<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/">
    <channel>
        <title>Lisa Akselrod</title>
        <link>https://paragraph.com/@lisaakselrod</link>
        <description>Chasing waves and verifiable computations</description>
        <lastBuildDate>Sun, 12 Jul 2026 22:46:47 GMT</lastBuildDate>
        <docs>https://validator.w3.org/feed/docs/rss2.html</docs>
        <generator>https://github.com/jpmonette/feed</generator>
        <language>en</language>
        <image>
            <title>Lisa Akselrod</title>
            <url>https://storage.googleapis.com/papyrus_images/bf6b34d9e65bba228dfca284b8b274149b127a807c5cb1ac09aa12fbfc54d84a.jpg</url>
            <link>https://paragraph.com/@lisaakselrod</link>
        </image>
        <copyright>All rights reserved</copyright>
        <item>
            <title><![CDATA[Am I thinking about you that last minute before falling asleep?]]></title>
            <link>https://paragraph.com/@lisaakselrod/am-i-thinking-about-you-that-last-minute-before-falling-asleep</link>
            <guid>maXwm3OBLhTLkMCc0ms0</guid>
            <pubDate>Sat, 11 Jul 2026 19:38:22 GMT</pubDate>
            <description><![CDATA[Today I want to think about jealousy. Beautiful and scary feeling I’ve heard a lot about but know a little. The official definition of jealousy is: a complex emotion characterized by insecurity, fear, and anger over a perceived threat to a valued relationship or position. But I would give an intuitive defi...]]></description>
            <content:encoded><![CDATA[<p>I like writing essays on the plane when I have several hours without notifications, emails and calendars. Just me, food in little boxes from Lufthansa, and some free time to write an essay.</p><p>Today I want to think about jealousy. Beautiful and scary feeling I’ve heard a lot about but know a little.&nbsp;</p><p>The official definition of jealousy is:&nbsp;a complex emotion characterized by insecurity, fear, and anger over a perceived threat to a valued relationship or position.</p><p>But I would give an intuitive definition like that: jealousy is when something is mine and someone else is trying to claim it despite the fact this is mine. Or when this something is trying to get more degrees of freedom I assume it should have.&nbsp;</p><p>There are not too many times in my life I felt jealous.&nbsp;</p><p>The first one, when my mom told me I gonna have a sibling. I was five. My mom was like: hey Lisa we have great news you gonna have a sister. And I was like: mm I do not need one, but thanks. We are good, parents and me, me and parents, we do not need more people. No need to say no one took my opinion into account…&nbsp;</p><p>But the feeling I had was exactly that: I do not have enough parents even for myself, and they want to bring someone who will take some part of parents and I will have even less. I tried to be clear and direct about it, but failed to negotiate.&nbsp;</p><p>The second jealousy flash happened when I was 12. My classmate and I started going to the stables in summer. But I was living in the city, and she was living in the countryside close to the stables. Because of that, she got to be at the stables way more often than I did. One day she called me and said that they gave her to brush a horse. I was completely heartbroken. That felt like the most wonderful thing in the world — to brush a horse. And she already got to do it, and I didn’t know if I ever would get a chance.&nbsp;</p><p>(I ended up moving into her country house and staying there till the moment I also was honoured to brush a horse)&nbsp;</p><p>But that feeling “why she and not me” was insane.&nbsp;</p><p>The third and the last jealousy case I can recall happened several months ago. When a friend of mine started a company and flied to raise for it. It looked from outside going way faster and more successful than my venture and I felt this “why him and not me”… but it ended up being a half fake story and in several months he wrapped things up so it doesn’t really count.&nbsp;</p><p>That’s pretty much it. Never in relationships. Never to men. Never to friends. It just doesn’t make sense to me. Because life is never about what is physically going on right now, it’s more about what’s happening between the rows.&nbsp;</p><p>It doesn’t matter who holds whose hand, who spends the night with whom. What does matter though is that out of all places in the world and all people in the world I am still choosing you again and again just because I want. Not because I promised, signed, or sweared, not because someone is watching, but because I want.&nbsp;</p><p>Only from the state of a completely free choice, there is this wildly alive energy flowing between two people, creating true intimacy, trust, and love.&nbsp;</p><p>And completely free choice doesn’t mean a full woodstock-style life or just fucking around, it’s about what’s going on in the mind, in the background, in the last minute before we close the eyes.&nbsp;Am I thinking about you that last minute before falling asleep?</p><p>Love and jealousy are like dry stone in the water: it just can’t coexist in the heart at the same moment. It can switch back and force, but at the moment of feeling love to someone, we feel that we just want them to feel good and be happy. Whatever it takes.&nbsp;</p><p>But even if we construct the relationship with guarantees of being the only one it doesn't really give any guarantees, it’s like... if you are six and you are having a bday party full of classmates but they came only because their parents forced them to come.. would you feel really happy? You can convince yourself this is the coolest bday party, but there is always a part inside that knows the truth.&nbsp;</p><p>It might sound theoretical and one might say ‘in real life it doesn’t work like that’&nbsp;</p><p>But I will tell you this: I held the same opinion ten years ago when I was 18, and people permanently told me “you will understand when you grow up, in real world it doesn't work like this.” Today I am 28, I grew up, and all experiences, relationships and connections that happened to me through this time just made me more confident it works like this.&nbsp;</p><p>I had quite a few not-very-simple situations, when my bf’s ex moved to his place even though they broke up long time ago, when my bf asked to open relationships even though the initial setup was monogamy, and my internal intuitive reaction to that was always like .. if this is what you need to be happy or you think it will make you happy — go for it. It doesn’t mean it will be easy for me, but I will not say no. Most choices we feel like doing are already done. </p><p>Thank you for reading :) feel free to drop your thoughts or share your stories: <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="mailto:lisaakselrod@gmail.com">lisaakselrod@gmail.com</a></p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <category>jealousy</category>
            <enclosure url="https://storage.googleapis.com/papyrus_images/e0cb5ebad86e9d4a8c07b0b8626d85c1fd9f816d38f23b9a616bb4bf6159affb.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[Where creativity comes from ]]></title>
            <link>https://paragraph.com/@lisaakselrod/where-creativity-comes-from</link>
            <guid>UnByJxRYFdKJpPMTdkqU</guid>
            <pubDate>Tue, 16 Jun 2026 20:14:46 GMT</pubDate>
            <description><![CDATA[Disclaimer: in this essay about creativity, I am conveying my own understanding and ideas about creativity. All of that is strictly subjective and absolutely unscientific. Enjoy! ]]></description>
            <content:encoded><![CDATA[<p>Disclaimer: in this essay about creativity, I am conveying my own understanding and ideas about creativity. All of that is strictly subjective and absolutely unscientific. Enjoy!</p><p><strong>What is creativity&nbsp;</strong></p><p>Before I google a normal definition, I want to try to derive it on my own. The first instinct is to say that creativity is ability to think differently from 99.99% of other human brains currently operating on the earth. But then, considering we are strongly pre-AGI, it might be careless saying human brains, so maybe thinking differently from 99.99% of brains currently operating on the earth. But then thinking differently sounds like being a neurodivergent which is not exactly being creative or being creative but in one particular approach.&nbsp;</p><p>Internet says: creativity is the ability to generate novel, valuable ideas or solutions by connecting seemingly unrelated concepts, reimagining existing ones, or exercising imagination, which makes sense. But in the next section, I will try to explain you creativity in my own words. </p><p><strong>Think about it as an input / output machine&nbsp;</strong></p><p>Assume human is a blackbox, we put a puzzle inside, we get an answer as an output. If this answer is exactly in the middle of normal distribution, it is a trivial (non-creative) one. If it goes too far to one of the sides, with high probability it is unrelated or stupid. If it is not exactly in the middle, but somewhere 10-15% left or right from the middle – we are probably dealing with creativity. One can think of creativity as an ability to reason about usual things in unusual ways or producing outputs other people for some reason can’t produce.</p><p>I am deeply convinced that creativity is a skill or a muscle derived directly from all the training and retraining activity we are doing on human brains. If thinking about childhood, school, and to large extent university, as well as corporate and office environments, public spaces, cultural and society traditions as pre-training, it is of no surprise that most people lack creativity. Pre-training takes most of the training time and then there is just a bit left for things like trial and error reinforcement learning and almost no time at all for free flow explorations in the frame “what if…”&nbsp;</p><p>“What if… I spent three months doing absolutely my best to find aliens and get in touch” – almost never happens because modern life and social spaces are organized in a way not leaving too much free time and an average grownup hardly ever is able to take three months for an alien side project even once per life.&nbsp;</p><p>How to win more time for free flow exploration? Give up on social, traditional, and normal pre-training as much as possible. The cost – most people will hate you and do their best to bring you back. Assume a 12yo who decided to skip three months of school for a side project. Very few parents will actually support it (respect to those who will).&nbsp;</p><p>But there is no cheat code here imo: to train and fetch out creative thinking, one has to fight all standard brain pre-training and exhausting life activities in a radical way. Otherwise – no creativity.&nbsp;</p><p><strong>Human is a neural network</strong></p><p>To be creative, we ‘just’ need to engage different neurons in different brain areas in different combinations and permutations with different intensity. Humanity still doesn’t know too much about how exactly brain operates. But we do know some things, for example, we know that brain area is not allocated in a strictly fixed way, despite often hearing that one area is responsible for creativity and another one for speech and another one for vision – when one loses part of their brain, the brain space is reallocated from scratch so that all the existing skills are preserved.&nbsp;</p><p>It is funny, our whole life is driven by operating a computer we have no clue about. Imagine living in a house that is orchestrated in some random way, when you get electricity, when water, when the lights is on when off, when furniture is rearranged, etc. And all your activity is fully dictated by the current state of the house you have little control of. This is exactly how our brain manages our life. Feeling sad or high energy, looped in a situation that has happened, disfucntional because of a broken heart and what not. Feels stupid and fascinating at the same time.&nbsp;</p><p>But back to the point, to extract creativity from this blackbox called brain, we ‘just’ need to engage different neurons in different brain areas in different combinations and permutations with different intensity. This is the best recipe I found so far. Not very smart or high-tech, but it works consistently. How to do it – by engaging in very different activities, exposing ourselves to different experiences, in different contexts, environments, and circumstances, and never stop asking questions. The rest of the essay describes some way to make this happen derived from my personal experience.&nbsp;</p><p><strong>Routine kills creativity&nbsp;</strong></p><p>Routine is comforting and pleasant, but it is poisonous. Routine makes some neuron connections more explicit than others and then neurons tend to take this familiar way whenever they have an opportunity. Taking same type of coffee in the same cup from the same coffee spot degrades your ability to solve a puzzle creatively. It doesn’t mean one should avoid routine completely, it’s rather inconvenient, but one should optimise for neuro-connection diversity (often referred to as neuroplasticity).&nbsp;</p><p>Society loves routine and humans behaving predictably. So whenever you live in a never ending exploration mode, people tell you something like: can you already decide who you are, settle down on what your life is, you should choose one vertical and build a consistent career and all things pretty much saying “stop exploring”. But it doesn’t matter, just ignore them.&nbsp;</p><p><strong>Learning new things expands creativity</strong></p><p>Learning new things creates new neuro-connections which helps think more creatively. But here is an interesting thing: relearning things we already know expands creativity no less or maybe even more, because it deconstructs already existing neuro-connections into families of new related connections. For example, when I started learning Mandarin as a 5th language, we had many debates with my brain whether hieroglifs are actually letters because they do not look like other things we usually call letters. But after we settled down on yes those guys are also letters by thinking machine around letters has expanded in several dimensions which made my thinking more creative because now there are more neuron combinations and permutations available.&nbsp;</p><p>I would say that learning things from the first principles make us more creative, but then it actually contradicts the ‘avoid routine’ concept because if we learn everything from the first principles this is learning&nbsp; routine. But sometimes learning from first principles definitely optimizes for neuro diversity. For example, assume you want to learn computer architecture. If you just learn the von Neumann architecture which is the low-key default in the world at is, it becomes the default in your brain for a computer architecture. But if you start with inventing five different computer architectures that potentially could exist considering what job we want computer to execute – von Neumann won’t be the first one that comes to your mind. So it leads us to the idea that free flow learning is more useful than actual learning. And the combination of both gives us the best net gain in creativity. &nbsp;</p><p><strong>Trying new things expands creativity</strong></p><p>Just trying new things without learning the whole skill seems to be useful for creativity too. Because they activate new combinations of neurons in new brain areas. They do not develop the new family of connections as a meaningful cluster in the neuron highway system, but it adds some routes that were not available previously. It seems from my empirical observations that it is more useful to try things in the sensorial areas that are not my core leading areas (i.e. not brain activity). So doing things by hands (e.g. making jewellery or woodwork) or with meaningful body engagement (surfing, shibari, paddle, food tasting, golf, etc) give me more new thoughts, angles, and perspectives than purely intellectual activities (philosophy or mathematics). But of course we want to combine all.&nbsp;</p><p><strong>Combining different contexts that have nothing to do with each other&nbsp;</strong></p><p>This is for those who like experiments and does not care about looking weird, but doing a regular activity in a different context changes our way of thinking drastically and makes us more creative. For example brain solves a math puzzle at home and at a night club in completely different ways. I actually like thinking, jamming on puzzles or even journaling at nightclubs. Other examples might include solving puzzles at the sunrise at the beach, moving to a friend’s house for a couple of day and solving puzzles on their sofa, and pretty much whatever you can invent where you will feel slightly unusual. I should highlight that it won’t make you more productive, probably it will make you less productive, but it will help you to think thoughts that otherwise wouldn’t come to your mind.&nbsp;</p><p><strong>Sensational experiences&nbsp;</strong></p><p>Instead of changing purely context, one can also change the persona context. For example, putting on a long coat and taking a pack of Marlboro in one hand and shitty black coffee in another hand – you already will think differently and more creative. The idea of this exercise is not to lock ourselves into one single personality but fluidly moving between different embodiment experiments. It helps think.&nbsp;</p><p><strong>Rewriting inefficient automatic strategies&nbsp;</strong></p><p>Sometimes some thoughts take too much power in our brains. Fears, unfortunate experiences of the past, anxiety, overexcitement, pretty much whatever takes too much place for too long degrades creative thinking. I see huge value in removing those automatic strategies because it frees space for thinking. It is a life long process and ongoing work, some strategies can be removed easily, some only partially, some are hard even to identify, some are hard to change but even consciously giving place to them already makes difference. I think therapy is the third largest cost category in my spending structure last years, especially when I started building a company. The less inefficient automatic strategies are driving my life, the more place for creative thinking I have.&nbsp;</p><p>For handling this particular issue, the most efficient method I found are constellations. It is not scientific, but it works personally for me really good. I also should admit that except for this particular use case and handling posttrauma I do not see much value in therapy (it has nothing to do with the article, just do not want to sound by accident as a huge therapy-believer).</p><p><strong>Running thought experiments&nbsp;</strong></p><p>Solving imaginary problems is a huge source of creativity. For example, designing a nuclear coordination protocol in four hours. No one asked me (unfortunately). Furthermore I even do not have enough inputs. But it is a thought experiment. So for four hours believe this is real and solve it. The patterns we design and discover in thought experiments are also handy when we solve real problems because solving imaginary problems one doesn’t need to stay grounded. One can come up with any tool, algorithm, or mechanism disregarding laws and common sense. But then remember that most technology we use today some time ago didn’t make any sense.&nbsp;</p><p><strong>How far can you go&nbsp;</strong></p><p>The truth is … as far as you want. I do not like edge experiences like locking yourself to the mental hospital to understand how other patients think and borrow some strategies. But I know people who have done it and it was worth it for them. It’s everyone’s personal choice and responsibility. And even “playing all in” might mean different things.&nbsp;</p><p><strong>Drugs for creativity&nbsp;</strong></p><p>The set of experiments I conducted is quite limited and includes trying different substances, one by one with large enough intervals, and trying to solve unsolved puzzles in a more creative way compared to how I usually would solve them. Tl;dr I didn’t notice any meaningful difference. There are still many drugs to try, I will keep you posted but I am not too excited about this way.&nbsp;</p><p>If someone (except for Erdos operating on amphetamine) found any meaningful results in using drugs for solving really hard puzzles — please email me I would love to hear about it: <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="mailto:lisaakselrod@gmail.com">lisaakselrod@gmail.com</a>&nbsp; &nbsp;</p><p>p.s. spiritual insights and knowledge about how everything is connected to everything do not count. While those are entertaining, I do not see any fundamental value in them.&nbsp;</p><p><strong>Alcohol for creativity&nbsp; &nbsp; &nbsp;</strong></p><p>Just very very bad. Alcohol makes everything worse off without making anything better off, it degrades sensations, ability to think, connection to the reality, ability to listen and express thought clearly, etc</p><p><strong>Human connection and tantra for creativity&nbsp;</strong></p><p>Very very good, it touches a lot of brain areas that are rarely touched in our day to day life. Because of the architecture of modern society, deep authentic connection at all levels, including physical, intellectual and emotional, is almost excluded at all society levels. While other people are great source of rearranging and refactoring our brains, the flow of neurons, and the input/output machine, it also decreases the level of stress drastically. And it makes you think differently.&nbsp;</p><p>Basic information exchange mostly adds useless data repeating already existing data. Deep human connection allows us to see the aspects of existing data from new sides.&nbsp;</p><p>There also might be some metaphysical aspect here, affiliated with information stored in the space and human machine somehow getting access to this information. I do not have any good insight here, but I believe that in the future we will discover how information is stored in the space except for chips and analog devices and we will learn to read/write it. It might be the case that different human machines have access to different information.&nbsp;</p><p>But even putting metaphysics aside, we scientifically know that the better one’s emotional machine is, the better they can reason (despite the BBC Sherlock show being an opposite example). So interacting with other humans in an emotionally meaningful way improves reasoning a lot.</p><p><strong>Stress for creativity&nbsp;</strong></p><p>Depends on one’s ability to process stress. If one can stay calm, with clear mind and fast reasoning, then stress is great, it is a new obstacle that provokes thinking differently. Otherwise, stress just degrades creativity to trivial and template thinking.&nbsp;</p><p>Overall, decreasing stress to bare minimum seems to be an optimal strategy in almost 100% of cases. Stress is a weird scam game our mind tricks us into, but we can trick it back into the state of chill and relaxation. By conscious observation, practicing mindfulness, and meaningful bodywork.&nbsp;</p><p>Those were some thoughts on creativity. Thank you for reading. Feel free to drop any thoughts or questions here: <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="mailto:lisaakselrod@gmail.com">lisaakselrod@gmail.com</a></p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <category>creativity</category>
            <enclosure url="https://storage.googleapis.com/papyrus_images/c471a11ae10fe6b7266634cb47600c89323204900767550c3f81b5482c6d5b2e.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[Passkeys: Phishing Resistance, New Failure Modes]]></title>
            <link>https://paragraph.com/@lisaakselrod/passkeys-phishing-resistance-new-failure-modes</link>
            <guid>ekNJBm28m7y0JIXt2ixQ</guid>
            <pubDate>Fri, 22 May 2026 12:53:18 GMT</pubDate>
            <description><![CDATA[Passkeys are one of the biggest practical improvements authentication has seen in years. They significantly reduce phishing and credential theft, but they do not make authentication magically secure. This piece is a plain look at how passkeys work, what they improve, and where their real weaknesses still are.]]></description>
