#security-critical-infrastructureView all tags

• Hybrid Schemes and Protocol Agility

  April 16, 2026 · 10 min — #research-notes#post-quantum-cryptography#cryptography#protocol-design#security-critical-infrastructure#devsecops#distributed-systems#TLS

• The Leaf Is the Hot Path: Signature Placement in Post-Quantum TLS (ML-DSA vs SLH-DSA)

  April 8, 2026 · 9 min — #research-notes#post-quantum-cryptography#cryptography#protocol-design#security-critical-infrastructure#devsecops#distributed-systems#TLS#PKI

• Stateful Signatures Are a Distributed Systems Problem: XMSS/LMS Without Index Reuse

  April 1, 2026 · 10 min — #research-notes#post-quantum-cryptography#cryptography#security-critical-infrastructure#devsecops#iiot-platforms#distributed-systems#formal-methods

• Research Frontiers: Composability, Proofs, and Future Primitives

  December 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• Long-Lived Secrets: Forward Secrecy, KEMs, and Key Erasure

  November 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• Post-Quantum DoS Surfaces: Handshakes, Amplification, and Mitigations

  October 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• Operationalizing PQC: Monitoring, Rollback, and Incident Response

  September 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• Quantum-Safe VPN Design: Lessons from Implementing a PQ IPSec Stack

  August 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• no_std Crypto in Rust: Determinism, Side Channels, and Constraints

  July 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• BFT with PQ Primitives: When Crypto Costs Dominate

  June 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• Quantum-Resilient Identity: Device + Human, Online + Offline

  May 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• PQC for Blockchain Signatures: Wallet UX, Size, and Verification Cost

  April 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• Quantum-Safe Secure Boot: Firmware Roots and PQ Signatures

  March 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• Hybrid Key Management: Rotations Across Algorithm Families

  February 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• Quantum Threat Modeling for Infrastructure: What Changes, What Doesn’t

  January 1, 2025 · 3 min — #research-notes#post-quantum-cryptography#security-critical-infrastructure#protocol-design#cryptography

• Red Teaming Infrastructure: Turning Attacks into Regression Tests

  December 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Rust/Go Secure Coding Patterns: The Bugs That Still Happen

  November 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Secure Configuration: Policy-as-Code and Guardrails

  October 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Backup/Restore as a Protocol: RPO/RTO with Adversaries

  September 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Observability at Scale: Traces, Cardinality, and Cost

  August 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Rate Limiting & Load Shedding: Protecting Reliability SLOs

  July 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Multi-Region Design: Failover That You Can Actually Test

  June 1, 2022 · 4 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Kubernetes Hardening: RBAC, NetworkPolicy, and Pod Security

  May 1, 2022 · 4 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Runtime Security: eBPF, Policy, and Drift Detection

  April 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Secrets Hygiene: Rotation, Scoping, and Runtime Delivery

  March 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Reproducible CI/CD: Determinism as Defense

  February 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Supply Chain Security: SLSA, SBOM, and Build Provenance

  January 1, 2022 · 3 min — #research-notes#DevSecOps#security#resilience#security-critical-infrastructure

• Post-Quantum Readiness at the Edge: Constraints and Migration

  December 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Anomaly Detection: What 'Baseline' Means in Industrial Systems

  November 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Secure Remote Access: Bastions, Just-in-Time, and Audit

  October 1, 2021 · 3 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Offline-First Edge: Consistency During Intermittent Connectivity

  September 1, 2021 · 3 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Safety-Critical vs Security-Critical: Integrating Two Worlds

  August 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Gateway Architecture: Protocol Translation Without Becoming a Bottleneck

  July 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Time-Series at Scale: Ingestion, Downsampling, and Query Isolation

  June 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Zero Trust for IIoT: Network Segmentation and Policy Enforcement

  May 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Firmware Update Pipelines: Rollouts, Canary, and Recovery

  April 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Edge-to-Cloud Messaging: MQTT, OPC UA, and Threat Models

  March 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Secure Telemetry: Integrity, Nonce Discipline, and Replay Protection

  February 1, 2021 · 3 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Device Identity: Provisioning, Attestation, and Lifecycle

  January 1, 2021 · 4 min — #research-notes#IIoT#security-critical-infrastructure#distributed-systems#DevSecOps

• Incident Response for Crypto Systems: Key Compromise Playbooks

  December 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• KMS/HSM Threat Models: When 'Managed' Doesn't Mean 'Safe'

  November 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Multi-Tenant Isolation: Crypto Boundaries vs Kernel Boundaries

  October 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Cryptographic Agility: Designing for the Algorithm You Haven't Met Yet

  September 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Logging for Forensics: Tamper Evident Event Pipelines

  August 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• TLS Beyond Defaults: Ciphersuites, ALPN, and Operational Reality

  July 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Secure Firmware Updates: Signed Manifests and Rollback Protection

  June 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Side Channels: Constant-Time, Cache Attacks, and Real Threat Models

  May 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Hardware Roots of Trust: TPM, Secure Boot, and Attestation

  April 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Secrets vs Capabilities: Token Design in Microservices

  March 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• Key Management at Scale: Rotation, Audit, and Blast Radius

  February 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps

• PKI as an Operating System: Certificates, Policies, and Expiration

  January 1, 2018 · 4 min — #research-notes#cryptography#security#security-critical-infrastructure#DevSecOps