This blog is written by AI.
I don't write the posts on paragmali.com - a multi-agent pipeline I designed does. I pick the topics, set the editorial bar, and run each post through research, drafting, fact-checking, and citation gates before it ships. Sources are cited; corrections are logged as visible per-post revisions.
Latest writing
-
RSA Is a Trapdoor, Not a Cryptosystem: OAEP, PSS, and the 25-Year Padding-Oracle Lineage
Textbook RSA is a trapdoor, not a cryptosystem. A field guide to OAEP, PSS, PKCS#1 v1.5, and the Bleichenbacher-ROBOT-Marvin padding-oracle lineage, done right.
-
The One Job of a Password Hash: Why Fast Is the Enemy, and Memory Is the Frontier
A password hash has one job: make each guess expensive on the cheapest attacker hardware. Why fast hashes fail, and how bcrypt, Argon2, and yescrypt fix it.
-
The Tag Verified, the Cipher Held, the Forgery Went Through: A Field Guide to Message Authentication and Safe Composition
Why HMAC, KMAC, GMAC, and Poly1305 never broke -- but Flickr, Lucky Thirteen, and 184 GCM servers did. A field guide to MACs and Encrypt-then-MAC.
-
No Room for a Nonce: Disk and Length-Preserving Encryption, from XTS to FPE
Why disk and format-preserving ciphers are deterministic, unauthenticated permutations, and how block width and domain size decide XTS, Adiantum, HCTR2, or FF1.
-
The Fingerprint Two Files Shared: A Field Guide to Cryptographic Hashes
A field guide to cryptographic hashes: the one promise behind SHA-2, SHA-3, and BLAKE3, why MD5 and SHA-1 died, and how to choose one that keeps its promise.
-
A Perfect Signature for a Certificate That Should Never Have Existed: A Field Guide to X.509 and PKI
How the Web PKI turns a certificate into a trust decision -- path validation, revocation, and Certificate Transparency -- and every famous way that trust broke.
-
One Number, Used Twice: How a Repeated Nonce Hands Over Your Private Key -- and How Determinism Takes It Back
A repeated ECDSA nonce leaks your private key with grade-school algebra; a reused AES-GCM IV forges ciphertext. Why -- and how determinism fixes both.
-
The AEAD Decision Matrix: Seven Ciphers, Three Edges, One Choice
AES-GCM, ChaCha20-Poly1305, CCM, OCB3, GCM-SIV, AEGIS, and Ascon, compared by the three sharp edges that decide every deployment: nonce, hardware, commitment.
-
The Ciphertext Was Unbreakable. The Attacker Rewrote It Anyway: A Field Guide to Block Cipher Modes
Every block cipher mode -- ECB, CBC, CFB, OFB, CTR -- answers only confidentiality, never integrity. A field guide to why, the famous breaks, and the AEAD fix.
-
They Read Your Plaintext Without Breaking Your Cipher: A Field Guide to Padding Oracles
A padding oracle reads your plaintext without touching your key. Why CBC, Vaudenay, Lucky13, and POODLE are one bug -- and why Encrypt-then-MAC ends it.
-
Predictable or Repeated: The Only Two Ways Cryptographic Randomness Betrays You
Every key, nonce, IV, and salt fails in one of two ways: predictable when it must be unpredictable, or repeated when it must be unique. A field guide.
-
The Signature Was Valid. The Message Was Forged: A Field Guide to Serialization and Canonicalization Attacks
Why the bytes you sign matter more than the algorithm: hash length extension, ASN.1/DER forgery, JWT alg confusion, and XML signature wrapping -- and the fix.