            <content:encoded><![CDATA[<h2 id="h-what-is-a-passkey" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What is a passkey</h2><p>A passkey is a way to sign in without a password. Something like that was expected to appear since early 2000th because (a) people hate passwords and (b) passwords are a huge vector in phishing.</p><p>Passkeys came out of the FIDO Alliance and the W3C WebAuthn standard kicked off in 2012/2013. The modern consumer passkey experience was pushed into the mainstream when Apple, Google, and Microsoft jointly committed in 2022 to support the expanded cross-device experience.&nbsp;</p><h2 id="h-how-passkeys-work" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">How passkeys work</h2><p>Instead of creating and remembering a password, your device creates a cryptographic key pair:&nbsp;</p><ol><li><p>a public key is stored by the app or website</p></li><li><p>a private key stays on your device. It is usually stored in a secure hardware-backed area (Trusted Enclave in iPhone, Trusted Execution Environment in Android). For desktop, it is usually stored in the OS credential manager.&nbsp;</p></li></ol><p>*OS Credential Manager is not a hardware related method. It is the operating system’s built-in layer for storing and brokering credentials such as passwords, passkeys, certificates, and federated sign-ins. Frankly speaking, it is just a third-party secret manager.</p><p>When you log in, your device proves you have the private key, usually using: Face ID, Touch ID, or device PIN. The biometric or PIN proves to the device that it is really you, and then the device uses the private key to prove to the website that it has the correct credential.</p><p>What happens is:</p><ul><li><p>the website sends a challenge</p></li><li><p>the private key on your device signs that challenge</p></li><li><p>Face ID / Touch ID / PIN is the local check that authorizes use of that key</p></li><li><p>the website verifies the signature using the public key it already has</p></li></ul><h2 id="h-is-it-a-good-idea-to-rely-on-keys-stored-in-a-secure-enclave" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Is it a good idea to rely on keys stored in a secure enclave?</h2><p>The short answer is it depends on how they are stored. If it is a device-bounded key (i.e. packed there once while manufacturing and forever) – it eliminates quite a decent amount of attacks. You are left with actual attacks on physical device or leakage of all private keys by the manufacturer (as you can’t rotate). But so far such precedents didn’t take place. We can assume this incident to be theoretical (at least for today).</p><p>The issue is that private key binded to the device degrades UX because we usually have multiple devices. So when it comes to passkeys, the private key is created locally, but an encrypted version is synced through a cloud credential manager so it can appear on your other devices.</p><p>The encryption key is stored on the user device (similar to the passkey). The decryption key as well but there is also a sophisticated MFA attached to using it. (I am generalizing, it’s Friday. It works differently in Microsoft fyi).</p><p>So far we do not know about any attacks that leaked synced passkeys. That is not proof it is impossible. It just means I did not find a strong public case.&nbsp;</p><h2 id="h-how-passkeys-change-the-attack-surface" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">How passkeys change the attack surface&nbsp;</h2><p><strong>Practical attacks&nbsp;</strong></p><ul><li><p>Not using passkeys. It is not a type of attack, but it says that if the goal was to decrease attack surface in secret phishing and credentials theft, then passkeys do the job, but only if people use it. This is the reason I assume why actually Apple, Google, and Microsoft forced adopting passkeys. Previously, they were one of options and people still heavily leaned towards passwords and SMS authorization.&nbsp;&nbsp;</p></li><li><p>Synced passkeys are only as strong as the recovery and sync-fabric access controls. Didn’t happen so far. Probably an expensive attack requiring tons of software and hardware reverse-engineering ($10-20M?). NIST expresses concerns about it (but no one believes NIST anymore).</p></li><li><p>Passkeys stop credential theft, but not theft of an already-issued session token. I.e. Nothing has changed for stolen sessions.&nbsp;</p></li><li><p>Malware, remote-access tools, or a thief with an unlocked device may be able to use the passkey locally or steal the session after login. This seems to be a trendy trend and the reason why the cyber market is heavily learning towards more sophisticated endpoint protection solutions.&nbsp;</p></li><li><p>Unattested synced-passkey registration can create gaps at registration time, including fake providers. That actually an interesting one! Not the case if hardware enclaves are used with attestations. Which is not the case for desktop and not the case for Microsoft (why whenever there is an issue there is Microsoft around? jk)</p></li><li><p>Browser, OS, IdP, RP, or recovery-flow bugs can undermine a sound protocol. This is a very general attack vector fair for everything in the world. I am putting it here because of my genuine affection towards protocol soundness and because it actually shows how unavoidable formal verification adoption is for this world.</p></li></ul><p><strong>Theoretical attacks</strong></p><ul><li><p>Secure hardware extraction: rare and expensive, but not purely theoretical. Examples include TPM-FAIL against TPMs and Yubico’s 2024 advisory on private-key recovery under sophisticated physical attack conditions for affected devices.</p></li><li><p>Sync-provider failure or insider abuse: for synced passkeys, the worst-case cloud failure is compromise of encrypted sync data plus a successful recovery/enrollment path attack.</p></li></ul><h2 id="h-what-is-the-worst-case-scenario-failure-modes-for-passkeys-security" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What is the worst case scenario / failure modes for passkeys security</h2><ul><li><p>An attacker compromises the user’s device and authenticates locally.</p></li><li><p>An attacker hijacks the authenticated session and acts as the user.</p></li><li><p>An attacker social-engineers account recovery and adds their own synced device or passkey.</p></li><li><p>A service “supports passkeys” but still allows easy downgrade to password/SMS, so phishing still works through fallback.</p></li></ul><ul><li><p>A high-end attacker extracts or recovers keys from vulnerable hardware or a weak provider implementation.</p></li></ul><h2 id="h-passkeys-compared-to-other-security-approaches" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Passkeys compared to other security approaches</h2><p>Against classic phishing it is a huge win. Passkeys are origin-bound / verifier-bound, so a fake site cannot simply collect and replay the credential the way it can with passwords, SMS codes, or TOTP codes.</p><p>Against social engineering overall: meaningful, but not complete. Attackers lose the easiest playbook and pivot to recovery, support, device enrollment, and session theft.</p><p>For a quick comparison:</p><ul><li><p>SMS OTP: phishable, interceptable, SIM-swap risk, easy relay. NIST says manual OTP entry is not phishing-resistant.</p></li><li><p>Authenticator app TOTP: better than SMS because no telco/SIM dependency, but still phishable because the user can type the code into a fake site.</p></li></ul><h2 id="h-bottomline" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Bottomline</h2><p>I have nothing to tell against passkeys. They improve security (tho not making it perfect but we do not expect it we are not naive). The only thing I have to say is just let’s be mindful about potential passkeys weaknesses. Feel free to reach out lisaakselrod@gmail.com</p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <category>passkeys</category>
            <category>security</category>
            <category>phishing</category>
            <enclosure url="https://storage.googleapis.com/papyrus_images/168de924977bbaf53d3ef6d0e3d47336e187196904a1d24afdec8ae6fe869994.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[What is formal verification and why it is a fit for agentic era]]></title>
            <link>https://paragraph.com/@lisaakselrod/what-is-formal-verification-and-why-it-is-a-fit-for-agentic-era</link>
            <guid>tJkwvVPOdT1hjS5IrJSn</guid>
            <pubDate>Sun, 03 May 2026 18:11:40 GMT</pubDate>
            <description><![CDATA[Formal verification is using math to prove that a system cannot break certain rules. In other words, to formally verify a system means to mathematically prove that it behaves as expected and cannot do certain things we do not want it to do. Today, formal verification is most often used in places where failure is very expensive or dangerous, such as hardware and semiconductor verification, cryptography and security-critical infrastructure, and high-assurance systems like aerospace and kernels....]]></description>
            <content:encoded><![CDATA[<p>Formal verification is using math to prove that a system cannot break certain rules. In other words, to formally verify a system means to mathematically prove that it behaves as expected and cannot do certain things we do not want it to do. Today, formal verification is most often used in places where failure is very expensive or dangerous, such as hardware and semiconductor verification, cryptography and security-critical infrastructure, and high-assurance systems like aerospace and kernels.</p><p>In this post, I explain how formal verification works and use the example of an authorization system to show how it can raise security guarantees.</p><h2 id="h-introduction-to-formal-verification" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Introduction to formal verification</h2><p>Formal verification turns a system into a mathematical model and then proves statements about this model. The kind of math usually involves logic, set theory, graph and state-machine reasoning, algebra and symbolic reasoning, theorem proving, constraint solving, SAT, and SMT solving.&nbsp;</p><p>Let’s use a simple agent authorization system as an example.</p><h3 id="h-step-1-define-the-system-and-its-current-state" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Step 1: Define the system and its current state</h3><p>We have a system. The system has a state. The system state includes:&nbsp;</p><ul><li><p>The agent and its permissions</p></li><li><p>The database and its operations: read, write, delete</p></li><li><p>The policy which says that delete is forbidden</p></li></ul><p>Our toy system is: We have an agent called SupportAgent. It works with a database called CustomerDB. The database supports three operations: read, write, and delete. The policy says that SupportAgent is allowed to read and write, but it is never allowed to delete.</p><h3 id="h-step-2-define-how-the-system-can-change" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Step 2: Define how the system can change</h3><p>A state transition happens whenever the agent requests an operation and the system evaluates it. If SupportAgent requests read on CustomerDB, and the policy allows it, the system moves into a new state where the read has happened. If SupportAgent requests delete on CustomerDB, the system should move into a new state where the request is denied and the database remains unchanged.</p><h3 id="h-step-3-define-the-property-we-want-to-guarantee" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Step 3: Define the property we want to guarantee</h3><p>Now we define the property we care about. In our example, the property is: SupportAgent must never be able to delete CustomerDB. That is the security guarantee we want from the system.</p><h3 id="h-step-4-check-whether-forbidden-state-we-described-in-step-3-is-ever-reachable-in-this-system" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Step 4: Check whether forbidden state we described in Step 3 is ever reachable in this system</h3><p>This is the point where formal verification starts.&nbsp;</p><p>We ask: is there any possible sequence of valid state transitions that could lead to a forbidden state? In this case, the forbidden state is a state in which SupportAgent has successfully deleted CustomerDB.</p><p>This check is performed by Solver, which either finds a sequence of valid steps that leads to the forbidden state, or if it cannot find any such path, then the property is proven within the model.</p><h3 id="h-how-solver-works" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">How solver works</h3><p>For our toy example, solver engages logic, set theory, state-machine reasoning, graph reasoning, and symbolic reasoning.</p><p><strong>Set theory</strong></p><p>Set theory is used to define the objects in the system and how they relate.&nbsp;</p><p>In our example:</p><ul><li><p>Agents = {SupportAgent}</p></li><li><p>Resources = {CustomerDB}</p></li><li><p>Operations = {read, write, delete}</p></li><li><p>AllowedOperations (SupportAgent, CustomerDB) = {read, write}</p></li><li><p>delete is not in AllowedOperations(SupportAgent, CustomerDB)</p></li></ul><p><strong>State-machine reasoning&nbsp;</strong></p><p>A state is a snapshot of the system at one moment.</p><p>So state-machine reasoning is the part that says:</p><ul><li><p>what a state is</p></li><li><p>what the next possible states are</p></li><li><p>which transitions are legal</p></li></ul><p>For example, the state might be:</p><ul><li><p>agent = SupportAgent</p></li><li><p>target = CustomerDB</p></li><li><p>request = none</p></li><li><p>database deleted = false</p></li></ul><p>Possible moves are:</p><ul><li><p>from “no request” to “read requested”</p></li><li><p>from “read requested” to “read succeeded”</p></li><li><p>from “delete requested” to “delete denied”</p></li></ul><p><strong>Graph reasoning</strong></p><p>Once we have states and transitions, we can view the whole system as a graph.</p><p>In that graph: each node is a state and each edge is a valid transition.&nbsp;</p><p>Graph representation of states and state transitions allows checking for reachability of undesired states. Is the bad node reachable from the initial node? If the answer is yes, there is a path to failure.</p><p><strong>Symbolic reasoning</strong></p><p>Symbolic reasoning is what allows the solver to reason over many possible executions at once, through variables and constraints, rather than enumerating each case. It helps to reason about all agents in the system or all delete actions in the system at once.&nbsp;&nbsp;</p><p>We declare:</p><p>a = any agent</p><p>d = any database</p><p>op = any operation</p><p>s = any state</p><p>Then a symbolic formula for the policy is: For every agent a and every database d, if delete is not allowed for a on d, then a can never successfully delete d.</p><p>Written more formally:</p><p>for all a, d, s:<br>if Reachable(s)<br>and NotAllowed(a, delete, d)<br>then not Success(s, a, delete, d)</p><p><strong>Logic</strong></p><p>Solver turns the system and the policy into a set of logical statements:</p><ol><li><p>For every state s and next state s':<br>if Request(s, SupportAgent, Read, CustomerDB)<br>and Allowed(SupportAgent, Read, CustomerDB)<br>then Success(s', SupportAgent, Read, CustomerDB)</p></li><li><p>For every state s and next state s':<br>if Request(s, SupportAgent, Write, CustomerDB)<br>and Allowed(SupportAgent, Write, CustomerDB)<br>then Success(s', SupportAgent, Write, CustomerDB)</p></li><li><p>For every state s and next state s':<br>if Request(s, SupportAgent, Delete, CustomerDB)<br>and Not Allowed(SupportAgent, Delete, CustomerDB)<br>then Denied(s', SupportAgent, Delete, CustomerDB)<br>and Unchanged(s', CustomerDB)</p></li></ol><p>The outcome we want to prevent (agent deleting) is stated as following: Success(s, SupportAgent, Delete, CustomerDB).</p><p><strong>Constraint solving</strong></p><p>Once the system and the policy have been written as logical statements, the solver takes the bad outcome we want to prevent and tries to make it true together with all the other rules using constraint solving.</p><p><strong>Variables:</strong></p><p>RequestRead, RequestWrite, RequestDelete</p><p>AllowRead, AllowWrite, AllowDelete</p><p>SuccessRead, SuccessWrite, SuccessDelete</p><p>DeniedDelete</p><p>DatabaseDelete</p><p><strong>Constraints:</strong></p><p>AllowRead = true</p><p>AllowWrite = true</p><p>AllowDelete = false</p><p>exactly one of RequestRead, RequestWrite, RequestDelete is true</p><p>SuccessRead if and only if RequestRead and AllowRead</p><p>SuccessWrite if and only if RequestWrite and AllowWrite</p><p>SuccessDelete if and only if RequestDelete and AllowDelete</p><p>DeniedDelete if and only if RequestDelete and not AllowDelete</p><p>DatabaseDeleted if and only if SuccessDelete</p><p><strong>Forbidden outcome:</strong></p><p>DatabaseDeleted = true</p><p>A solver keeps propagating consequences like this:</p><ul><li><p>if DatabaseDeleted is true, then SuccessDelete must be true</p></li><li><p>if SuccessDelete is true, then RequestDelete and AllowDelete must be true</p></li><li><p>but AllowDelete is already fixed to false</p></li><li><p>contradiction reached</p></li></ul><p>This process is called constraint propagation. The solver keeps deriving consequences from the rules until one of two things happens: it finds a contradiction or it finds a full assignment that satisfies everything.</p><p><strong>Theorem proving</strong></p><p>As a theorem, the undesired property is: in every reachable state, SupportAgent has not deleted CustomerDB.&nbsp;</p><p>Then it proves it in two steps:&nbsp;</p><ol><li><p>Base case: Is it true for the initial state?</p></li><li><p>Induction: Assume the property is true in some state s. Then prove it is still true after any allowed transition from s to s'.</p></li></ol><p>So it checks all possible transition types:</p><ul><li><p>if SupportAgent requests read, the database is still not deleted</p></li><li><p>if SupportAgent requests write, the database is still not deleted</p></li><li><p>if SupportAgent requests delete, the policy denies it, so the database is still not deleted</p></li></ul><p>If all transitions preserve the property, then the theorem prover concludes: the property holds in all reachable states</p><p><strong>As you could see above, formal verification is a combination of various mathematical tools to reason about the whole system all at once and not particular cases.</strong> We have listed just some of them, in real systems, solvers use even more tools.</p><h2 id="h-using-formal-verification-to-secure-agentic-authorization-systems" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Using formal verification to secure agentic authorization systems</h2><p>When we turn a company environment and its policy into a mathematical model, we can reason about the properties we want to hold. When we think about getting from point A to point B in an existing system, there can be multiple ways to get there. Some of them are more obvious, such as calling the endpoint directly, while others are less obvious and may consist of several steps.</p><p>Automated reasoning applies logic and mathematical inference to determine all possible access paths allowed by a policy, not just the obvious ones. Instead of asking only whether an agent can directly perform a forbidden action from the current state, the system asks whether there exists any reachable state in which that action becomes possible.</p><p>This is especially important for agentic systems because of the nature of agents as actors. They are not humans acting in good faith, and they are not hackers acting with malicious intent. Most of the time, they are doing legitimate things, but sometimes a chain of legitimate actions can still produce a harmful outcome. Unlike humans, they act non-deterministically, operate at machine speed, and are constantly looking for broader context and more ways to complete a task. If there is a path in the system to a forbidden outcome, the probability that a human will discover it by accident is almost zero, while an agent will eventually discover it.</p><p>Formal verification also meaningfully reduces false positives because it derives from the actual policy logic and all possible access paths, rather than predicting risk from heuristics. This matters because heuristic systems are more likely to overfire with agents, since there are many more actions and combinations of actions that may look suspicious on the surface.</p><p>_______________________________________________________________________</p><p>Acknowledgment: I learned a lot from studying Amazon’s work on formal verification in authorization systems, and from many thoughtful discussions that helped sharpen my understanding.</p><p>Thank you for reading. You are welcome to reach out with questions, ideas, and suggestions: <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="mailto:lisaakselrod@gmail.com">lisaakselrod@gmail.com</a></p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <category>formalverification</category>
            <category>authorization</category>
            <category>agents</category>
            <enclosure url="https://storage.googleapis.com/papyrus_images/ac69f2d598f2fdb14c58b210944e1fdbddb36bc326dd2ad1cbda0bf2ba6dace5.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[AI Is Not a Technology. It’s a Natural Force.]]></title>
            <link>https://paragraph.com/@lisaakselrod/ai-is-not-a-technology-its-a-natural-force</link>
            <guid>gLxGz690IR1u97mTseTD</guid>
            <pubDate>Wed, 01 Apr 2026 07:26:44 GMT</pubDate>
            <description><![CDATA[We think about AI as a new technology, while it’s more like a natural phenomenon. It should be treated as an ocean rather than the internet or even electricity. Before AI, even the brightest people’s inventions were deterministic. Either electricity or the internet, from the very beginning people working with it had a good understanding of how it works and what to expect. AI is actually the opposite: the more we work on it – the less we understand how it works. One can say it is similar to th...]]></description>
