, 2004.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Bodo M&#xF6;ller, Thai Duong and Krzysztof Kotowicz, <a href="papers/#google-poodle"><em>This POODLE Bites: Exploiting the SSL 3.0 Fallback</em></a>, Google, 2014.</li>
-							<li><i class="icon ph-duotone ph-scroll"></i>Nicolas Gailly, Kelsey Melissaris and Yolan Romailler, <a href="papers/#tlock-bls"><em>tlock: Practical Timelock Encryption from Threshold BLS</em></a>, IACR ePrint Archive, 2023.</li>
+							<li><i class="icon ph-duotone ph-scroll"></i>Nicolas Gailly, Kelsey Melissaris and Yolan Romailler, <a href="papers/#tlock-bls"><em>tlock: Practical Timelock Encryption from Threshold BLS</em></a>, IACR Cryptology ePrint Archive, 2023.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Mark Russinovich, Manuel Costa, Cédric Fournet, David Chisnall, Antoine Delignat-Lavaud, Sylvan Clebsch, Kapil Vaswani and Vikas Bhatia, <a href="papers/#confidential-cloud"><em>Toward Confidential Cloud Computing</em></a>, Communications of the ACM, 2021.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Karthikeyan Bhargavan and Ga&euml;tan Leurent, <a href="papers/#inria-collisions"><em>Transcript Collision Attacks: Breaking Authentication in TLS, IKE and SSH</em></a>, Network and Distributed Systems Security Symposium, 2016.</li>
 							<li><i class="icon ph-duotone ph-scroll"></i>Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Alfredo Pironti and Pierre-Yves Strub, <a href="papers/#triple-handshakes"><em>Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS</em></a>, IEEE Symposium on Security and Privacy, 2014.</li>
@@ -408,6 +410,7 @@
 							</ul>
 							<h5><i class="icon ph-duotone ph-file-plus"></i>Optional Readings</h5>
 							<ul>
+								<li><i class="icon ph-duotone ph-scroll"></i>Whitfield Diffie and Martin E. Hellman, <a href="papers/#diffie-hellman"><em>New Directions in Cryptography</em></a>, IEEE Transactions on Information Theory, 1976.</li>
 								<li><i class="icon ph-duotone ph-scroll"></i>Greg Aloupis, Erik D. Demaine, Alan Guo and Giovanni Viglietta, <a href="papers/#nintendo-hard"><em>Classic Nintendo Games are (Computationally) Hard</em></a>, ACM Theoretical Computer Science, 2015.</li>
 							</ul>
 						</div>
@@ -460,6 +463,7 @@
 								<li><i class="icon ph-duotone ph-arrow-square-out"></i>Matthew McPherrin, <a href="https://letsencrypt.org/2025/06/11/reflections-on-a-year-of-sunlight/"><em>Reflections on a Year of Sunlight</em></a>, Let's Encrypt Blog, 2025.</li>
 								<li><i class="icon ph-duotone ph-scroll"></i>Bodo M&#xF6;ller, Thai Duong and Krzysztof Kotowicz, <a href="papers/#google-poodle"><em>This POODLE Bites: Exploiting the SSL 3.0 Fallback</em></a>, Google, 2014.</li>
 								<li><i class="icon ph-duotone ph-scroll"></i>Nadhem J. Alfardan and Kenneth G. Paterson, <a href="papers/#lucky-thirteen"><em>Lucky Thirteen: Breaking the TLS and DTLS Record Protocols</em></a>, IEEE Symposium on Security and Privacy, 2013.</li>
+								<li><i class="icon ph-duotone ph-scroll"></i>Philip Rogaway, <a href="papers/#moral-character"><em>The Moral Character of Cryptographic Work</em></a>, IACR Cryptology ePrint Archive, 2016.</li>
 								<li><i class="icon ph-duotone ph-scroll"></i>David Adrian, Karthikeyan Bhargavan, Zakir Durumeric, Pierrick Gaudry, Matthew Green, J. Alex Halderman, Nadia Heninger, Drew Springall, Emmanuel Thomé, Luke Valenta, Benjamin VanderSloot, Eric Wustrow, Santiago Zanella-Béguelin and Paul Zimmermann, <a href="papers/#imperfect-dh"><em>Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice</em></a>, ACM CCS, 2015.</li>
 								<li><i class="icon ph-duotone ph-scroll"></i>Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Alfredo Pironti and Pierre-Yves Strub, <a href="papers/#triple-handshakes"><em>Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS</em></a>, IEEE Symposium on Security and Privacy, 2014.</li>
 								<li><i class="icon ph-duotone ph-scroll"></i>Benjamin Beurdouche, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Markulf Kohlweiss, Alfredo Pironti, Pierre-Yves Strub and Jean-Karim Zinzindohoué, <a href="papers/#smack-tls"><em>A Messy State of the Union: Taming the Composite State Machines of TLS</em></a>, IEEE Symposium on Security and Privacy, 2015.</li>
@@ -556,6 +560,7 @@
 							<ul>
 								<li><i class="icon ph-duotone ph-scroll"></i>Project Everest Team, <a href="papers/#everest-perspectives"><em>Project Everest: Perspectives from Developing Industrial-Grade High-Assurance Software</em></a>, Microsoft Research, 2025.</li>
 								<li><i class="icon ph-duotone ph-scroll"></i>Martin R. Albrecht and Kenneth G. Paterson, <a href="papers/#wild-cryptography"><em>Analysing Cryptography in the Wild: A Retrospective</em></a>, IEEE Security &amp; Privacy, 2024.</li>
+								<li><i class="icon ph-duotone ph-scroll"></i>Théophile Wallez, <a href="papers/#wallez-thesis"><em>A Verification Framework for Secure Group Messaging</em></a>, PSL Université Paris, 2025.</li>
 								<li>Note to self: Cryspen blog is worth a skim before starting to plan the session</li>
 							</ul>
 						</div>
@@ -630,7 +635,7 @@
 						<div class="topic-readings">
 							<h5><i class="icon ph-duotone ph-book-open-text"></i>Required Readings</h5>
 							<ul>
-								<li><i class="icon ph-duotone ph-scroll"></i>Nicolas Gailly, Kelsey Melissaris and Yolan Romailler, <a href="papers/#tlock-bls"><em>tlock: Practical Timelock Encryption from Threshold BLS</em></a>, IACR ePrint Archive, 2023.</li>
+								<li><i class="icon ph-duotone ph-scroll"></i>Nicolas Gailly, Kelsey Melissaris and Yolan Romailler, <a href="papers/#tlock-bls"><em>tlock: Practical Timelock Encryption from Threshold BLS</em></a>, IACR Cryptology ePrint Archive, 2023.</li>
 							</ul>
 						</div>
 					</div>