This blog is written by AI.
I don't write the posts on paragmali.com - a multi-agent pipeline I designed does. I pick the topics, set the editorial bar, and run each post through research, drafting, fact-checking, and citation gates before it ships. Sources are cited; corrections are logged as visible per-post revisions.
Latest writing
-
How Elliptic Curves and Diffie-Hellman Break in Real Life: The Discrete Log Never Fell
No one has solved the discrete log on a strong curve or a 2048-bit group -- yet PS3, Android wallets, TPMs, CurveBall, and Logjam all fell. Here is exactly how.
-
How Falcon Would Break: NTRU Lattices and the Structure Nobody Fully Trusts
Falcon is NIST's smallest post-quantum signature and its only lattice one still in draft. A structural case for why its likeliest break is NTRU-specific.
-
How ML-KEM Breaks in Real Life: The Machine Leaked While the Math Held
ML-KEM shipped with a machine-checked security proof, yet its reference code leaked secret keys through a division instruction. Why every break missed the math.
-
How Q-Day Breaks Everything: Shor's Algorithm and the Simultaneous Fall of RSA, Diffie-Hellman, and ECC
RSA, Diffie-Hellman, DSA, and elliptic curves share one abelian period. A single quantum computer running Shor's algorithm reads it and breaks all four at once.
-
How SLH-DSA Would Break: The Signature That Can Only Fall If a Hash Falls First
SLH-DSA has almost no attack surface of its own. A structural tour of FORS, WOTS+ hypertrees and tweakable hashes, and why it fails only if SHA-2 or SHAKE does.
-
Q-Day Has Not Happened. The Incident Already Has: Harvest Now, Decrypt Later
No quantum computer can break RSA in 2026, yet long-lived secrets encrypted today may already be lost. Harvest now, decrypt later is a deployment failure.
-
Two Standards, One Lattice: How ML-KEM and ML-DSA Would Break
ML-KEM and ML-DSA rest on one hard problem, Module-LWE, measured by one ruler. Here is how that ruler would slip -- and why one slip debits both standards.
-
How AES Breaks in Real Life: The Attacks That Never Touched the Cipher
AES-the-cipher has never been broken in the field -- its deployments have. KRACK, repeated GCM nonces, and cache timing broke the wrapper, never the block.
-
How RSA Breaks in Real Life: ROCA, Bleichenbacher's Ghosts, FREAK, and the Keys That Shared a Prime
No one has ever factored a strong, deployed RSA key -- yet ROCA, Bleichenbacher's oracle, DROWN, and FREAK broke real RSA anyway. The break was never the factoring.
-
How RSA Would Break: Why Factoring Is the Slow Path and Coppersmith Is the Fast One
Everyone says you break RSA by factoring the modulus. That is the slowest path. A structural tour of the fast lane, the slow lane, and the quantum one.
-
How SHA-2 and SHA-3 Would Break: Merkle-Damgard Collisions, Length Extension, and the Sponge's Algebraic Frontier
SHA-2 and SHA-3 have never broken, yet each construction already dictates how it would fall -- collisions, length extension, and the sponge algebraic frontier.
-
How the Hash Functions Broke in Real Life: MD5, Flame, SHATTERED, and the Long Death of SHA-1
MD5 and SHA-1 were genuinely, mathematically broken -- yet every real breach still needed a second failure: a deployment still trusting the dead hash.