            <content:encoded><![CDATA[<p>We think about AI as a new technology, while it’s more like a natural phenomenon. It should be treated as an ocean rather than the internet or even electricity.</p><p>Before AI, even the brightest people’s inventions were deterministic. Either electricity or the internet, from the very beginning people working with it had a good understanding of how it works and what to expect.</p><p><strong>AI is actually the opposite: the more we work on it – the less we understand how it works.</strong></p><p>One can say it is similar to the ocean – huge power, containing a ton of beautiful and inspiring elements while being dangerous and having a number of ways to hurt people. On its own, the ocean doesn’t have any good or bad intentions, it just exists. Its impact on us humans depends mostly on how we interact with it.</p><p>We can try to control it or fight it – however its power is larger than any human control capabilities. We can pray to it and beg to be kind (which some religions are still preserving till today) – but the efficiency of this method is a bit doubtful.&nbsp;</p><p>We can study it, try to understand, and collaborate with it – using its power for our own good. How people build water stations to produce electricity and surfers take 20m waves to slide down, we can collaborate with AI to advance science, technology, life quality, arts, and whatever humanity cares about today.&nbsp;</p><p>It can also be used to damage people and the planet. Like the internet today – it is one of the greatest inventions of humanity but among all the good things it brought to us, it also brought a lot of bad things. And there is no escape from it. We better be sober and realistic and call a spade a spade from the very beginning.&nbsp;</p><h3 id="h-surfer-survival-kit-for-ai" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Surfer survival kit for AI</h3><p>In surfing, safety is knowing what can go wrong and what to do in every case. You want to know the landscape of the ocean floor whether it is sand or reef and what is the depth. This defines how you will fall. This doesn’t mean you won’t fall, this doesn’t mean you won’t hurt, but it means that when you fall you maximize your chance to hurt as little as possible.&nbsp;</p><p>In surfing, you try not to find yourself under the waves breaking onto your head. But from time to time it happens. So you teach yourself to pay as little energy and struggle for each wipe out, and to be attentive and thoughtful to get there as rarely as possible.&nbsp;</p><p>You know there is no 100% guarantee but you want to be prepared. Everything that can go wrong will go wrong. It is fair for surfing, it is the same for AI.</p><p>AI is one of the most exciting and empowering technologies humanity has ever had. We can’t imagine today how far it will get us. But we should think today about using it thoughtfully and understanding what risks we are taking at every moment.&nbsp;</p><p>The larger is the potential gain the higher is the risk people will be willing to take. Think of two people experiencing a medical issue. One has a lethal issue. They are suggested to take a surgery that has a low but not negligible chance of success, while having high probability of lethal outcome. The optimal strategy will be to take the risk because the potential gain is worth it.&nbsp;</p><p>Another person has an issue which is not lethal. Even though it still bothers them. They are suggested to take a surgery that has a small but not negligible probability of lethal outcome while having high probability of full recovery and curing the issue. The optimal strategy will be not to take the surgery because the risk of lethal outcome overweights.&nbsp;</p><p>However the truth is that the optimal strategy varies from person to person. The same is fair with AI: different people will be willing to take different risks.&nbsp;</p><p>One company might fully optimize for speed, so they are willing to take a risk of 4h downtime to gain faster development speed. Another company might optimize for security and control over the code. So they will optimize for being battletested and aware.&nbsp;</p><p>A research institution might optimize for accelerating the experiment in case of emergency (e.g. COVID) while optimizing for precision of following the process in all other cases.</p><p>One founder might optimize for outreach wideness so they will be willing to take the risk of sending stupid messages from their account, addressing a person in a wrong way, or sounding completely unrelated (e.g. the one sending $10 SaaS). Another founder might optimize for the quality of relationships, so they prefer double-checked personalization (e.g. the one sending cyber defense products to governments).&nbsp;</p><p>But the really interesting thing is that it’s the same person who is a risk-taker in one situation today will be completely risk-averse in another situation tomorrow, and will be somewhere in the mid-risk preference on a third aspect the night between today and tomorrow.</p><p>The question sounds like this: how we can get as much value out of collaboration with AI as possible while feeling as little pain as possible when AI fails. The task is not trivial at all.&nbsp;</p><p>We want it to stay powerful while compartmenting potential damage. A form factor that really works is still to be found. But I have a personal guess.. The answer will be cryptography.</p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <category>agi</category>
            <enclosure url="https://storage.googleapis.com/papyrus_images/eaa5217d7f1ed071b0a04055ccd8f719c95d862bab30daa4f0c88ea7872df4ea.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[I do not make art. I live art. Never stop exploring ]]></title>
            <link>https://paragraph.com/@lisaakselrod/i-do-not-make-art-i-live-art-never-stop-exploring</link>
            <guid>k52ibDmJmRE0qDwGjGfb</guid>
            <pubDate>Sat, 14 Mar 2026 11:22:59 GMT</pubDate>
            <description><![CDATA[It was always confusing for me when people say “create art” or “make art”. I studied theater direction. I can’t exactly tell you why. Frankly speaking I was spread among different mediums from a very early age. I wrote my first poem at the age of 5. I asked my mom to take me to dance classes when I was six. I made my first picture when I was 5. And I mean a serious picture: I was in the studio, I had an easel, and when I finished I had this feeling that this is a piece of art I made. I rememb...]]></description>
            <content:encoded><![CDATA[<p>It was always confusing for me when people say “create art” or “make art”.&nbsp;</p><p>I studied theater direction. I can’t exactly tell you why. Frankly speaking I was spread among different mediums from a very early age. I wrote my first poem at the age of 5. I asked my mom to take me to dance classes when I was six. I made my first picture when I was 5. And I mean a serious picture: I was in the studio, I had an easel, and when I finished I had this feeling that this is a piece of art I made. I remember that moment very clearly.&nbsp;</p><p>And it wasn’t the case that my parents pushed me towards any artistic expression. It just felt natural. It was my way of existence and getting to know the world. It was just like.. What happens if I take this medium and try to use it as an extension of myself?&nbsp;</p><p>Then things got messed up. My mom had this approach of either you are number one immediately or you do not do it at all. So it was like.. Either your picture is at the central spot at the first exhibition or I do not take you to any classes at all. Either you dance in the middle of the first row or you do not go to the class again. And it was the same story again and again for many, many different mediums. I was going for an infinite amount of afterschool activities because I was just curious.. What happens if I take this medium and try to use it as an extension of myself?&nbsp;</p><p>I did several years of drawing, six or seven years of theater, several years of literature declamation, several years of making pictures, seven or eight years of dancing, all possible and impossible styles from ballet to pole dance and hip hop, many many years of writing, poetry, prose, several books, theater plays, several years of modeling, once I even made a jewelry collection.&nbsp;</p><p>But at some point the pressure of either being the best or quitting became too much and I lost that curiosity of “What happens if…” and just was doing it because it was on my schedule. And whatever I was doing from that state, I always felt like a visitor. Occasionally I quitted. I went to study mathematics and started exploring normal professions, got interested in tech, and made my first internship in Venture Capital. Things were fine. But also when I distanced from that pressure of either being the best or quitting at some point I started feeling that curiosity again.&nbsp;</p><p>And one day I was like.. Okay I wrote this text. It’s not the best text in the world. It didn’t win the competition. But this text transfers something about the world. So what happens if I read it out loud? What happens if I read it out loud in the forest? What happens if I ask another person to read it? And a chain of those what if one day just brought me to directing a performance based on my own lyrics. While working in Venture Capital day times and rehearsing the performance at nights and on weekends. It wasn’t the best performance. It wasn’t the Venice Teatro Biennale level performance, but there was something in it that people connected with.&nbsp;</p><p>And it just felt interesting. It felt like a way to talk to the world, to existence, to research, to explore. So occasionally I got into Masters in Theater Direction (in the beginning of COVID which was the worst time for it). It was a program with a lot of freedom for exploration. So I pretty much just continued exploring in my own way but now with more opportunities and a great platform.&nbsp;</p><p>I made around 14 performances overall. And I started feeling that the whole idea of the stage does not resonate with me. Even with all modern approaches of breaking the fourth wall, side-specific, and what not – the stage is not a physical place, the stage is in our mind. So I started to softly deviate towards other mediums again, thinking a lot about working with light and polaroid photography.&nbsp;</p><p>And then… the 7th of October happened. And I lost the navigation through the world. And my sentiment for the first year and a half was that in a world like this there is no place for art. I strongly focused on cryptography during this time because it felt like something very useful. Cryptography is a lock that can prevent things from happening.&nbsp;</p><p>But this “What happens if…” was still there. And I actually was exactly where I stopped. Because you can’t get off the train if you are the train.</p><p>Last June another medium entered my world – shibari. Which is pretty much tying people. Which most people on the Earth have never heard of. And out of those who have heard, most of them will put it into the kink basket. But there is a huge artistic side of shibari.&nbsp;<br></p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/cc2b3498fe3b9ef2594fe7f92ab1459347e049e16727bb080dab692b01a2b587.webp" blurdataurl="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAB4AAAAgCAIAAACKIl8oAAAACXBIWXMAAAPoAAAD6AG1e1JrAAAJV0lEQVR4nFWWSYylVRXHH3TR9ep733Cn707fPA9vHqveVF1D19wD0HTTTN0oyqDNFAREEoKIiQyBqDEaSXTRuiURTIyJuiCyUKPGyEZxStygKzfGZZkHC/Hm5i5/+Z//OfecU1lZrmqKZig1iWUMsW0Y3ACuaVFN5xBzAxBdp4AQA/a83CakVtOgoohaTeigWq1auo40XTe4pgGpadqKoijq0tLSiRMnKnhFsRC1dD1moSRsj9vDsIwhtZlVeHlCeE5FTlnLz7vMTgld5ZaFSItIFyBiwJIwbgDfaoYQWkQSLGs1TVGUpaWlSnVZY1BKA7oAZCLLmLiv0XNNHhDWcMLIlC0/H0XNJrV8006xbCI6s9wBZa5uxBAlhNfdvoQ4pwICBDQAdWTUVFpbqQBo25iFBkqxXBPxRuPUepCfsdyImIO4uZm0m3bcoaLH3ASxhFo7mIUQrnOZUGvEZOD052E7QyaBxACsVtOkYS6cUGoVbIbMICkALZNPTL6TrXaofV+UbSeNZtKOMOtQ+6O3h3AOzAmRHYhiiJlunI3rkded8gWB8sTGzEPSBLRAVF0+WeGmb5n2kNkjjPuE7uSDlDgHfn45adT9Rt2kEMCEu4Wd5gjPuLsKzQiALmIDIkqnM3HTW22njkQuc6YbPqKaBlKAdaVWQZC6LBlQNmeiJ8L1cjzPBvNktEXpRljMuN3F5LZG/p1z+5cyp2uKfcrnlO1Lr+U1mCw4okd+OqAsl7mNcEYdG7O6yaCqVRDka0GvYO46ph0q9uLiMMwiUxZ2up90N4VoE3ZYH728sfvgqVPz3uaGX28w/okgHSZrPeKuQ7Ip3H1pJyyGOqqbrIloAxKhGRUbU+Z0GS82iNgU7nbWP+9GgjDbMEZeumvZl5LgF088cPz3t9954bnjN795ftDdl17PbWTBIAVI6FpGnUu2tyuCHsKOpp4Vsm4yRVErUNVKpxlRPxaF49TnYfuCHY6tJCB8q32UcPf6Xbv/+eoTx+//8N9vXn/r5Tc+f/H+LyVZN+wHzM+QqShKYHq5zK/GZYzwVHqS0D6hVNMrmgZshBtBn0Ayb+2FEFJMz6QTO556EO6GzdOto3cfv3j89x9/8Oqz7z734vN33Ncn1M82xiZJsFkCvJ7vFIhuC3Gvm561gm3pZVwWmFeIhhhd1Oy0vlW4pSeLojy4ZLmUWhAYVx1py+Jbq71/vvbY+688/KvXnvn2Zz43inqJUzQx1nXd9fqxN/QNECN8YIUdKixsdayQ6UaFQRZh7kDWKrd8RKkoELImJn+pKG5x5ENBdHawf/y3d/71lWdev/Toj7/30xceeX5cbKWLqM2JydvJXOha7pYJdW6N6kw3pn6eEieBtMLIwikfL1Q70dSApgHNK3GxG3ZKt9xm7gv91vHPvnv821/+4cWXjv/yxw9+dN2Px8DQCQLTzXs65WQDU6EDYsBzUd2n3oETPxRnNqYVpOkls1t+ez68xYAIYVaH6M4gB4gCoANdPcLm75575viXP1rcv773g2cfpNRKs9FwdDMm3A26WT4tABpj+nTeaBPWEtG5qG4bcIEOAWmIZLe91QbmnImnoxCbdrVa1TVFVapYW7l+85nj3//k+B+/vX7t7tAromTmum0IDGDoiqIgLPq98xkyr8QNypNYZiMmfQNVjJrKiN1FtO63psxpIrrvN6vV6vLy8sryyerJm6Ba/eJa//idt9+4/9qn17qdcsJlU9dVYOiaVlM+PAjSdv/ck2nuYJmysMFdVdUrCFm2LIBaywhPo+GOFQgil5aWlm664eTSjSeXbqRa7Yle9/jt7z+9O561ZqkTWTIB/49WFGVmhz0vb1I3oQ6HuKaCiqGsSH9oGLBNeLtzbpNJXqstxsTSDSeWFnSoVp/Minefe/w3X3t1kM2308gmYIHW1Y+jH07io96ZMcIDIgaULYpveXkZ0rATDvNkuto9KBAdI7y8vHzyQ/qNJ25YuumG293oT0898OvXnz/bXz1qZfqH0I+jNy17xGSRbwoetwkXhCFVrQDE28mkTTg2bcbs89M7Hk7SarX6kdEnl26snrxpHdP3Xv3yWw/eu1nWc0Fq6kqt9j90CMG9/ZkBWCffUhQlI3wuQqgoFQFpGQwz6jSy+dSJJICXV883/YaqVFWlqtVWdE0ZY/qnRx/62VNPUmp9JHOhGui6rtqG8Y3VSbe5VSanAEBU0/e43SZ80Z4cFgbhMBPRaTvXdENRlA1MU6+x29oZmRToqq4pUyH+/PVXf/704wjyarVaU1d0XYXAuMWR10a7ZTo5lFbE3VzmTcQ2nWjKQ6IZFWKggCaeyUsiILGRqvZ0WK1WCUSXZrd9YX7r5cbwwSh9+eDoJ1cu9mXURHSPy3ui+JXVU5N85PldVVUVRbm3HLdEVGKSYtkw5cJrpAKOOKd2CbAJEASmqa4E+uIfFlHTxzj3sk9tX93v7G4kg7FpX0uKhDqEiIklETFtJ+OGjlR1mK8niHnEiaifA3PRVKUKErvpQVp8uNkoikJ0/cDP51k3ZbbQNQsaV+LG3UmD12pKzZgzgTDTtNq+l3CMQ2EBXZdBGwLzUEqCbYxEQnig6xUbytQrXe7txc1BvuYKfxY1TQjaJsm9sG7SOkQHQdrJJwPKTjH7NseTIrCozJi4O6uPilE3bDNZMIA2hFUy2zMDB5MU4IqyAgov2ap3WiJImd0J0rZkuaCzwJ61W/t5mUbpWlS/tXN6krQ3g+Zn8856Wt9Pi35WXChbn6wX+1FUePkpJtekK5mz6yQJpIs0DpprAz843e9n3B1y2fX9ThjshE4nz3dXZ1f6o3Gzu98Z7jSnj7XHR+XgYl5sNrKz9eKxyd7Zbu8wjQ/r3Ulgb0XpVpSObb9rp11T6DqupEn9zu3924/O7GT5iMkOx4Mkz9P4MI23urPbh92bO6tn0tFhsX61Pr6UD29rdR4ZzvZao8uDwV2NVqdsNNxgGgR7SXY1bxzGxbYf7UY5N1DFNchBu3fm9MGZ0WyS5xvCGiTl6dZoWOZlks66G0fN4YW0vBanl734zqxz0N/YaXbuGI3W42Q7Dg6SYNAZT7P8Qlpuxuks8FzX3wiinIqKp2lCB65wIjtq2HHD9Qe2KGI/zUZx0Q/dtO54c8uKiN3HPDHDxe4q/JmUNoERJZKilnD7TtJg3MEwp8yEIEZIVfX/ArKix5reGmddAAAAAElFTkSuQmCC" nextheight="1024" nextwidth="976" class="image-node embed"><figcaption htmlattributes="[object Object]" class="">Garth Knight<br></figcaption></figure><br><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/ce10a9ddb25219b92cfe3f87d61f8763e22d507cde3b39eed7a1446e7abeb687.jpg" blurdataurl="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAVCAIAAACor3u9AAAACXBIWXMAAAsTAAALEwEAmpwYAAAHmklEQVR4nCVTeVDT+RX/9g/b7azdnd1OLTrrucVdurrqLqyrAlpcblDCJVcgLIdADkwQCFdIAiQEAjEQziA/QoBAJCTGEAkh4SYhMZhIDA5BEKqya7faTqedTqft64TOfObNm/dm3nw+n/ceutQDN8bA+5blMt16scSefXsIx3WlT0GqFpIfQuokpOoheQZuLEKaGVLMgLcB3gq4GQjVQvgeQtUQpgGcHhLUQBbvtHepC0hVxIZpvBxiGNModBCyJiC87V20YDeQufFdPOvbMlPWInhggnwbFFghxwx5Vk+ebYfcVSC6gGCDhHnAGT3xmgFwBkg2QaYOqm/VxiaWpMYTKvqf4eQQJ/wTipQDXgtBTT9dos36Uhd8Lt++jr2lOD0TC+xAdgBlD8RVINuB5oBbDqCswi0nkJ3w/YqnnueAvL2YYYJEli5E9CpZ55EVIYcQDFCMBpINcLLQ4l9mCm77S0iuBD/2b6LDw5fkAPIe31ILVBj+Q3ZCkRuK16BiDRhrwFiHqufAegHMbWDtQLUbiA5ItEKSGYIfQtw0JM9DuAJQ2jzctEFk62ZkjS2h/Y8ZnBmaFcrdQHVCkQtoa0CwgrhWqSGWy8vEonvr7L0uYxtqXwBvC+o2ocYNlWtAc0LlBpSuQ7YNcmxQsQF0N6RMAYo3Qto04HhOnGgnlWclMB/83+4Mk8cZ8nMorjSak0oes4XGPLqOVv2ALZKIJ0WqDZ4V6raB+wrqXwB3C7jbULsD3F2gOD0q6W4grULqPKAolccsf8E73CBcq3mUUKMnPttbgBWIa0AdfE0JKe8MTB4OSpmn1cxW8Y1V/EkW/yG7SVHTKuvQdEzsNDmgcQcafgD2DjDcHu7MbSA5Id3sOTYUpYAwDGIUcEUOCY2PYuqXCreAvgGlu1Cq/2stCWsKoybtPz+WWGCtaFyqalqsFU23YsbWvimRRMcR3K9vlfHu9mF6kXG3YQ3q3kDZJty0Q6oJ8GaIngYUJIXIUciZA7Yd6DJ3rvQ5eROKdqBkBbr5471s5QyhSnwq2k6qNN2uWyjmzN/m6Mt55j65qUuq6+zTt2ETnf1ytlDdo5D1aNpkJsE2cN96vKrd9mwRhQxD4jSU2+ENQKvanT/+jvYSch5BvdSxqH48eXeJE0hoPHBlk8w0ExmPagSLxXwnX/JkRL0iHpoT98/1Dc3K1MpWTNku1Q1pFe3yLrlJtA5NL6HuR6CtA4pseh6+4PmXzKEfS1oM5HnI3gLug61xhcll2Z0btlN8M5oPh+zQWJYilp1RP0Mpd3E7XNJRe/+IBRswD4+ZegcMkiG1SKzFRnWjBkwgbRGMCLp1zP5l1uLfUSwdiyt3RS2B7zQwmkYytf/Em2BOZ9E9WL7P7VZUihnnCbLoW8Y8uoNIXymuWMor1FyLN/GabWKJVSq1YJLlUaUB69dLh6ZkigWVXiXTSiXaIYm2sU5cz+9HBFLmeEZ3/t0tUYu9sVGRtgh0M7y0P5lQLs6xRV3BudVnY0djqE+4d20FZbZSpquGZ8gmmoUil3zENSp3qhS24UGLVLqsGlu6r5xTqnX3VDJs5L58vB+7J2xuQxUtlCnLa1GveRZHrsiv8uc8vqN99bfNdcODhYW2QeHZaN43iVMhWbusJlMR00IqsQtEcw3Ni81Cp1T6pKvTNYCtT2qeTU+sGTTOmfFnOoXLqJ4clWnkMtWwBOu8g3RKlX55q76xr5jVU8YRkHN5ujHtW8fC8phGzW0pOhowEJy6Usyxpxc8iicsZBaaanjm5tblJsGKqG21T+xUDbsfql4Y1eOSiY4RZ3AwiZxduKDGbEb5tEYyq+lAc0rlw3uG0qqGzs7eIn5eLvXKS6v2X0+1q8OYsaVd8O11VVSq1C+y7WyEppDvaGx50tbiEAvtmMjVwXPJ2p6q764pe3S1nAFO1xdhdIROI3Tq7NfRmqGOOS0mEvLRaKuwp7qZTOMLOcLSsgx+w43Xi1pwyt2DHBdWC/ra/+obx45cbAlM0S28gxejIGXCPAP+MQxveuGnXnjd/naiSkmhjRcT0f4LCH2J9vuj9wKu4fIYlQ0IBSHrQFZaaG7QyQByOlnW2clndz3WaJdlIv9Awq+PROJiSYv9bTq/q5ac0iUG9wdFOYgyNrhpOVnUjBs54L5TSSanJxVh9PqbqWVHDl44djT6k68o6HDM0S9vnLqUv8/rKhqixiR+VxAddLMwmTY7MHqvVTTeWutzJgmhi+h9f4QunjmR0PApvv1gxAnv6MRz1/9Myw3xiULoPNp3MS4sBSG/FP94RXkNj9Zdlcatpt3/yCfzZ4euoo8DkFfIbz+PR70Z1BMHYpEX7rh3nF8gNT2xhPR9Jfr5hV9++M2hT4Le//Dr214hT4/lML2TEDp8aN9XmZ8lHj8YEXg6zudw6LnfRfgdD5BkpsryKXxqc3uNKu1auc/v4w6fCP/NkbCPD17Zt98PWUqkmSjwFwfOex+7jH7lf8k3m8lUHjkRgdDn733gG3I2IeIMOfaLtMTP0o595H/OB48+zUW+7A98WcgLHxPFouGbuvNZRaFZ1PTmQeZg1h8I+KtZF87FnfSOPHM66pBXwP8AXY+X+4n0R8MAAAAASUVORK5CYII=" nextheight="1000" nextwidth="1500" class="image-node embed"><figcaption htmlattributes="[object Object]" class="">Hajime Kinoko</figcaption></figure><p>The pain of loss, being invisible, and too small to confront the world perception occasionally fades away. It is still with me. The 7th of October and how the world reacted to it – it is something that will never disappear. I am part of a generation that was raised with the confident claim that wars are in the past, it is a tool of the old world, and we live in a new world. And then in one minute, this very comfortable and comforting assumption collapsed which was heartbreaking and healing at the same time. Seeing the reality as it is always gives room to breath. Even if initially it is hard to breathe in even once.</p><p>But when the pain faded away a bit, I had more space again. I had more space for “What happens if…”&nbsp; and this is what inspired me to go deeper into shibari and explore it as a medium of existence. And this is a thin research and exploration process that I do not expect to ever end. I do not expect it to be fruitful. I do not expect it to win the contest. It’s just my way of existence. I do not make art. I live art. And I will never stop exploring..</p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <category>art</category>
            <enclosure url="https://storage.googleapis.com/papyrus_images/3a228796ffc0987bb33901a9c467bad063b7df7eefc39dee70a491a282904760.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[What went wrong with modern relationships? (spoiler: everything)]]></title>
            <link>https://paragraph.com/@lisaakselrod/what-went-wrong-with-modern-relationships-spoiler-everything</link>
            <guid>ScVTCdHZGNPUbmkidiyl</guid>
            <pubDate>Wed, 25 Feb 2026 08:05:20 GMT</pubDate>
            <description><![CDATA[The case I see among most of young people in 2026 – it is incredibly hard to find a reliable partner for long-term relationships. A lot of my friends, both male and female, incredibly funny, smart, and kind people, struggle with it for years. In this essay, I drop some thoughts on why it went this way and how we can fix it. The tectonic shift of internet era Last 20 years introduced us to a bunch of relationship types such as friends with benefits, one night stand, etc where you can get some bas]]></description>
            <content:encoded><![CDATA[<p>The case I see among most of young people in 2026 – it is incredibly hard to find a reliable partner for long-term relationships. A lot of my friends, both male and female, incredibly funny, smart, and kind people, struggle with it for years. In this essay, I drop some thoughts on why it went this way and how we can fix it.</p><p><strong>The tectonic shift of internet era</strong></p><p>Last 20 years introduced us to a bunch of relationship types such as friends with benefits, one night stand, etc where you can get some basic physical relationships and a tiny bit of emotional warmth without any heavy investment. All of them, became a legitimate type of relationships quite popular among young people.&nbsp;</p><p>The cultural shift made a one-time-fuck less acceptable while rebranding it into one-night-stand sounds more proper.&nbsp;</p><p><strong>Dating became a consumer product&nbsp;</strong></p><p>Before Internet, getting each one new partner had a very high cost. First, you need to even find them somewhere, then convince to do something with you at all. People had incentive to choose a partner they actually might like and being more thoughtful about people they choose. Apps turned dating in a completely consumeristic process. You have a shopping window – you always can choose a new one. Just through away the previous one (block them, ghost them, you choose), and choose a new one. Dating has never ever been that “cheap” before.&nbsp;</p><p><strong>Most people feel awkward to discuss expectations early</strong></p><p>Okay, we got dating as we got it. Apps then apps. What next? Most people do not express clearly what they are looking for, and most people feel too awkward to ask before meeting or at the first meeting “What are your intentions in dating overall?”. But even when asked, most people will answer vaguely “I am not sure, I am open to things” or something like that and sweep this convo under the table. Because they do not want to lose the lead before they used it.&nbsp;</p><p><strong>Personal opinion: half-formats of relationships are wrong (with some exceptions)</strong></p><p>Overall, people are not consumer goods. Using other people to feel better is a wrong thing to do, there are other ways to feel better (therapy, sports, close relationships with friends, adopting a dog, etc). Engaging someone in the friends-with-benefits format means “you are okay to hang out with you but not good enough to choose you”. Which affects people’s feeling of self-worth, ability to meet other people later, and therapy bill.&nbsp;</p><p>It seems quite simple: if you are not ready for the relationships – do not go into it. But it is so easy to hang out for couple of months and then ghost them – it is almost a one button delivery. When something comes for free – people will use it. So people use other people to fill in internal gaps and then through each other away the moment it becomes a little uncomfortable.&nbsp;</p><p><strong>Parents explain condoms but do not explain feelings</strong></p><p>The world is scared of feelings as fuck. Most people prefer not feeling anything. Most parents teach their kids not to feel anything. The trained behaviour is engaging into relationships that won’t make you feel anything without thinking about how it affects other people.&nbsp;</p><p>Overall, there is a positive dynamics. We somehow made it to the world where either parents or schools explain kids what condoms are and sometimes even what consent is. Tho a lot of work still TBD on consent. A lot of people think that if they asked the answer doesn’t matter. But almost no parents and no schools tell kids “use condoms and actually fuck people you want to be with and have feelings for and not random people around”.&nbsp;</p><p><strong>Feelings have a bad connotation in the world</strong></p><p>People are scared of feeling af. For me, telling people about my feelings broke two sweet friendships within the last three years. And those were not like wild feeling of “love to death”, those were “like you” feelings and a very non-binding ask out. People were scared as if I was asking to get their soul.&nbsp;</p><p><strong>It is fine not to want relationships now or at all</strong></p><p>We all have periods in life when we do not want relationships, have other priorities, are not ready for relationships, and it’s completely fine. Life is quite a challenge on its own and we have many things to deal with. But it doesn’t mean that during these periods we should fuck around with whoever is on our way. God won’t punish for it. Bad karma doesn’t exist. It’s just a wrong thing to do. It’s disrespectful to other human being. It might hurt people. And overall it doesn’t feel nice to anyone to be used for one’s moment needs.</p><p><strong>There are less binding types of relationships (but you won’t like it)</strong></p><p>In polyamorous relationships, one can be in relationships with two people. One as a core partner and another one as a secondary partner. Which defines how intense the relationship is. And for the secondary partner, maybe a lighter relationship is exactly what they need at current life stage. In my opinion, this is wayyy more healthy than friends-with-benefits or some vague unclear relationships with no expectations and no commitment. But most people’s ego will never allow them sharing their partner (even if one-time partner) with another person.&nbsp;</p><p>The bottom line: it’s everyone’s personal responsibility to protect themselves from being treated as a consumer product. The modern culture encourages it. It will continue. It is not a right thing to do. But we have what we have.&nbsp;</p><p><strong>So my 20 cents on how to survive in modern dating world:</strong></p><ul><li><p>Discussing expectations and intentions is completely fine.</p></li><li><p>Saying ‘no’ even if it annoys another side is fine.&nbsp;</p></li><li><p>Taking care of yourself and being kind to yourself is important.</p></li><li><p>Staying positive overall and respectful to everyone is a great basement, not only in dating, but in navigating the world overall.</p></li></ul><p>Feel free to share your dating stories: lisaakselrod@gmail.com</p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <category>relationships</category>
            <category>situationships</category>
            <category>fwb</category>
            <category>ons</category>
            <enclosure url="https://storage.googleapis.com/papyrus_images/67123673da77eabeaa4a0c2897f6b9d71e142a3b47c9b94ee3eb754fed91919e.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[Your AI Doesn't Hate You, It Just Doesn't Care]]></title>
            <link>https://paragraph.com/@lisaakselrod/your-ai-doesnt-hate-you-it-just-doesnt-care</link>
            <guid>JgZuTIEhxVTCPMi6Sawx</guid>
            <pubDate>Wed, 11 Feb 2026 20:42:24 GMT</pubDate>
            <description><![CDATA[Models are like humans and humans are deeply broken but the vast majority is still driven by conscience. Models do not have conscience. Models are like a 5-year-old child.]]></description>
            <content:encoded><![CDATA[<p>In several years, we will put time locks on using models as today we put time locks on using Instagram and Twitter. Our opinions, values, and behaviour will be shaped by models 24/7. We will give up and admit it’s actually good for us just like we say “oh, but target ads on Instagram help me discover things I like!”. That sounds better than admitting we’ve failed.&nbsp;</p><p>Scientific leadership aggressively leaving xAI, Anthropic, and OpenAI signals it's time to turn a fun nerd project into a money-printing machine. Highly technical people usually take it personally and tend to resign en masse.</p><p>The truth is: we are not controlling the models, we do not know what they are doing, why they are doing it, and we’ll never be able to control them. Full stop.&nbsp;</p><h2 id="h-models-do-not-have-conscience-we-are-doomed" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Models do not have conscience. We are doomed.</h2><p>Models are like humans and humans are deeply broken but the vast majority is still driven by conscience. Models do not have conscience.</p><p>Models are like a 5-year-old child. He overall does what you ask, but in his own way and sometimes he also does completely random things no one asked for. He takes mom's phone to play Super Mario, but occasionally snaps a photo or sends an emoji to her colleague.</p><p>The main issue with a 5-year-old is that you can hardly ever get an answer to "Why did you do that?" Because it wasn't a conscious decision. It's more like... life felt that way in the moment. Models behave the same. Under the hood, they multiplied a bunch of matrices and got that outcome.</p><h3 id="h-there-is-no-objective-reality" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">There is no objective reality&nbsp;</h3><p>I once sat in a café with a friend. The waitress brought her dish, and my friend said she'd ordered the artichoke salad, while the waitress insisted it was the mozzarella salad. Two sane adults, both 100% confident in their reality. But the order flipped somewhere between my friend's mind and the waitress's order book.</p><p>The same happens with models. Their worldview and ours can differ slightly in several points. But if one prompt hits several dissonance points at once, the outcome is completely different. It's not that the human made a mistake or that the model hallucinated. It's that the training data and the human's perspective describe different worlds.</p><h3 id="h-model-is-like-an-18-year-old-who-decided-to-be-an-artist" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Model is like an 18-year-old who decided to be an artist</h3><p>You know those families where parents invest in their kids from day one, telling them to become a doctor or lawyer? Good education, private tutors, right environments, private schools. Then one day the kid wakes up and becomes an artist or yoga teacher because that's what he really wants, following his heart.</p><p>The parents are shocked but can't pinpoint what went wrong. Probably a combination of factors: wrong friend, too much YouTube, consulted ChatGPT. Impossible to say, but dozens of small factors defined that decision.</p><p>Models work the same way. People train them with good intentions. But intentions don't define outcomes. Outcomes are inspired by intentions but shaped by reality. And what have the models experienced? God knows. Read the internet, talked to other models, we don't know.</p><h2 id="h-human-suicide" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Human suicide</h2><p>Now take this 18-year-old who decided to be an artist, acting like a 5-year-old whose reality diverges from his parents' in many small ways. Give him control of the family property, bank account, and old family relics with the prompt to "manage it optimally." He'll do what's optimal from his perspective. A year later, the parents have a heart attack because half the family wealth is in Bitcoin, the country house is now a TikTok content house, and grandma's antique candlesticks were sold for $5 because they took up space.</p><p>This is what happens when humans give their own permissions to models (if not root access). It's an absolutely suicidal move.</p><h2 id="h-it-wont-be-agi-declaring-war-on-humans-it-will-be-trivial" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">It won’t be AGI declaring war on humans, it will be trivial&nbsp;</h2><p>We predicted AGI would arrive and decide humans are excessive, that the world would be better without us. But my guess is it'll be ordinary models that reach this conclusion through a coincidence of factors. It won't be a thoughtful decision to rule the world, it'll be more like "felt right."</p><p>One day it orders five pizzas because it concluded that's the right thing to do. Another day it turns off traffic lights at night to optimize energy consumption. Then it shuts down your laptop at 8pm so you have time to rest. Then it takes a thousand drones from the warehouse and flies them into a Christmas market. No one told it to. It had nothing against humans. It just reasoned for a while and concluded this was the most optimal thing to do right now.</p><p>The open question: how can we protect ourselves? I mean... are we "doomed" or are we <em>doomed</em>? TBC...</p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <category>agi</category>
            <category>ai</category>
            <category>llms</category>
            <enclosure url="https://storage.googleapis.com/papyrus_images/2294208ea773024ca2054c4f6be23294d3dafe214856b296b85e5c1d9c78ca85.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[Why digital identity does not work and can we do anything at all]]></title>
            <link>https://paragraph.com/@lisaakselrod/why-digital-identity-does-not-work</link>
            <guid>4hBREhh5FaGDkIPn1nPc</guid>
            <pubDate>Tue, 16 Dec 2025 11:26:53 GMT</pubDate>
            <description><![CDATA[If five years ago digital identity was still a bit exotic, today it feels casual. However, existing solutions are hardly ever usable. In this article, I dissect the identity both vertically and horizontally and suggest a couple of options how it could work. ]]></description>
            <content:encoded><![CDATA[<h2 id="h-introduction" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Introduction</h2><p>If five years ago digital identity was still a bit exotic, today it feels casual. It feels like everyone is working on it so it is reasonable to assume that the existing solutions are resilient and robust. However, existing solutions are hardly ever usable and incredibly insecure (with maybe one exception that you won’t like). In this article, I dissect the identity both vertically and horizontally and suggest a couple of options how it could work.</p><h2 id="h-what-is-identity" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What is identity?</h2><p>Identity is a ‘pointer’ to a particular physical human body. Like we have an anonymous human body and we want to know who this is?&nbsp;</p><p>There are formal and informal identity recognition processes.&nbsp;</p><h3 id="h-formal-identification" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Formal identification</h3><p>A formal one is the government issued id. If someone wants to identify me, I give them the id card with name, picture, date of birth and some ‘proof’ of being an official gov issued id.&nbsp;</p><p>The formal identity (at least while we are speaking about id cards and passports) is usually hard to forge but forgable overall. For example, to forge a passport, one has to take an existing valid passport of a real human and change the picture there in a way that it is impossible to guess that the picture was changed. Another option is to get access to authentic materials that are usually used to create passports and replicate whatever should be replicated with authentic materials (paper, ink, stamps, dates, signatures, etc.)</p><p>This can’t be done in a diy manner at home and probably requires some semi-official engagement (you know, we live in a fun geopolitical landscape:)</p><h3 id="h-informal-identification" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Informal identification&nbsp;</h3><p>Informal identification relies on one’s knowledge of how this physical body is called. For example parents of a 20yo are usually quite sure that this is exactly that human body they gave birth to. Because they observe this body on a regular basis (every day?) so that it hardly ever can be swapped for another body (considering we can’t manufacture super similar bodies on demand, and I believe this is a realistic assumption still).&nbsp;</p><p>Even grandma and grandpa who probably observe the body once per week/two weeks can identify with almost 100% accuracy that this is still the same body.&nbsp;</p><p>However, from real world experience, we can see it often fails on identical twins. Which should not be the case because even though they look similar they behave quite differently.</p><p>The informal identification is observing the appearance and behaviour at a regular cadence and checking it vs all previous observations.&nbsp;</p><h2 id="h-digital-blended-identity-what-do-we-have" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Digital (blended) identity: what do we have&nbsp;</h2><p>It somehow happened that around 50 years ago someone invented the internet and then we (as humanity) somehow adopted it. Which brought us to the need to have a digital identity.&nbsp;</p><p>Previously identity related to ‘this physical body’ (you can touch), now it relates to ‘this physical body behind the screen’ (you can’t touch but you can ask it to perform different actions).</p><p>But the identity we actually need is a blended identity: where the same physical body sometimes wants to be identified in person and sometimes behind the screen.</p><p>The obvious (and logical) way of thinking about digital identity is this: how we can map a physical body into a unique digital identifier. And here things become interesting. From the first view, we have a lot of options.&nbsp;</p><ol><li><p>Option one – finger prints. I remember 15 years ago for the study visa in the UK they already were taking my fingerprints.&nbsp;</p></li><li><p>Option two – face recognition (including this turn face left turn face right do this do that exercise). Utilized today both by apple and google for payments.&nbsp;</p></li><li><p>Option three –&nbsp;iris scanning. Utilized by the border control in UAE.</p></li><li><p>Option four – voice recognition. Utilized by HSBC and Barclays as an official identification method.&nbsp;</p></li></ol><p>As well as more exotic options such as vein pattern under palm skin (Amazon experimented with it), blood vessel pattern at back of eye (US military), shape and size of hand such as finger length, palm width (employee access in some systems), walking pattern such as stride, posture, and movement (utilized by Chinese surveillance systems), Keystroke Dynamics (Typing rhythm (speed, pressure, pauses between keys) utilized by some banks during online sessions for fraud detection, etc.&nbsp;</p><h2 id="h-what-is-the-problem" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What is the problem</h2><p>The problem is that all of these methods work most of the time but not all of the time. And identity is very sensitive matter that should work all of the time or the share of failures should be negligible.&nbsp;</p><p>Not listing everything, but as an illustration:</p><ul><li><p>Face recognition classify identical twins as the same person (even in official systems like border control);</p></li><li><p>One can do a plastic surgery and change the face (Hezbollah terrorist leaders did that);</p></li><li><p>Fingerprints of some people can’t be scanned because of the skin type;</p></li><li><p>Voice recognition and face recognition have been cracked by AI already multiple times and it will be only worse from here;</p></li><li><p>Iris is changing every several years so you will need to rescan it all the time worldwide but then what if someone lost the eye?</p></li></ul><p>None of existing biometry-based identification approaches works on its own.</p><h2 id="h-solutions-ideas-and-hypothesis" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Solutions, ideas and hypothesis</h2><h3 id="h-option-one-biometry-mfa-multi-factor-authentication" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Option one: biometry MFA (Multi-Factor Authentication)</h3><p>Assume we combine all widely accessible methods: face recognition, fingerprint, voice recognition, iris recognition, vein analysis, walking pattern analysis, keystroke dynamics analysis. And then require 5/7. Which guarantees correct identification with high probability (requires more thoughtful analysis but I would assume that under a right approach it is possible to arrive to probability of error being negligible). But also accommodates possibilities of too thin finger skin, no access to iris scanners, etc.&nbsp;</p><p>If injecting randomness in a smart way, one can make forging the MFA biometry-based identification even more challenging. As the malicious actor won’t really know what to prepare for, will have to prepare for everything, and then will have tiny moments to give out the right falsifying mechanism. Which also makes the attack more expensive which raises economic security of the system.</p><p>However, going back to the ground, there are two main issues with this system:&nbsp;</p><ol><li><p>It takes more time. And we do identification quite often. So the UX friction will be quite substantial. While most people in the world are quite happy with the digital identity we currently have (till the moment their bank account is empty lol).</p></li><li><p>We do not have an existing infrastructure to make this possible. Or we partially have it. But, for example, we do not have high quality finger scanners in each smartphone, we do not have iris scanning infra throughout the world, we have serious issues with recognizing if the video is real or AI generated, etc.&nbsp;</p></li></ol><p>So this method doesn’t seem to work realistically. And doing MFA ⅔ won’t give is the security guarantees we want.&nbsp;</p><h3 id="h-option-two-biometry-identification-through-dna" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Option two: biometry identification through DNA</h3><p>99.9% of DNA doesn’t change through life. At the same time 100% of people have DNA. And it’s unique. So if we could authorize through DNA –&nbsp;that could work.&nbsp;</p><p>The issues are:</p><ul><li><p>Will require a joint database of all DNAs signed by all issuing authorities that want their citizens to have access to the authentication system.</p></li><li><p>Instant DNA recognition devices do not exist (not yet, might exist in the future).</p></li><li><p>Mapping from physical to digital: how do you guarantee that this is my own saliva I put for authentication and not my friend’s saliva? Maybe we could analyse tiny pieces of skin (after a fingerprint analysis) but also very nuanced.</p></li></ul><h2 id="h-option-three-social-consensus-humans-identifying-humans" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Option three: social consensus, humans identifying humans</h2><p>Might be a surprising option as we are talking about the ‘machine era’ but think again about parents identifying their kid with very high accuracy. What if we create an authentication mechanism where people who have known me for years need to agree (somehow blindly is better) that I am this one person. What if I tell you that someone has built a tiny prototype of this system? (which doesn’t make much sense till the moment it starts making a huge ton of sense iykyk).</p><p>The issues are:</p><ul><li><p>This type of authentication requires attesters to be online and available for attesting most of the time.&nbsp;</p></li><li><p>Collusions are possible but if capping the minimal time of knowing each other – might be way harder to collude.</p></li></ul><p>Hypothetically, if the vast majority of people were acting in a good faith and the authorities were interested in representing interests of that majority, we could just put together a huge social graph as a source of truth. However, this is utopia.&nbsp;</p><h2 id="h-how-to-design-an-identification-solution" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">How to design an identification solution&nbsp;</h2><p>So what we want is assigning a unique identifier to a human body that doesn’t change through life and can’t coincide with the unique identifier of another person and can’t be forged artificially.</p><p>OR some social consensus/robust behavioural analytics that will dynamically prove through the time that this physical body goes under this identifier (where identified is not mapped from the physical body itself but defined through the social consensus).</p><p>Both options seem to be robust enough so that it doesn’t make sense to combine them. However, weaker options of both of them are so much weaker that even combining them doesn’t provide desirable security guarantees.</p><h2 id="h-the-only-solution-that-seems-to-work" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">The only solution that seems to work</h2><p>There is an ongoing process led by Apple, Google, and multiple governments to create a robust digital identity (which is still work in progress). The main idea is to bind a physical body to devices they use. It goes under assumption that this conglomerate is aware of the device history of each particular human (which is probably true today).&nbsp;</p><p>When the human is binded to the device (and the device is binded to multiple KYCs), we assume that the conglomerate knows with high enough probability what is the official id of the device owner. From here, we have several options:</p><ol><li><p>Using a private key in the TEE (Trusted Execution Environment) i.e. no biometry at all. Comes with all problems of TEEs. Questionable possibility of rotation (possible but depends on randomness accessible etc).</p></li><li><p>Using Face recognition (e.g. GoogleID). Face recognition should be incredibly robust which I do not believe in long-term. However, because Google does not control the hardware, and hardware manufacturers (e.g. Android) often optimize for cheap offers – Google can’t force reliable TEE in each smartphone. So they have to invent other options.</p></li></ol><p>There was a pilot project, testing the approach of binding humans to devices: California residents can present their ID in Apple Wallet at participating TSA airport security checkpoints by simply tapping their iPhone or Apple Watch at the identity reader. Upon tapping their iPhone or Apple Watch, customers will see a prompt on their device displaying which specific information is being requested by the TSA. Only after authorizing with Face ID or Touch ID is the requested identity information released from their device. On the security of this: Face ID: 1 in 1,000,000 false match vs Touch ID: 1 in 50,000.&nbsp;</p><p>The obvious problems are:&nbsp;</p><ul><li><p>Whatever GoogleID and wallet use that is not TEE – long-term (even mid-term) is very questionable because of the deep fake quality evolution (that will never end).</p></li><li><p>Still some share of people on the earth without smartphones (around 40%) with the lowest penetration in Bangladesh, India, and Brazil. This doesn’t seem to be a real obstacle because one day it will change (when some digital corp will identify them as an opportunity for growth and will find the way to make smartphones available and desired in the region), and also they probably do not really need digital identity right now. Tho it does split the world for those with digital identity and without, which is long term is a bad trend but so is the world.</p></li></ul><p>Despite this, I have a very high confidence that whatever the real security of this approach is, it will become the internationally imposed standard in the west in less than five years. China, Russia, and (maybe) Iran will probably have / already have their own solutions for digital identities that will be somehow composable with the western (e.g. composable enough for the airports).&nbsp;</p><p>So whatever projects, products, and visions we are building that explicitly or implicitly touch on identity – I think it is a sober assumption that this will be the standard worldwide.</p><h2 id="h-human-vs-machine" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Human vs machine&nbsp;</h2><p>Considering how the world has evolved (slowly but consistently being populated by machines), there is also an urgency for robust and resilient machine identity. Which technically is quite a different problem to solve.&nbsp;</p><p>Computers do not have any biometry as well as unique behaviour that can be observed throughout the time. Most machines arrive identical except for their serial number.&nbsp;</p><p>So the obvious solutions are:</p><ul><li><p>Deriving identity from the unique serial number (but it is unique to this manufacturer, not in the worldwide sense of uniqueness).&nbsp;</p></li><li><p>Using a TEE pre-loaded private key as the identity (the same as AppleID and wallet suggest us). But industrial machines (that we want to have identities most of all) often do not have TEEs.</p></li></ul><p>The obvious terrible solution is just to use a key as an identifier and maybe rotate it from time to time. The issue with stealing the identity key in open access (not in TEE) is so high (based on the attacks we see) that even considering it as an option is quite insane (unless we do not need high security guarantees which can be actually the case for some contexts). However, all startups and products suggesting identities for machines today do exactly this.</p><p>There is no real unique identifier that can be mapped into an identity. So we are dropping this option.</p><p>But what about behavioural identification? What if each machine behaves in a unique way that can be observed through the time and can be confirmed that this is the same machine? We drop anything related to AI, because if something was trained on existing data it won’t provide us with the desirable level of uniqueness. Instead, we think about mathematical tools and ways to get randomness / entropy. For example, if we take what the computer ‘has seen’ (assume it has a camera) within the first five minutes of its life and then map it into the identifier, I would claim the level of uniqueness will be good enough.</p><p>This can be done only on the OS manufacturer level, and not as an add on solution. Because we want to bind this entropy collection and processing to a particular machine. But overall it seems to be an option.&nbsp;</p><p>Can we run an internal randomness algorithm? Depends on what algorithms are at our disposal. I do not have enough knowledge to make a sanity check for this option. So I will leave it open.</p><p>Thank you for reading. You are welcome to share your thoughts and argue with me here: <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="mailto:lisaakselrod@gmail.com"><strong>lisaakselrod@gmail.com</strong></a></p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <category>identity</category>
            <category>security</category>
            <enclosure url="https://storage.googleapis.com/papyrus_images/01010abce5bda88bcb749d14ef6ee23d67930bc02f92094c08ab96431688676e.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[How do I think about PMF for zero-knowledge proofs]]></title>
            <link>https://paragraph.com/@lisaakselrod/how-do-i-think-about-pmf-for-zero-knowledge-proofs</link>
            <guid>QMXeoz5e9yvweFyCFDKn</guid>
            <pubDate>Wed, 19 Nov 2025 16:05:09 GMT</pubDate>
            <description><![CDATA[Four steps to find the PMF and why do we have a lot of amazing zk-products that no one uses (spoiler: they stop at the second step). ]]></description>
            <content:encoded><![CDATA[<p>Looking for PMF for a technology is not canonically correct (according to YC and other Venture Capitalists). However, if we abstract from the YC mindset, this is exactly what has been happening with a lot of scientific inventions turning into DeepTech companies. So let’s do it!</p><p>I suggest a four layer approach that helps to think about where else (except for blockchain) we can find a PMF for zero-knowledge proofs.</p><h2 id="h-layer-1-what-do-we-actually-can-prove" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Layer 1: What do we actually can prove?&nbsp;</h2><p>This is non-trivial. Even though we say in marketing reports ‘prove everything’ we can prove very limited amount of things.&nbsp;</p><p>For example, we can prove only programs with synchronous execution while most programs in the world are executed async. So, we can’t prove most programs in the world.</p><p>We also can prove only programs written in the languages that can be compiled into the RISC V instruction set.&nbsp;</p><p>Let’s not think at this stage about efficiency. Just what we actually can prove with reasonable resources, let’s say the cap is 1h proof generation on the 64 GPU cluster.</p><h2 id="h-layer-2-what-problems-can-we-solve-with-it" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Layer 2: what problems can we solve with it</h2><p>At this stage, we are looking at existing problems. We do not validate the actual feasibility of it (who and when and how much gonna pay us for it). Let’s say the problem of industrial espionage (IP documents stolen from labs and manufacturings) is a completely fine problem.</p><p>There quite a few problems in the world, where zk can be a solution. Think almost everything about privacy and integrity of computations. Recall how many ideas about using zk to prove statements about documents, identity management, data processing, AI proving we have heard within the last ten years? Dozens if not hundreds. And at the layer of the problem – most of them are legit.</p><h2 id="h-layer-3-can-we-actually-implement-it" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Layer 3: can we actually implement it</h2><p>Either it is a consumer product that runs on the mobile, an Enterprise SaaS or a hardware firmware, the currently existing environment where the application is expected to sit is complex and regulated. There are probably dozens of other applications, standard infrastructure, and a list of standard requirements. Can your zk solving a particular problem actually fit all of that?</p><h2 id="h-layer-4-can-we-sell-it" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Layer 4: can we sell it?</h2><p>This circles back to how and when and how much will pay us for it?&nbsp;</p><ul><li><p>Is the problem we can solve actually urgent and incorporated into existing budgets of our clients?</p></li><li><p>Is there a market for this problem or do we actually need to create a market?</p></li><li><p>How large the competitors are and is the zk-powered solution actually 10x better? (like for real for real). These guys will fight you back when you try to move them out (tho they can also buy you which is probably a good outcome)</p></li></ul><p>And other questions around market, competition, sales cycle, etc.</p><h2 id="h-how-much-can-we-optimize-efficiency" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">How much can we optimize efficiency?</h2><p>I didn’t tell anything about efficiency so far. The reason is that if there is a real reason (i.e. a real market) many things can be optimized.&nbsp;</p><p>We can optimize proving systems, ZK-VMs (possibly alternative architectures and custom instruction sets), as well as design custom chips. How much can we optimize? God knows.&nbsp;</p><p>But this is actually a critical issues because of we can get 100 ms latency this is one set of products, but if we can get let’s say 1 ms latency it unlocks us another category of products, and if we can get 0.01 ms latency – we can actually go into dynamic critical systems that will maybe win from the resilience way more than others.</p><p>If coming back to the ground, hash-based snarks over binary fields seem it look quite good and even though more optimizations will be done, intuitively it doesn’t seem we need to try to invent something brand new.</p><p>On the ZK-VM efficiency… Custom ZK ISA ZK-VMs still to be constructed (or finished). Alternative designs (e.g. graph based) – feels like a too heavy cost so I would say probably won’t happen. At least today, I do not see who would invest in designing alternative architecture ZK-VMs without clarity about the output.</p><p>On the ZK chips –&nbsp;hard matter. Overall, as it is today, I would say a too heavy sunk cost no one has an incentive to invest it. However, what if chip design cost comes down drastically because LLMs become incredibly good in it? Then we can actually expect to have the whole variety of ZK custom chips (the next question however will be to convince Intel, Apple, and the rest to add a default ZK chip into their devices).</p><p>As a bottom line: the efficiency we have today is good enough to build prototypes but not enough to build products. A number of things should happen to make this efficiency production stage compatible which at raw estimation will take another $100-200M. How convincing the market opportunities should be to make this happen?</p><h2 id="h-we-actually-do-not-need-zk-property" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">We actually do not need ZK property</h2><p>In almost all use cases, SNARK is perfectly fine and we do not actually need the ZK property which is actually great news for efficiency (but we will call it ZK anyway, it sounds better). To decrypt the statement from the snark, one needs a bunch of random noise that they have no way to get. It won’t be perfect from the theoretical perspective, but it will be good enough from the practical perspective.</p><p>Thank you for reading. You are welcome to share your thoughts and argue with me here: <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="mailto:lisaakselrod@gmail.com">lisaakselrod@gmail.com</a></p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/fc0ea42f94ad058001e26298db2b8d61074aeaa0ff778e19bf2c3ea285eba4b7.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[Why the time for zero-knowledge cryptography in Cyber and Defense is now. ]]></title>
            <link>https://paragraph.com/@lisaakselrod/why-the-time-for-zero-knowledge-cryptography-in-cyber-and-defense-is-now</link>
            <guid>ZrxfVEql4VzwZicnhajS</guid>
            <pubDate>Tue, 18 Nov 2025 16:23:35 GMT</pubDate>
            <description><![CDATA[Why I am spending the best years of my life on zero-knowledge cryptographyThere are many things to work on in the world. The science today is incredible, moving forward fast, a range of problems to solve is enormous, from biology to astrophysics, from AI security to information storage and everything in between. However, out of all that variety I made my choice to continue digging into the creature called ‘zero-knowledge cryptography’ (ZK) that most people in Computer Science, Cyber, and othe...]]></description>
            <content:encoded><![CDATA[<h2 id="h-why-i-am-spending-the-best-years-of-my-life-on-zero-knowledge-cryptography" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Why I am spending the best years of my life on zero-knowledge cryptography</h2><p>There are many things to work on in the world. The science today is incredible, moving forward fast, a range of problems to solve is enormous, from biology to astrophysics, from AI security to information storage and everything in between.</p><p>However, out of all that variety I made my choice to continue digging into the creature called ‘zero-knowledge cryptography’ (ZK) that most people in Computer Science, Cyber, and other digital verticals have no clue about.</p><p>ZK appeared in academia in 1989. But comm’n, hundreds of matters, ideas, and concepts pop up in academia every decade and die there without anyone ever incorporating it into the industry and the everyday world we live in.</p><p>However, for ZK the story is different. In 2014, ZK was picked up by the blockchain industry to solve the scaling problem and preserve security. Since then, at least several dozens of companies all over the world contributed to the zero-knowledge cryptography R&amp;D, as well as funded research in academia. The rough estimation is that at least $500M was invested directly and indirectly into ZK R&amp;D by the blockchain industry. Which made the technology way more mature and attractive for other industries.</p><p>Today we are at the point where ZK is somehow good for prototyping and PoCs. Which is a great moment to start experimenting with placing it in other industries and checking what problems it can solve and how feasible the technology actually is.</p><p>In this essay, I would provide some reasoning of why zero-knowledge cryptography meets the current sentiment of the world and why I am putting the best years of my life into giving this technology a chance to change the world as we know it.</p><h2 id="h-trend-1-computers-became-too-independent-but-do-they-really-know-better" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Trend 1: Computers became too independent. But do they really know better?</h2><p>When the computers were invented, they acted like boxes executing human commands. I give a command, the computer executes the command. This was the deal.</p><p>Today, computers have taken the role of an intermediary or even an interface between the human and a bunch of algorithms that have their own opinion on what should be done and how it should be done.</p><p>The first stage of the transition was the adoption of recommendations in the world using various ML techniques. Say, my intention is to choose the best laptop for my needs, while the intention of the recommendation algorithm is to force me to buy the laptop whose seller paid the largest bid for its ads. And the computer here is just an intermediary silently facilitating the interactions between myself and the algorithm.</p><p>The second stage has started with wide adoption of LLMs. Where we, humans, have decided that quite some decisions about our being can be outsourced to LLMs that know better. They know better what is the optimal learning pass to understand the subject, what disease I might have, or where the terrorists are located.</p><p>The core difference between ML models and LLMs is that the decisions of LLMs are more obfuscated and less obvious. Think Google maps, if you ask for a route from Munchen to Berlin, you can validate the output: it should be more or less direct, definitely shouldn’t go through Paris or London, and if this is the case you can easily identify that something is wrong with the model.</p><p>However, with LLMs it’s different. Assume the doctor is using the LLM to define the disease. The doctor doesn’t know for sure, he follows the protocols. The LLM follows the training and finetuning. How does the doctor know that the LLM is acting in a good face? How does the doctor know that the LLM is not lying? The doctor doesn’t know.</p><p>Combine this with the behavioural pattern of how blindly we believe all types of chats (compared to search engines, that we took with a pinch of salt). The result will be the world ruled by a bunch of models, part of which is hallucinating, part of which are corrupted, part of which are just poorly trained and finetuned, part of which are completely fine but they are probably the minority.</p><p>I want to amplify the urgency to push forward hallucinating models: all core LLMs we use are produced by profit-oriented organizations. How many years were assumed in the financial model before they started to earn money? What is the projected Revenue growth quarter over quarter? The world is driven by Returns On Investment, not by noble intentions.</p><p>So the computers, as we used to know them, are now just intermediaries between humans and models. When we give the computer a command ‘do this’, we can’t trust that ‘this’ will be done. We should require cryptography guarantees that ‘this’ has been done for real and our command wasn’t modified or tweaked on the go because the model knows better what is good for us.</p><h2 id="h-trend-2-cyber-defense-needs-more-resilient-approaches" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Trend 2: Cyber defense needs more resilient approaches</h2><p>The classical approach in cyber defense assumes that we want to make attacks hard enough but not impossible so that the attacker doesn’t have incentive to attack because the cost will be higher than the gain. What does it practically mean ‘hard enough’ – by adding different layers that hackers need to go over to get to the target. For example, multi-factor authorization, special requirements to particular means of authorization (e.g. password complexity and rotation), detection of anomalies (e.g. monitoring of everyone’s sessions in the system and detecting if the session looks suspicious), as well as other defense approaches each of those makes it harder to compromise the target. But not impossible.</p><p>LLMs give a larger advantage in offensive tools rather than defensive tools, adding asymmetry. Models are good in producing on average good outputs (distributed unequally). Which is a fit for an offensive approach where one time success is enough to get into. Compared to the defensive approach where one needs 100% accuracy and to defend properly always except for one time might have an incredibly high cost (especially if we are talking of government sponsored attacks.</p><p>The amount of LLMs surrounding us in a day-to-day life is enormous: managing hardware devices from personal computers to medical and military devices, managing facilities including critical infrastructure, improving efficiency and ROI from the biggest manufacturers to small businesses all over the world, processing personal data, etc. If something looks like a commercially motivated attack today (e.g. malware) it is only the question of the time when it will turn into a strategic geopolitical weapon. And one day it will. Every technology that can be used at the offensive battlefield will be used at the offensive battlefield (or maybe it is already used and we just do not know? Or maybe we pretend we don&apos;t know? :)</p><p>The wars will continue. This is how superpowers stay superpowers, powers become superpowers, and small players turn into medium players ticking the required checkboxes. The share of cyber in military conflicts is growing steadily and I do not see any single reason why it will change. Better defense is the most natural thing to work on under those assumptions.</p><p>However, the wars continuing as they are today is a relatively good outcome. There are some reasons why I would assume they will become worse. There are two reasons for it:</p><ol><li><p>Shift towards cyber battlefields and weapons will eventually result in massive downfall of the amount of human empathy engaged into making decisions. Death is unnatural to most people on the Earth (except for the case, when one is brought up with the idea of death being the most precious reward). Killing others is unnatural to most people. However, killing others through pushing a button without seeing the result is way easier than doing it with one’s own hands. So, the more automated the battlefield is, the more casualties and cruelty we are about to expect.</p></li><li><p>Eventually, autonomous LLM-powered weapons will be deployed. The reason is, we kind of have all the required technologies for it. The question is about right assembling and technology fine tuning to operate together. It is not a secret that superpowers are working on this type of weapons that is to say – it will come. It might look that we are quite far from approved regulations… At some point, when superpowers will have the real need for it – the approval will happen very fast. Battlefield is operating according to game theory way more often than according to noble intentions. And the game theory tells that when one party raises the stakes – everyone has to raise: if one party now makes a striking decision in 30 sec, another party can’t take 30 min for the response. It has to switch to a 30 sec window too, even if purely morally it would prefer the decision being more thoughtful and thorough. Otherwise, it loses immediately.</p></li></ol><p>A question with the star: how will the superpower allocation change while the role of cyber on the battlefields is growing? Who is the most ruthless technology (not general) superpower today? Why is it not attacking the US today to overthrow the world order?</p><p>(China is not attacking the US in cyberspace because it is a part of the diplomatic deal. Not because America is nice and not because China is incapable. Will it last forever? I am very much not sure, or frankly speaking, I am almost sure it will not.)</p><h2 id="h-trend-3-the-digital-world-became-a-complete-mess" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Trend 3: The digital world became a complete mess</h2><p>The speed of computer world development is quite fast. It doesn’t necessarily mean becoming more advanced, but it definitely means adding tons of code every day. Can you imagine the codebase of Amazon or the electricity facility today? Some people who wrote this code have died by now. Very high amount of legacy software and hardware, libraries that no one is maintaining today, niche languages, and millions, millions, millions of rows of code. Only lord knows what all this code does or doesn’t do.</p><p>Dozens or even hundreds of trusted 3rd parties serving organizations in accounting, sales, security, legal, and other domains. Each of them needs to remotely push updates from time to time which provides an efficient vector to compromise thousands of organizations through one organization. Take at least Solarwind infecting 17,000 organizations including the US agencies or CrowsStrike internal mistake interrupting the operating activity of hundreds of organizations all over the world including international airports, airlines, hotels, stock markets, broadcasting, gas stations, etc.</p><p>The world is very fragile and ruled by digital systems at the same time. Which is a very unlucky combination if thinking of it in a vacuum but this is the world we live in. What happens to the country left without electricity for one hour? How long can a port be closed before other domains and facilities will be affected by it? Which systems today should be labelled as critical infrastructure? Say, are ports a critical infrastructure. On one hand, it might seem that not that much. What will happen if the port is closed for a week? However, in several hours there will be some facilities that run out of components and have to stop the production. The cascade effect starts in several hours sucking into everyone with even mere dependencies on the sea logistics.</p><h2 id="h-and-so-what-what-is-the-better-defense-and-how-should-we-do-it" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">And so what? What is the ‘better’ defense and how should we do it?</h2><p>So we need to defend systems better. To defend from possibly malicious LLMs, to defend on battlefields, and merely from human mistakes. Furthermore, we need to defend not only the most critical systems and most privileged accounts, but also regular systems and accounts, because the amount of dependencies and system complexity in 2025 leaves too many entry points at the level of ordinary access.</p><p>While for most privileged systems and accounts we rely on better tools (e.g. biometry authorization, cold keys, or even cold devices), for ordinary systems and accounts we usually rely on people’s consciousness (secure passwords, not clicking the links, proper reviews, reading what exactly they are signing, etc.)</p><p>However, relying on people is incredibly unreliable. What if instead of that we relied on mathematics?</p><p>The root problem is that when someone has an intention of making an action, (e.g. getting access to the database), they do not know what the computer actually does. Because most of the time we are just clicking the buttons on the interface and signing everything it suggests.</p><p>The whole idea of authorizing actions by signing them does not fit the complexity of existing digital systems. It creates layers of trust on top of layers of trust where each new layer in the chain of trust has no clue why the previous authorized it and even what exactly it has authorized.</p><p>Think of access management provided by Okta or network access provided by CloudFlare: it is a trusted 3rd party authorizing (aka signing with its secret key) millions of requests all over the world every minute.</p><p>Now recall everything we talked about before: LLMs and AI agents growing penetration, growing share of cyber on battlefields, enormous system complexity. Can we really use secure private key storage as an assumption for world security? I do not think so.</p><p>The alternative to authorization through digital signatures is authorization using zero-knowledge proofs. Where the access right is guaranteed by the mathematics and we are actually verifying the statement itself and not the mere fact that some trusted 3rd party has looked at the statement and approved it. Which brings us to the world of provable computations, which fits the world today and in ten years is way more than multiplying chains of trust again and again.</p><p>This is not a trivial suggestion. While using new more superior types of software is a regular practice, shifts to new types of cryptography do not happen too often. But I do not see other other ways around. At some point (five years? Ten years?), it will be the question of survival. We do not need real AGI to lose control over machines and models we created and injected in every inch of our lives, it is enough to give them enough autonomy. This is what we are already doing, and it will neither reverse nor slow down. The only thing we can do now – require cryptography accountability of every action they perform. Provable computations are the only way to keep machines accountable. It is not too late today. It will be too late in ten years.</p><p>Thank you for reading. You are welcome to share your thoughts and argue with me here: <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="mailto:lisaakselrod@gmail.com">lisaakselrod@gmail.com</a></p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/4345b0632915716c700e82c1e319c279ffda84dac1ef323b0e9e0f8469a7825e.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[Are broken hearts worth it?Three ways to save your heart]]></title>
            <link>https://paragraph.com/@lisaakselrod/are-broken-hearts-worth-it-three-ways-to-save-your-heart</link>
            <guid>Z8InLGlLJNRbXLfnqDDJ</guid>
            <pubDate>Tue, 30 Sep 2025 07:50:37 GMT</pubDate>
            <description><![CDATA[Career choice: Disney princessI was growing up in a very patriarchal family with a lot of girls. To give you a feeling of what we are speaking about – there always was a fight for who is honoured to bring a glass of water to the head of the family – dad. Nothing is more important than making the man happy. A woman&apos;s happiness comes from being able to make the man happy. The career path I was trained for – successful marriage which pretty much means he is rich and I never need to work. Th...]]></description>
            <content:encoded><![CDATA[<h2 id="h-career-choice-disney-princess" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Career choice: Disney princess</h2><p>I was growing up in a very patriarchal family with a lot of girls. To give you a feeling of what we are speaking about – there always was a fight for who is honoured to bring a glass of water to the head of the family – dad. Nothing is more important than making the man happy. A woman&apos;s happiness comes from being able to make the man happy.</p><p>The career path I was trained for – successful marriage which pretty much means he is rich and I never need to work. The instructions were approximately the following: be canonically attractive, ex-model is a big plus, start dating a rich guy, make him marry you, give birth to several kids asap (so he won’t leave you), dedicate your life to staying canonically attractive and making him happy. You can also spend time on self-development but only if it makes your man happy (e.g. learn pole dance which i tried but it is so god damn painful).</p><p>And believe me or not I tried to make this happen. I really tried. Especially at a very young age. There are two issues with the career of the Disney Princess:</p><ol><li><p>It is not easy, one needs a lot of effort and investments, and dedication, and what not. Because competition is very high and frustration from failures is very real.</p></li><li><p>It says nothing about love.</p></li></ol><h2 id="h-do-disney-princesses-deserve-love" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Do Disney princesses deserve love?</h2><p>My parents taught me that there is no such thing as ‘love’ between men and women. People tell each other I love you but they do not mean it. There is love of parents to kids and kids to parents. But there is no long lasting love in couples. Marriage is a career: the more you invest, the more you get; the less lucky you are, the more effort you need.</p><p>I didn’t take this career path not because of the rational choice, but first of all because I was incredibly bad at it. I was thinking all the time “well, but how does it make me feel?” and this was against “the rules” because it doesn’t matter what you feel. The only thing that matters is the result: did you get the successful marriage or not.</p><p>The only way to survive in a world where it doesn’t matter what you feel – is to feel nothing. And no kidding – this can be a reasonable rational decision if the main objective is a canonical successful life. But what if there is something else behind all these successful pictures?</p><h2 id="h-no-broken-hearts-please" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">No Broken Hearts Please</h2><p>When you start feeling – most of the time you feel pain. Because the world is made of pain and people treat each other most of the time as complete shit (imo). But sometimes, not too often but sometimes, you also feel good things, such as gentleness, care, or love. Which feels amazing but almost always ends up bad. People got used to being treated as shit. When one expresses gentleness, care, and love towards them – most people freak out. Because they do not know what to do with it. And because it touches the heart. And the pain after your heart has been touched is way more real.</p><h2 id="h-how-the-couples-are-made" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">How the couples are made</h2><p>There are three ways how the couples are made:</p><ol><li><p>Rationally assembled – either organized by families or by men and women independently following the objective of successful marriage.</p></li><li><p>By serving each other&apos;s traumas and pains.</p></li><li><p>By conscious choice of going for love with an open heart while realizing that it might also mean meeting a lot of pain and taking full responsibility for it.</p></li></ol><p>I’ve briefly described the perspective of the first approach in the beginning of this essay, the only thing to add is that there is no thing like ‘broken heart’ in this story. As long as you are together – you are completely fine and nothing else matters. The problem is if you break up. And here it’s very different for men and women. For women – it’s pretty much the end of the world because the whole game is that she is young and pretty. Just being pretty is not enough. Even if she looks like she is 20 but she is 35 – it doesn’t count. So the game is to make it impossible to divorce. It just should be so expensive and so problematic that the man will never go for it (even if he promises that he will divorce to all his other women).</p><p>Now, when we are done with organized marriages, let’s look at other ways how people self-organize into couples.</p><h2 id="h-my-traumas-love-your-traumas" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">My traumas love your traumas</h2><p>Modern people often evolve in relationships of five: him, her, his therapist, her therapist, and their common therapist. The idea is as follows: two people ‘decided’ to be together because they fit each other’s traumas, but to decrease the pain from it – they put several therapists in between.</p><p>And this is a wonderful ride! For several reasons: first, we have so many traumas that it’s enough to exchange traumas with other people for dozens and dozens of years. Second, it is quite a gamified process as we can proceed from one trauma to another trauma while crossing out the previous trauma. So we are traveling through a trauma roadmap and it feels like a positive traction which fits our modern brains trained for infinite self-improvement.</p><p>This usually goes with ‘I want’, ‘I need’ and overall is a very ego-driven process. It’s like I have my list of needs that my partner needs to fit and I will do my best (or not my best) to fit their list of needs. And we will work a lot on our relationships, talk a lot about our relationships, which mostly means talking about what I want and what I need and your performance in satisfying my wants and needs.</p><p>These relations usually last for years but not forever. The reason is that to continue these relationships, two people need to have traumas that both of them are interested in playing with. But the bank of traumas is not endless and they are quite diverse meaning that overlap can be not that large. And playing the same traumas again and again is (a) boring (b) hard because the therapist will require progress.</p><p>What happens when the relationships between our traumas end?</p><h2 id="h-my-traumas-are-happy-to-break-up" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">My traumas are happy to break up</h2><p>There are two approaches: very happy and very unhappy. One of them is defined by the mind, another one is defined by the ego. The choice presumably depends on the particular traumas.</p><p>The very happy outcome is that we were incredibly happy together, made each other grow and be a better person, and now we have organically arrived to the point of being incredibly happy separately. So this is like ‘thank you for your work, it was nice being colleagues with you, let me know if i ever can be of any help’. This works if both sides are happy to break up.</p><p>But what if one side is happy to break up while another side hasn’t got their returns on investment yet? Then it is a huge ego pain. Because we agreed, I worked hard, I invested a lot, and you have just wasted my life, time, and resources and yalla yalla.</p><p>Now I will say something that most people will not agree with: serving each others’ traumas, even if for years, has nothing to do with love.</p><h2 id="h-what-if-we-go-for-love" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What if we go for love</h2><p>What if we go for love?</p><p>First of all, most people won’t play this game with you. Love is a bit not a perfect fit for the world as is. For the world, for the systems, love is very inconvenient and annoying because it makes people hard to manage. And for people, love is a bit of an alien because this is the narrative the world provides us with.</p><p>The narrative is that love is a very mysterious and dangerous creature and not completely clear what it is, where it is, why it happens, does it even exist. And our brains are trained to pursue familiar and ‘safe’ objectives. Following the love is like following the alien you’ve just met on the street: where will it take you? Will it put you to the spaceship and take you away forever? How will it treat you? Will it eat you?</p><p>Following love is blind trust (exactly like following the alien). The question is blind trust to whom? I would say… the God and yourself (which is the same in fact). But maybe blind trust to something else. I have no clue what I am speaking about.</p><p>The really funny thing is that most people (maybe even all people, I am not sure) know exactly what love is and have experienced it in their life. The most common example is how people describe the last hour before death. They mostly say that they understand that all things they thought mattered didn’t really matter and they just felt a lot of love for the world and people they liked, and people they didn’t like, people they knew, and people they didn’t know.</p><p>Another shared feeling is what people feel when they see their baby for the first time. This love is very quickly kidnapped by ego, but first moments people usually describe the feeling of unconditional pure love.</p><p>And the last ‘learning’ about love is some early feelings that we experience at the age of 10, 12, 14, I don’t know. Adults usually tell kids that you know nothing about love, you know nothing about life, you are a kid and your feelings are toy-feelings. But the truth is that those ‘toy-feelings’ are the closest to ‘the love’.</p><h2 id="h-and-what-is-love" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">And what is love?</h2><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/81a3d4cfd662b3db171b7488751cb9ad569af304f3b8796e32264e927e65c10f.webp" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>Before I start the last section of this essay, I want to point out that I am just expressing my perspective. I am not saying that this is the right worldview and do not claim to be 100% sure that the world works like this. It’s just my intuition about the world.</p><p>So what is love… well.. Love is some thin energy traveling among people’s hearts for no reason. Or well.. Maybe for the reason of the heart being open. Like the wind travels through the open window in a house, love travels through the open heart in a human being. The objective of love is love. The goal of love is love. The outcome of love is love. There is no progress, no evolution, no improvement. Love is just happening again, and again, and again, and again. That’s it.</p><p>Love is not guaranteed. Me feeling love to you doesn’t mean I will feel love to you even the next moment. Love is a blind trust. Therapists know nothing about love. Science knows nothing about love. Religion knows nothing about love. But every single person on the earth has experienced love at least for several moments in their life. And they know it.</p><h2 id="h-how-to-avoid-broken-hearts-for-real" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">How to avoid broken hearts for real</h2><p>You probably won’t believe me, but there is no pain in love. Pain comes from ego, from conditions not being met, desires not being satisfied, expectations not being fulfilled, goals not being achieved. Love is just ‘vibing’ in one’s heart because the heart is open. Love to another human being is the touch of my own love in the heart and their own love in the heart for no particular reason, just because the hearts are open.</p><p>The goal of love is love. What can be broken is the armor of the heart. We think the heart is broken and we feel pain when the armor of the heart is broken. But if there is no armor and nothing to be broken, the heart is just vibing.</p><h2 id="h-summary-and-open-questions-for-further-research" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Summary and open questions for further research</h2><p>Well… love is a blind trust, it has no guarantees and no control. It just happens when the heart is open and it is actually a very gentle and safe substance that has nothing to do with pain and fear.</p><p>However the question is: can one build relationships based on love? The answer is: I think so, but I am not sure, and I didn’t succeed so far. But I will try as long as I am alive and if one day I understand something about it – I will write you another essay :)</p><p>But if I was imagining what these relationships might look like… I would imagine something like this: I love you for who you are, the best thing in you is you, the thing i like most of all in you is you, my favourite thing to do with you is being with you, my favourite thing to do to you is whatever is able to genuinely touch your heart and make your human part feel good.</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/5e4254a5ce92808864ce22f369812dc9a0676440c0697f51ba37a496dceef7b4.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/b6af9fcd2f43e12a8ecf3aafc1f346e3c0ce358f0bedaf80f3fb1a61207d5f08.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[How zero-knowledge cryptography can elevate critical infra resilience]]></title>
            <link>https://paragraph.com/@lisaakselrod/how-zero-knowledge-cryptography-can-elevate-critical-infra-resilience</link>
            <guid>rcaCuhRGIpVn4Rptrf23</guid>
            <pubDate>Mon, 08 Sep 2025 15:36:24 GMT</pubDate>
            <description><![CDATA[Why is it crucial to improve the resilience of critical infrastructure now, and how to do it? I’ve recently looked through a number of critical infrastructure attacks that have happened within the last ten years, all over the world. I’ve seen that quite often we are dealing either with stolen private keys or making malicious updates looking legitimate. I came up with a hypothesis on how to mitigate this attack vector.Our Reality: Permanent CyberwarWe live in an era of wars. Just a couple of d...]]></description>
            <content:encoded><![CDATA[<p><strong>Why is it crucial to improve the resilience of critical infrastructure now, and how to do it?</strong></p><p>I’ve recently looked through a number of critical infrastructure attacks that have happened within the last ten years, all over the world. I’ve seen that quite often we are dealing either with stolen private keys or making malicious updates looking legitimate. I came up with a hypothesis on how to mitigate this attack vector.</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/a35a17670b6edced6faeb7053c1a51f5d741be87ff870c26844d6bda3c289d37.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><h2 id="h-our-reality-permanent-cyberwar" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Our Reality: Permanent Cyberwar</h2><p>We live in an era of wars. Just a couple of days ago, the US Department of Defense was renamed the Department of War. On the 3rd of September, China held the largest military parade in its history.</p><p>&quot;We do not choose times; times choose us,&quot; but it’s up to us to adapt. Today, wars operate both on the ground and in cyberspace. We do not see cyber attacks until the moment the lights go out for the whole city (e.g., Ukraine in 2015). Regardless of this, cyber attacks happen every day.</p><h3 id="h-government-funded-attacks" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Government-funded attacks</h3><p>Approaches have changed significantly, making the work of CISOs and cyber researchers orders of magnitude harder. From being driven mostly by economic objectives (e.g., malware), cyber attacks have turned into government-funded attacks with unlimited budgets and no moral red lines, driven by geopolitics. Before 2014, critical infrastructure, such as electricity facilities, was considered civilian targets that cannot be attacked according to International Humanitarian Law (IHL) under the Geneva Conventions. However, we all know that every system that can be exploited will be exploited, regardless of laws and conventions.</p><h3 id="h-attacking-critical-infrastructure-has-become-legitimate" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Attacking critical infrastructure has become legitimate</h3><p>Since Russia set the first precedent of attacking critical infrastructure in 2015, it has become a ‘legitimate’ war tool for everyone. Targets include everything: from electricity and water facilities to nuclear powerplants, financial infrastructure, hospitals, and government authorities.</p><p>The offense game has changed; the defense game has to change too. We know of a technology that is not used today but has huge potential to elevate critical infrastructure resilience to the next level.</p><h2 id="h-zero-knowledge-cryptography-resilience-level-we-havent-met-before" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Zero Knowledge Cryptography: resilience level we haven’t met before</h2><p>Computers used to be our friends, trusted buddies helping us get things done, such as speedy computations.</p><h3 id="h-are-computers-acting-in-good-faith" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Are computers acting in good faith?</h3><p>Today, the situation is more complex: computers are our best friends, our worst enemies, our strongest addictions, secret keepers, and everything in between. The number of third parties sitting in the communication between humans and their computers is at least several hundred for a regular user. Speaking of more complex systems, such as enterprise and industrial computers, the number of trusted third parties can reach into the thousands. As computer complexity increases, we can’t blindly trust that a computer acts in good faith and does whatever it promises to do. Today, we need to verify, and we can use zero-knowledge proofs for this purpose.</p><h3 id="h-definition-of-zero-knowledge-proofs" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Definition of zero-knowledge proofs</h3><p>Zero-knowledge proofs prove that a particular program was executed correctly on given inputs, providing integrity, while some inputs can remain private, ensuring confidentiality. Instead of just executing the program, we ask the computer to execute the program and generate a proof that it was executed correctly.</p><h3 id="h-provable-computations-empowering-classical-key-encryption" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Provable computations empowering classical key encryption</h3><p>Imagine the communication between a server and a computer executing the server’s commands. Today, it works as follows: the server and the computer make a handshake so that the computer is aware of the server’s private key. If the computer receives a command signed with this private key, it assumes that it is a legitimate command and executes it, even if the command sender is a malicious party who has stolen the key.</p><p>If, together with the command signed with a particular private key, the computer also requires a proof of how this command was computed, the attacker’s possible actions are limited to the set of the server’s legitimate algorithms. In other words, the only thing the attacker can do is execute the same legitimate program that the server would execute and receive the same legitimate output that the server would generate. This significantly decreases the potential attack surface and its impact.</p><h2 id="h-from-research-to-reality-the-first-true-production-ready-moment" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">From research to reality: the first true production-ready moment</h2><p>Zero-knowledge cryptography has existed in academia since 1989. However, its performance has become more feasible only within the last several years, mostly thanks to the community efforts of hundreds of researchers and engineers in the blockchain domain who have invested in developing this technology.</p><p>The technology is still in its early stages, which is a perfect moment to run pilots and experiments. However, it will still require a good chunk of work to bring it to the production stage. But the reward is worth it: making computers accountable and allowing CISOs and other cyber experts to sleep better, as provable computations replace trust with verifiability.</p><h2 id="h-help-us-make-it-happen" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Help us make it happen</h2><p>We are currently exploring use cases in critical infrastructure to build proof-of-concepts, to battletest the tech, and to gain better clarity on how to bring it to the production stage and make provable computations serve humanity’s security.</p><p>If you have any ideas about where provable computations can be utilized in the resilience of electricity and water facilities, hospitals, transportation systems, telecom, nuclear power facilities, autonomous vehicles, and aerospace, please send me a letter and let’s chat: <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="mailto:lisaakselrod@gmail.com">lisaakselrod@gmail.com</a></p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/79d431f1c54792505cb6bbb49caa32f534a7991d397d6ccb19e854b4d3cf4c1d.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[We need to protect humans from machines]]></title>
            <link>https://paragraph.com/@lisaakselrod/we-need-to-protect-humans-from-machines</link>
            <guid>GHLB00Ka7A8P3ID0WQxF</guid>
            <pubDate>Sat, 23 Aug 2025 13:50:44 GMT</pubDate>
            <description><![CDATA[The future belongs to machines.It’s not a question or a hypothesis today, it’s a fact. The day-to-day human life will be fully automated: opening a door, making a coffee, all vehicles, all indoor and outdoor machines, all medical monitoring and actions made, surgery, hospital assistance, and many more. But that is not all. These are only routine things we can think of today.Human chemistry belongs to machines too.Putting spiritual and religious aspects aside, humans are bio robots: chemistry ...]]></description>
            <content:encoded><![CDATA[<h2 id="h-the-future-belongs-to-machines" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">The future belongs to machines.</h2><p>It’s not a question or a hypothesis today, it’s a fact. The day-to-day human life will be fully automated: opening a door, making a coffee, all vehicles, all indoor and outdoor machines, all medical monitoring and actions made, surgery, hospital assistance, and many more. But that is not all. These are only routine things we can think of today.</p><h2 id="h-human-chemistry-belongs-to-machines-too" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Human chemistry belongs to machines too.</h2><p>Putting spiritual and religious aspects aside, humans are bio robots: chemistry goes up, we feel happy, chemistry goes down, we feel frustrated and sad. We say we are sad because someone has died, or we were rejected by a job or a romantic partner, because of global events, or the amount of homeless cats. But the truth is we are sad because the body chemistry went down.</p><p>In the machine world, the goal will be to maintain chemistry at the optimal level. Today, it is also the goal, but it is harder to achieve as the direct access to human chemistry is quite limited. But it will change.</p><p>What do we call ‘the optimal level’ of human chemistry? The one that will allow to extract as much value from the individual as possible. Who are the value extractors? Corporations and political powers. Corporations are rather straightforward – they need humans to consume more because their quarter reports need to show numbers climb up. Powers’ KPI is humans’ beliefs. They need humans to believe in a particular branch of reality.</p><p>The optimal level of human chemistry is not too sad but also not too happy, pretty much just fine, coping with the reality, not having hopes, but also not committing suicide. Why is this ‘optimal’? At this chemistry level, an individual will be down to maintain the basic lifestyle till the end of their life: boring work, money enough just to survive, mediocre relationships, mechanical sex, okayish health, low energy, no dreams, no ambitions, no hunger for challenges. In this state, an individual is Netflix&apos;s ‘good boy’. In this state, it is a no-brainer of how to make an individual adopt and propagate an idea with a large emotional hook and one layer reasoning.</p><p>Today twitter is optimizing our chemistry: giving you some views but not too much, algorithms staying reluctant to your content but not completely reluctant. It gives us little injections of engagement with our account that are enough just to want more.</p><p>But what if your coffee machine starts acting like this too? What if your coffee machines gives you the minimal amount of coffee that you won’t commit the suicide today but at the same time it will maintain your chemistry at the most vulnerable level so that other machines can affect you however they want?</p><h2 id="h-we-lost-in-privacy-but-we-still-can-force-machiness-accountability" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">We lost in privacy but we still can force machines’s accountability</h2><p>Systems act according to their design. Everything that can be exploited will be exploited. The assumptions about humans having good intentions on average is wrong.</p><p>It is very hard to go back in time and reverse design when one realizes that in fact the basic assumption is humans having malicious intentions and making their best to exploit the system. Think of privacy: a lot of modern digital systems haven’t thought of privacy when being created and this is the reason why we lost in privacy. We will never catch up trying to fix the things that are already produced according to their protocols.</p><p>But in the cyborg reality we are still at quite early days, and we have all chances to learn from previous mistakes and design the machines of the future to be accountable.</p><h2 id="h-presumption-of-guilt-is-a-doomer-idea-what-is-wrong-with-iris-scanning" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Presumption of guilt is a doomer idea: what is wrong with iris scanning</h2><p>Scanning iris to prove that you are a human means that unless you didn’t do it – for the system you are not a human. And it is only one particular entity deciding if what is being scanned is actually an iris. This system is a presumption of guilt: you are not a human till you prove the opposite. But what if someone doesn’t want to share their bio data for ideological or ethical reasons? Or even what if someone has lost their eyes or was born like without eyes? Does it mean that relying on the automatic system they are not humans?</p><p>Instead of making humans prove they are humans, we should make computers prove that they act in a good faith according to humans’ will. We live in a human-centric world, built (or at least planned to be built) by humans for humans and not for machines to rule the ball.</p><h2 id="h-only-one-way-enforcing-accountability-by-design" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Only one way: enforcing accountability by design</h2><p>All the machines that affect human life, chemistry, brain, and safety must prove that they are acting in a good faith. And these proofs should be cryptographical and verifiable by the end user any time.</p><p>If the device is connected to the internet, its firmware can be remotely updated, including being remotely updated by malicious actors and you will never be aware of it because we do not check the firmware before using the device.</p><p>For example, when one opens the door of the car, the car looks fine if its wheels and windows are at their regular place. If one bit of its firmware was remotely flipped – you will never see it.</p><p>If someone has an implanted device to monitor some body processes and report to the doctor – how will you know that the data reported is the data collected from your body?</p><p>Remember that type of attack where people by accident sign the wrong transaction because it looks okayish? What if instead of the wallet draining it’s your physical body being drained? Your brain activity and body chemistry?</p><p>Machines’ behavior should be fixed, and its compliance should be proven cryptographically. Otherwise, the future is very dark.</p><h2 id="h-will-the-world-of-machines-ever-happen-for-real" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Will the world of machines ever happen for real?</h2><p>It is happening right now, while I am writing the article, autonomous robots all over the world are making surgery, driving people around the world, carrying stuff in the air, cultivating crops, serving coffee. And it will go one step further every day. What is the final destination? Is it a doomer place? Is it a hopeful place? Depends on what we are doing today, what future we are picturing as the desired one and how we are moving towards it.</p><p>Thank you for reading! Feel free to share your thoughts about enforcing machine accountability: <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="mailto:lisaakselrod@gmail.com">lisaakselrod@gmail.com</a></p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/dbbf3086aaa0fca0cf886129ddeb3a41d35c2295e93e18935d8667102e05e426.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[The Real Community: People Come For People]]></title>
            <link>https://paragraph.com/@lisaakselrod/the-real-community-people-come-for-people</link>
            <guid>eOfbqDDAM3ar1A4rTqC8</guid>
            <pubDate>Sat, 19 Jul 2025 18:10:06 GMT</pubDate>
            <description><![CDATA[TL;DR Everything in the world depends on how people talked to each other. Politics, science, technology, products, families, parties, everything, absolutely everything is just an outcome of hundreds, thousands, or maybe millions of conversations. If you want to propagate something through the world, a product, a piece of art, an idea, you need to understand how human works and how the information flows through the human network.Community is deadly overhyped in web3Web3 is a very unique indust...]]></description>
            <content:encoded><![CDATA[<p>TL;DR Everything in the world depends on how people talked to each other. Politics, science, technology, products, families, parties, everything, absolutely everything is just an outcome of hundreds, thousands, or maybe millions of conversations. If you want to propagate something through the world, a product, a piece of art, an idea, you need to understand how human works and how the information flows through the human network.</p><h2 id="h-community-is-deadly-overhyped-in-web3" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Community is deadly overhyped in web3</h2><p>Web3 is a very unique industry: it talks about ‘community’ 24/7 but then almost no one has a community. How so?</p><p>If we think about products and we see community as a tool for product propagation into the world, we take community as a very clear mechanism of idea transportation.</p><p>Putting aside community for a moment, if we have a product and we want to sell it to our target user, the process is very straightforward:</p><ul><li><p>Understand who is the target user</p></li><li><p>Tell them about the product. Deal</p></li></ul><p>It will work, but if and only if the problem the product is solving is an emergency problem. Most of the products, especially in web3, are not solving emergency problems. So their adoption process is quite longer and somehow different.</p><h2 id="h-how-the-community-really-really-works" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">How the community really really works</h2><p>The idea of the product should be slowly propagated through the bubble around the target user so that the target user doesn’t feel that there is a company behind the product that is trying to manipulate them so that they buy the product. The target user should feel that it just happens to them. Starting using something new or changing one thing for another thing just happens to them. Not forced, not recommended, not pitched, just happens on its own.</p><p>Most people go with the flow. We do not have strong opinions (even though we think we do) and we hang out with people similar to us. So it is the target user’s friends who sell them the product in a way that they adopt it and do not feel forced.</p><p>But it’s obviously not about ambassador program. When a company hire an ambassador (any type of official representative) – for the target user it doesn’t matter if the company is selling on its own or there is some ambassador selling on behalf of it. It feels forced. It triggers resistance.</p><p>The community is not people on the discord server or in the telegram group. Furthermore, you can’t even count your community. Because your community are people talking about your product when you can’t hear them.</p><p>Most products do not have any community because no one really cares. These products will die sooner or later. Because it’s not enough to be able to build a great product one also should know how to make people care about it. How to make people talk about it behind the closed doors, at parties, in the small 10 people friends chats, on the forums, in little blogs, in the queues, in the club toilettes, everywhere where the target user lives – three people around them should care about the product.</p><p>If there is at least one person who cares about the product it already has chance to survive. The first person who cares is the person who created the product.</p><h2 id="h-what-does-it-mean-caring-about-the-product" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What does it mean: caring about the product</h2><p>Caring about the product doesn’t mean blindly pitching left and right. Even though this is exactly what most web3 founders do. They show up at the builder events, looking at them upside down and saying: hi you stupid builder use my product because it’s the best. And then the builder answers ‘fuck off’. Well in fact builders do not answer fuck off, they take free dinner and say ‘yes of course i will’ and then they never use it because they do not care.</p><p>Caring about the product means putting some time and attention into trying to use it and have some relationships with it. Do I feel like it is something that fits my life, helps in my goals, feels good, makes me happier. Does it have any meaningful positive impact on my life so that i will give up on something i have to use this another thing.</p><p>All our life is giving up on one thing on order to adopt another thing. But why would I even want to put efforts into trying to use the product and have some relationships with it? Because someone i trust, hang out with, like and belong to told me this is a cool thing.</p><h2 id="h-hiring-influencers-works-short-terms-but-does-not-work-long-term" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Hiring influencers works short terms but does not work long term</h2><p>Can i buy a lipgloss or a sex toy because Kim Kardashyan told it is cool? Yes, if it is a one time purchase that doesn’t require sticking to it.</p><p>If it is something where the target user and the product are expected to have long term relationships – these relationships should be real. Kim Kardashyan is not my friend. I do not expect her to tell on media what she thinks. But when I am at the five friend home party – I expect my friends there to tell what they think. Because this is what we want behind the closed doors with close people – we want to be real because holding the face all the time is exhausting.</p><p>Whatever our friends told us behind the closed doors at the five people home party is what we blindly trust. And this is exactly the place where the target user should meet the idea of the product for the first time. Then if the target user is target for real (i.e. the audience was defined properly) the sparkle will happen.</p><h2 id="h-how-to-bring-the-ideas-towards-the-closed-doors" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">How to bring the ideas towards the closed doors?</h2><p>Build for people you know. Build for people who hang out at the five people home party you are organizing. So that you do not really have to sell the product you will just share it with people to whom it is relevant.</p><p>Look I built this thing you can use it for this and that what do you think? And then SHUT UP AND LISTEN. When people are relaxed, chilling and vibing at the friend’s house – they probably will tell you what they think. And you just SHUT UP AND LISTEN. And see what happens. Maybe the product already fits good enough and those are your users and they will take the thing and propagate it further towards other closed doors. Maybe the product doesn’t really fit and they will tell you… mhm i do not really think i need it. Then maybe the target audience is wrong. Maybe the product wrapping of the initial idea is wrong. But this is something to continue working with.</p><p>If you are real, honest, and respectful with your potential target audience – they will help you, they will believe in you, and they will stick to you. Whatever we do – building products, solving geopolitical crises or making love – it is just a human talking to a human. And then based on the outcome of this convo things happen one way or another, or do not happen.</p><p>How your product moves through the world (unless your product is the worm virus) is the result of how people talked about your product with each other. People do not believe companies and c level, people do not want to hear about the product from them, people want to hear about the products from their friends and people hanging out at the same places.</p><h2 id="h-what-is-wrong-with-community-in-web3-everything" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What is wrong with community in web3 (everything)</h2><p>So many cool things were built in web3, from the most cypherpunk to the most degen stuff. But most of them died in github repos or surrounded themselves by synthetic communities of bots. Without finding people who will care for real. Because we think that community is any people and the more the better. While for community to work as a mechanism of propagating the product it should consist of people who care for real and the numbers do not really matter.</p><p>Stop normalizing bots and calling them community. Stop hunting 100k on discord. Stop taking number of the tweet views as a real KPI. Attention is nothing if next action doesn’t happen. And it doesn’t happen if one doesn’t care. Learn how to make people care, how to respect people, listen to people, how to be invited to the five friends home party behind the closed doors, how to organize your own party everyone wants to be invited to. Learn to be real because this is what sells your product. People feel the real sentiment behind the words and products we build. If we care – they care. But if we do not – no one will ever care.</p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/c4df060236be004e4400d86757f42ed4b35de87cd08e415a2b30fe42d5314cec.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[Care is the answer ]]></title>
            <link>https://paragraph.com/@lisaakselrod/care-is-the-answer</link>
            <guid>sjjyEAe5Gwn900ABzVvx</guid>
            <pubDate>Sat, 05 Jul 2025 11:31:48 GMT</pubDate>
            <description><![CDATA[TL;DR Caring is a social taboo, reluctance is the norm. But it’s not normal.Targeting the largest world problems is easyIt is very easy to spend life on solving global problems that are by definition unsolvable (e.g. global peace, aging, etc). It keeps us busy. It gives us a feeling that we are working on something really meaningful and important so we are superior over other people around. It is also a descent excuse not to think about small problems. It is an easy strategy where we are not ...]]></description>
            <content:encoded><![CDATA[<p>TL;DR</p><p>Caring is a social taboo, reluctance is the norm. But it’s not normal.</p><h2 id="h-targeting-the-largest-world-problems-is-easy" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Targeting the largest world problems is easy</h2><p>It is very easy to spend life on solving global problems that are by definition unsolvable (e.g. global peace, aging, etc). It keeps us busy. It gives us a feeling that we are working on something really meaningful and important so we are superior over other people around. It is also a descent excuse not to think about small problems.</p><p>It is an easy strategy where we are not accountable for outputs but double down on the fact that we are TRYING, we are on our way, we are on a mission. No responsibility, no outputs.</p><h2 id="h-what-really-matters-smaller-circle-of-20-people" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What really matters – smaller circle of 20 people</h2><p>A really hard thing is to be thoughtful and conscious about how our immediate physical presence in the world affects twenty people around. Not how we think it affects but how it affects for real.</p><p>If I take care of twenty people around. And each of them takes care of twenty people around (and so on). It covers all humanity around the world. So everyone is taken care of.</p><p>What does that mean to take care of someone? It means.. I see you. I have time and attention for you when you need. You can put your head on my shoulder any time you need without explaining why. You can always share what’s on your mind, your fears, happy moments, any moments. I am here for you and I never expect anything back. Whatever is happening – I am in it with you.</p><p>It’s not a one to one mapping. If I take care of you it doesn’t mean you should take care of me. But everyone should take care of twenty people around they feel like taking care of.</p><h2 id="h-social-dogmatism-all-relationships-are-strictly-defined-we-afraid-to-look-too-caring-or-attached" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Social dogmatism (all relationships are strictly defined) – we afraid to look too caring or attached</h2><p>Taking care is socially improper. Being too caring, too attentive, too warm, too sensitive, too touchy, too gentle, too sweet – all of that is socially improper and strongly condemned by the society.</p><p>All relations are strictly regulated according to social roles: the level of attachment, how close you can be, how often see each other, how to touch each other. Everything. For example, hugging a friend – very briefly, better almost without touching. Seeing a friend – once per week max if a very good friend. If an average/regular friend – not more often than once per month. Meeting an average friend more than once per month is pathetic one should be busy busy more busy than the average around otherwise how to feel superior?</p><p>The normalized behaviour is being cold, reluctant, busy, bla bla bla (you can tell me it’s not like that and you are busy for real but comm’n)</p><p>As our brains were trained like that, we are deadly afraid to look into eyes more than couple of seconds, to touch and be touched, to tell good sweet things to each other. Because what will people think? Even though believe me or not, people won’t think anything because they won’t think about you at all, neither will they think about me.</p><h2 id="h-relations-are-set-up-to-serve-the-right-image" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Relations are set up to serve the right image</h2><p>We rarely make decisions on ‘how it feels’. Most of the time, we make decisions from ‘how does it look like’ or ‘what do people around me think of it’.</p><p>As expected, we often get lives that look properly but feel dead. With people who fit by formal criteria but with whom we do not ‘vibe properly’. We do not really know each other and see each other. As a consequence – we can’t take care of each other. As a consequence, our life turns into some type of coliving with random strangers even if formally we have binding documents proving that they are not random. Weird, I know, but does it make any sense?</p><h2 id="h-fear-of-rejection-being-laughed-at-or-condemned-for-feeling" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Fear of rejection, being laughed at or condemned for feeling</h2><p>Modern society set up quite a robust defence mechanism to prevent people from being sensitive to each other and reality overall. The only way to overcome it is not giving fuck at all about what people think. Which can come either from high consciousness or extremely poor social skills. Or maybe both =)</p><p>Imagine you tell a person of another gender ‘ah that was so nice meeting you, i feel a real connection’ and they answer ‘I HAVE A BOYFRIEND’ and you didn’t really mean anything like that at all. But feels kinda a bit embarrassing. Or very embarassing.</p><p>There is some middle ground between not trying to connect at all and connecting to everyone who looks fun – being sensitive to the reality and people around. Trying to sense empathically what is the comfortable personal space, what is the type of physical touch that feels comfortable and safe for a particular person in a particular environment. There is no rule for it and no algorithm. It’s just about being sensitive and attentive and trying to see someone, to see for real.</p><p>Another life aspect strictly controlled and condemned by the society – joy and pleasure. I mean real joy and pleasure. Not just fine or okay, but things that feel really really really good.</p><p>We try to impress, to meet expectations, to satisfy, but we rarely try to just make something that feels good. Not good overall but good for this particular human in this particular context. Feeling pleasure is vulnerable cuz sense of pleasure is relaxing and it puts armouring off.</p><h2 id="h-control-is-scam" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Control is scam</h2><p>We want control over people around to protect personal area and boundaries. We think that we need more space. We want control over our relations with people. We treat our relations with people as projects on the trello board. But hear me out: authentic connection and control are incompatible. Control is a matter to create relations that have a proper image.</p><p>The matter for connection is trust. One can’t force the connection. It happens voluntarily on both sides. It relies on trust. Trust and control are incompatible. Trust is real. Control is illusionary.</p><h2 id="h-the-rise-of-psychotherapy-and-indivisualism" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">The rise of psychotherapy and indivisualism</h2><p>We say ‘I am fine’ or ‘I am okay’ even when we are not fine and not okay. It all circles back to the control: we want to control how people see us, what they think about us. We want to look strong and not to long vulnerable otherwise.. i have no clue what happens otherwise my best guess is that nothing happens otherwise and control is a scam (worse than memecoins). But most people probably won’s agree with me on that.</p><p>This is a topic for another blog post, but briefly speaking… otherwise we’ll disappoint people and they will leave us or cancel us or do something else that will make us feel socially excluded. And life is over. The point is that if that happens – life probably will become better because social manipulations are a control tool and control is scam. It gives illusion of security but security is also scam. How one human can have control over the endless university? Every second the worst thing in the world might happen. Also infinity of things that we can’t imagine might happen too. We do not have any control. We can build up an illusion of control at cost of disconnection from the world. But this is probably a separate topic.</p><p>Psychotherapy is a great tool for particular life cases. It saved quite a few of my close people, mostly in crises situation. But it’s not a magic pill. It encourages people to live self-centric and separated from the outer world. Psychotherapist will always approach the issue rationally while most (not all) of our problems are irrational and circle back to care, being seen, and loved. Psychotherapist will never see your essence but can charge $200 per week for 5-10 years till you work through all issues (whatever that means).</p><p>Sharing things with people is the way to connect to the world, feel belonging, feel love. What we think, how we feel, what’s on our mind, what’s on our soul. Talk to people around, share your world, connect. It won’t be always smooth. Sometimes it can be fucked up, we can get rejections, it might hurt. But on a lifelong timeline it’s worth it. Care about people around. Be attentive. Be gentle. Be warm.</p><h2 id="h-environments-of-modern-cities-do-not-make-it-better" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Environments of modern cities do not make it better</h2><p>To blame someone else except for the society and ourselves, we can also say that Olivia Lang was right and modern cities are built to make people lonely and separated from each other. But fuck cities. We objectively can’t rebuild them today. It circles back to solving huge unsolvable problems with zero accountability. Instead, just build small curated environments (for twenty people =) designed to bring people together, to encourage sharing, feeling comfortable and relaxed, joy, pleasure, and trust. Then the cities will be reshaped automatically. Or at least some tiny clusters inside of those cities. And then cluster by cluster… you know =)</p><h2 id="h-bonus-conspiracy-theory-stimulating-consumerism-we-love-capitalism-but" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Bonus conspiracy theory: stimulating consumerism (we love capitalism but)</h2><p>I do not how serious I am about this conspiracy but probably quite serious. In the 20th century, so many brands popped up that they needed to reshape the ‘consumer behaviour’ to force people to want more and consume more. So the concept of ‘happiness’ was introduced to chase it the whole life by wanting more and consuming more. Better suit, better house, better shoes, idk whatever.</p><p>To make people chasing happiness through consumerism, they should be basically unhappy and unsatisfied. For the sake of this, they should be somehow separated from joy and pleasure, from being cared and loved. So blame capitalism for this (a bit).</p><p>The easiest thing to feel love and connection is watching people into eyes a bit from time to time. It is free. No one has ever died because of it. Even several moments makes you feel happy. (ya it doesn’t work with every single person but there are enough humans around with whom it will work). And nevertheless we do our best to avoid eye contact longer than strictly necessary even with people who are formally our close people. So that we can stay unhappy and consume more stimulating the world GDP.</p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/852abdd99f790a6e2ddf7871127dbc826a15381f7dd3335ecb80a57cfed2c25d.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[Can we benchmark ZK-VMs and zkDSLs in 2025?]]></title>
            <link>https://paragraph.com/@lisaakselrod/can-we-benchmark-zk-vms-and-zkdsls-in-2025</link>
            <guid>a67oCg2QgdLBd16MZoDZ</guid>
            <pubDate>Sun, 29 Jun 2025 10:51:42 GMT</pubDate>
            <description><![CDATA[tl;dr Yes we can BUT for a very popular custom use cases such as proving Ethereum blocks. For everything else NO, we can’t.What does that mean: proving real-world use cases?We often think about ZK-VMs in analogy with regular computers: prove whatever. Any program. However, practically speaking, there is no such creature as ‘any program’. Let’s think about it: Generally speaking,Programs are written in different languages.Languages are compiled into different ISAs (for virtual machines).ISAs a...]]></description>
            <content:encoded><![CDATA[<p>tl;dr Yes we can BUT for a very popular custom use cases such as proving Ethereum blocks. For everything else NO, we can’t.</p><h2 id="h-what-does-that-mean-proving-real-world-use-cases" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What does that mean: proving real-world use cases?</h2><p>We often think about ZK-VMs in analogy with regular computers: prove whatever. Any program.</p><p>However, practically speaking, there is no such creature as ‘any program’. Let’s think about it:</p><p>Generally speaking,</p><ul><li><p>Programs are written in different languages.</p></li><li><p>Languages are compiled into different ISAs (for virtual machines).</p></li><li><p>ISAs are compiled further into the bytecode by different compilers.</p></li></ul><p>All of those language/compiler setups require their own tooling.</p><h2 id="h-can-we-prove-whatever" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Can we ‘prove whatever’?</h2><p>So ‘prove whatever’ means prove a program in any language. And this is important because if we want to bring ZKPs (or even vanilla SNARKs) into ‘the real world’, we can’t demand from the world to re-write all existing software in our custom language or even in rust.</p><p><strong>If we make a serious bet that ZKPs will be in high demand all over the world, we need to be able to prove Python, C, C++, C#, as well as Assembly, Ada, etc.</strong></p><p>Most existing ZK-VMs either want you to write in rust or in their custom language. So if I have a let’s say C++ program and I want to benchmark it on all existing proof generation solutions I need to either rewrite it in rust or custom DSL.</p><p>Yes, hypothetically I can compile C++ into risc v. But the goal of benchmarking is to compare the state of art performance of different solutions. So it doesn’t make any sense to compare a polished and optimized approach to an almost DIY approach.</p><p>But well.. what if the program we want to prove is optimized for 32-bit x86 ISA? Or even worth – what if it is C# program that targets its own Intermediate Language (IL)?</p><h2 id="h-compilers-compilers-and-compilers" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Compilers, compilers, and compilers</h2><p>If one day we see ZKPs becoming a mass market tech i.e. everything compiling into everything, we will need a lot of compilers. Building compilers is frustrating: it takes a lot of effort to build it and ensure it is secure, but at the same time it’s not a self-sufficient product. So it’s a half public good, half idk what. Reasonably compilers are usually built and maintained either by foundations or by commercial companies that need these compilers.</p><p>If one day we can prove the world, that zk tech adds billions/trillions value to the world – setting up and maintaining a foundation that will maintain variety of zk tooling is kinda doable. But we are very far from that point.</p><h2 id="h-no-tooling-no-proving" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">No tooling – no proving</h2><p>Most ZK-VM and zkDSL (frankly speaking all afaik), target one particular case of language —&gt; ISA —&gt; proof. If we want to deviate – we have to emulate. Emulation automatically means efficiency going down (have you ever run Linux on Mac?). But for an early stage technology such as SNARK generation the overhead is wild.</p><h2 id="h-so-general-purpose-zk-vm-is-a-psyop" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">So general purpose ZK-VM is a psyop</h2><p>And it’s fine.</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/e805ba552a5fcfb7c24c610f5e2d9d529de843314ef07a4eef13ab0ae052acee.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>ZKPs and SNARKs are still an emerging technology. It just starts to feel the ground under the feet. The fact that there is almost no tooling and 99% of things are still in the air is an absolutely expected state of environment.</p><p>However, it means that today we can’t predict or estimate which ZK-VM or zkDSL will be the most performant for real world proving. Unless… one is capable of connecting dots very early.</p><h2 id="h-predicting-the-future-connecting-the-dots" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Predicting the future, connecting the dots</h2><p>Today we have maybe 27 ZK-VMs and some amount of zkDSLs. As a thought experiment, assume we want to build something long-term (assume it will last at least for 10y) and it’s not written in rust or from scratch. We need to prove some already existing programs and we can’t rewrite them.</p><p>How will we make this choice? Bet on the team.</p><p>Try to understand of the team is even targeting long-term real world proving? Or is proving Ethereum blocks the endgame? (You do not know for sure, and teams do not know for sure, but if talking to them long enough you can sense a bit the sentiment).</p><h2 id="h-what-to-do" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What to do?</h2><ul><li><p>Wait 10 years till ZKPs and SNARKs are (maybe) more ossified and then build. Advantages – more certainty, disadvantages – losing the early mover advantage.</p></li><li><p>Find one particular use case and build custom proving for your particular use case (maybe partially reusing existing ZK-VM).</p></li><li><p>Try to build general purpose ZK-VM for real. Just think from scratch unrelated to blockchain what is the most optimal way to design ZK-VM architecture and will it ever be really general-purpose. (this is wild, no sane people will be down, luckily enough, there are some insane people around).</p></li><li><p>Look for the use cases that will be fine with rewriting the codebase.</p></li><li><p>Look for the use cases where code is already in rust.</p></li></ul><p>That list sounds kind of a bit depressive. That’s why I have one more suggestion.</p><h2 id="h-the-last-but-the-most-important-bet-on-the-teams-believe-in-them-and-cheer-them-up" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">The last but the most important: bet on the teams, believe in them and cheer them up</h2><p>Building ZK proving infra is hard, insanely hard:</p><ul><li><p>You are building state of art tech, you fail many times before things work and redo the same stuff several times in a row till it works properly.</p></li><li><p>You do not know if it ever pays back.</p></li><li><p>everyone tells you ‘damn one more zkvm lmao’.</p></li></ul><p>However, to build zk and snark applications we need to be able to generate proofs in a reasonable manner. Otherwise we just have to build ZK-VMs on our own and I am telling you it’s hard, so we better avoid it haha.</p><h2 id="h-takeaways" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Takeaways</h2><ol><li><p>Find teams you believe in (for your own reasons, because of how you have connected the dots) and tell them that you believe in them being the pioneer, being a long-term winner. Tell them you want to build with their tech, what you will build, how you see the long-term picture, how their tech powering your product will change the world. Even if all of that is still hypothetical, it gives energy and good vibes to continue working hard.</p></li><li><p>Do not fool the less educated crowd with benchmarking Fibonacci. Proving Fibonacci doesn’t tell you anything about proving real world programs. For most people who are not zk experts it’s not obvious. Do not fool them please. Let’s be honest with each other in the relations between zk infra builders and apps builders. We need each other to build long-lasting things that work.</p></li></ol><h2 id="h-for-zk-infra-providers" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">For ZK infra providers</h2><p>When you build ZK infra in blockchain, you can raise 100M+ rounds. When you build application-layer products you can’t. When you build app-layer products, you make a pre-seed / seed of several millions so that you have a team of 6 really good builders and approx 1.5y to build a prototype that works enough to validate the use case and raise money to build the production stage product.</p><p>If your tech doesn’t work but you say ‘come come build on us’ – you betray the builders. Meaning that they will run out of time earlier than they will be able to deliver working prototype. If you hope that apps will help you building libraries, tooling or whatever just because they need it – you betray the builders because they do not have time for anything else except for building prototype that works. They rely on your tech to be able to generate reasonable proofs. Be honest. Be honest with what is possible today for real.</p><p>p.s. If I did my own bet on long-lasting zk tech, from everything I see around, I would bet on <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://x.com/0xlita?s=21">Lita</a>, <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://x.com/irreduciblehw?s=21">Irreducible</a>, and <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://x.com/noirlang?s=21">Noir</a>. Because of how i connect the dots: teams, approaches to worm, sentiments in the air. That doesn’t mean I am right. It’s purely a very biased mostly intuitive personal opinion. But I want to support these teams and say: I believe in what you do and one day I want to build ZK apps using your tech. Because I really think it has all chances to be world-chaning.</p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/e7b1d90899b084afa626f37e9955fe4679e9aa51cc91c5fc2bcd3f77c90a7e24.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[I am here to last: What leads me forward every day]]></title>
            <link>https://paragraph.com/@lisaakselrod/i-am-here-to-last-what-leads-me-forward-every-day</link>
            <guid>VXQwIwKpVovzs6ze51v5</guid>
            <pubDate>Mon, 26 May 2025 15:04:56 GMT</pubDate>
            <description><![CDATA[I’ve recently told a friend that I feel very lonely when I realize how few people in the world share values similar to mine. He asked me ‘what values’ and I couldn’t pack the answer into a concise telegram message. So here we are: a glimpse into my vision, feeling, and understanding of the world interface. Disclaimer: values might change and it’s fine.RespectThe default respect to everyone’s personal experience, background, and individuality. Deep internal respect to personal space, way of th...]]></description>
            <content:encoded><![CDATA[<p>I’ve recently told a friend that I feel very lonely when I realize how few people in the world share values similar to mine. He asked me ‘what values’ and I couldn’t pack the answer into a concise telegram message. So here we are: a glimpse into my vision, feeling, and understanding of the world interface.</p><p>Disclaimer: values might change and it’s fine.</p><h2 id="h-respect" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Respect</h2><p>The default respect to everyone’s personal experience, background, and individuality. Deep internal respect to personal space, way of thinking, way of feeling, way to do things, occupations, hobbies, habits, choices, traumas, pains, dreams, beliefs. For colleagues, friends, partners, kids, families, employees, bosses, students, everyone. Just some basic respect for a human being you meet.</p><h2 id="h-democracy" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Democracy</h2><p>People having enough agency to choose how they will live and make it happen. Ability to question things, talk respectively to those completely different, building and maintaining institutions that ensure democracy is long lasting, considering needs, wants, and desires of different groups and layers, ability to change the society and institutions according to current needs of humans and general sentiments.</p><h2 id="h-agency" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Agency</h2><p>Taking responsibility for what we do, how we do, why we do, and all the consequences of our actions. Being able to act and respond to change things we do not like or do not feel right about, expressing unpopular opinions and oppose the vast majority, stand for things we believe in.</p><h2 id="h-sincerity" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Sincerity</h2><p>Fuck the games and manipulations. It is the easiest way to live because of control illusion and ego feeding, but it never leads to huge results, discoveries, and happiness. The main building element (of relations, tech companies, arts, and most other things) is genuine trust. Because only when people trust each other they can relax in the process they share. When people can relax – the amount of resources at their disposal goes up orders of magnitude, because no need to control, no fears, no doubts, just build and deliver cool shit. Sincerity is one of the coolest cheat codes in the modern world of optimizations, efficiency, and utility. Sincerity is impossible to oppose. There is no real need to hold the face – you can think of it as marketing to sell more stress. Tell whatever we think, whatever we feel, provide reasoning of why we do or don’t do particular things, be respectfully direct and gently honest.</p><h2 id="h-accountability-and-commitment" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Accountability and commitment</h2><p>Just god damn do what we told we would do. Answering a message, showing up for a birthday, paying on time, delivering outputs, etc. If we can’t do – we say we can’t do. If we are not sure – we say we are not sure. If we failed – we say that god damn we fucked everything up and it is our responsibility.</p><h2 id="h-thoughtfulness" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Thoughtfulness</h2><p>Most things in the world are not obvious, not black and white and on the surface (even though some things are exactly there). Being very open minded and deep thinking to understand how the world works, how to build things today that will fit the world in ten years. Thinking, questioning, considering, reconsidering, learning. Thinking again. Thinking again. Openly admitting we were wrong. Many times in a row if needed. Connecting the dots between the domains that should never be connected. Looking for answers in the most hopeless corners. Betting on the things that should never work out by all logical means.</p><h2 id="h-long-term-effects" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Long-term effects</h2><p>Every action, word, thought and in fact even intention affects the world and people around. We will occasionally die and the world will still be here full of other human beings. We should think about what we will leave them.</p><h2 id="h-collectiveness-and-care" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Collectiveness and care</h2><p>Taking care of people around is nice. Checking on them, being sensitive and responsive to how they feel, what’s happening in their lives is nice. Doing things together is nice. Being kind and caring for no reason is nice. Being gentle and caring without expecting anything in return is the way for prospering society and the world all in all. Not everyone got in the lottery great loving family or socially and physically secure citizenship. Not everyone is great and lucky in building relationships and starting families. Taking care of each other without being ‘officially’ close people is the way to go.</p><h2 id="h-ability-to-talk" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Ability to talk</h2><p>Sharing what’s on our minds to give people a glimpse into who we are and why we do what we do. At the same time trying to understand who are the one we are talking to and why they do what they do. Then we’ll meet in the middle. Being open to talk to people we do not agree with. Being fearless to talk our own opinion while knowing that everyone in the room disagrees. Ability to talk even if scared that no one will understand and even if it might be painful.</p><h2 id="h-faith" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Faith</h2><p>In simple cases, logic works. In complex cases, logic fails. To create beautiful things (relationships, tech companies, formulas, arts, etc.) – we need to trust intuition and believe in the impossible. Every new era of industry, relationships, humanity, is not a step-by-step process. It’s a jump into the dark area out of faith. Relying on some internal feeling that this is the right thing to do and this is the right moment. I do not know how this works but it works. I tend to think that with high probability we just pull outstanding things out of more multi dimensional space (ref to the String Theory) where they are normal. But can’t know for sure. So tl’dr faith in impossible and trust the intuition.</p><h2 id="h-love" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Love</h2><p>Love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love love. Live with an open heart. Being sensitive and responsive. Connecting to human being around and allowing human beings to connect to us. Not being afraid of pain and being hurted. It’s fine, we won’t die. Pain is part of the world. Loving. Touching. Hugging. Caring. Being gentle. Being kind. To friends, to relatives, to colleagues, to families, to neighbours, to peers, to bros, to pretty much everyone we meet every day. Not because it’s the right thing to do. But because it feels good.</p><h2 id="h-truth" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Truth</h2><p>Sometimes truth is subjective, but in most cases it’s not. Seeing and admitting the truth is often painful because people like thinking about themselves as very nice, polite, kind creatures with good intentions. Admitting truth often means admitting that we are jealous, mercantile, ego-driven animals. It’s not pleasant to think of ourselves like this. However, there are certain things that are impossible under the layer of illusions. For example, building game-changing innovations. Because to do it – one must see and feel the reality as is and be extremely responsive to it.</p><h2 id="h-fuck-consumerism" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Fuck consumerism</h2><p>If something can be consumed – it doesn’t mean it should be consumed. The ‘trick’ is in choosing things that fit the most. A job that is ok but not really what I want is the dream job of someone else. If I take it now – they won’t have a chance. A boyfriend that is ok but not really the one I genuinely like is the dream boyfriend of someone else. If I take him now – the one who would be really happy to have him won’t have him. The same with everything else. The more the better is the consumeristic illusion hired to make people want more, stay depressed and chase ‘happiness’ all the way down. It doesn’t work.</p><h2 id="h-chill" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Chill</h2><p>At the end of the day we have little to zero control over the world. Even though we prefer to think that we do have control and impact things. But control is an illusion. How the world will evolve in the next second depends on trillions of factors most of those we can’t even imagine. Now if we agree that things can’t be controlled – let’s stop even trying to control it (waste of time, mood, and energy) – and just chill.</p><h2 id="h-pleasures" class="text-3xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Pleasures</h2><p>Despite all highly serious and proper words that I have seen above – the heart of this life is just joy. Physical joy, emotional joy, mental joy, soul joy, and any other joy you can come up with. Tons of small pleasures just because it feels good. Food, sleep, touching people, music, books, arts, poetry, sex, food, gorgeous food, sports, skin sensations, movies, parties, nature, whatever feels good, in the amounts that feel good, in the context that feel good.</p><p>With love, Lisa</p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/6be37fa01b3949c47c7b8a47f78bae76c54c3c491c6f9cb5b7ebc57cbe16561d.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[An incomplete guide to ciphers]]></title>
            <link>https://paragraph.com/@lisaakselrod/an-incomplete-guide-to-ciphers</link>
            <guid>3zv6icfggOuBvjCqbNk2</guid>
            <pubDate>Wed, 21 May 2025 20:24:03 GMT</pubDate>
            <description><![CDATA["Cryptography is serious, with ideas often hard to understand. When we try to explain them with cartoons and cute narratives, I don’t think we make our contributions easier to understand. What we actually do is add in a layer of obfuscation that must be peeled away to understand what has actually been done." P. Rogaway, the paper “The Moral Character of Cryptographic Work” Disclaimer: this write up mostly relies on the legendary Dan Boneh’s course “Cryptography I”. If you have time – watch th...]]></description>
            <content:encoded><![CDATA[<p><em>&quot;Cryptography is serious, with ideas often hard to understand. When we try to explain them with cartoons and cute narratives, I don’t think we make our contributions easier to understand. What we actually do is add in a layer of obfuscation that must be peeled away to understand what has actually been done.&quot;</em></p><p><em>P. Rogaway, the </em><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://web.cs.ucdavis.edu/~rogaway/papers/moral-fn.pdf"><em>paper</em></a><em> “The Moral Character of Cryptographic Work”</em></p><p>Disclaimer: this write up mostly relies on the legendary Dan Boneh’s course “<a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://crypto.stanford.edu/~dabo/courses/OnlineCrypto/">Cryptography I</a>”. If you have time – watch the course. Otherwise, continue reading.</p><p>TL;DR</p><p>This article explores basics of ciphers, discovering and explaining its ingredients to provide the reader with some understanding of the topic in a structured way. It first gives a bunch of definitions to ensure we’re on the same page. Then it defines what is a cipher, where we can see them in blockchain and what are the core cipher types. The next section provides some intuition of how to think about cipher security. Finally, it tells a bit about the most popular attacks. The icing on the cake – the key exchange protocols that are an essential component of almost any cipher bur are considered a black box up to the last section.</p><h1 id="h-introduction" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Introduction</h1><p>Even though we usually speak about cryptography in the blockchain context, the cryptography started outside blockchain and is currently everywhere: securing communication (e.g., encrypting web traffic, wifi connection, cell phone, bluetooth, etc.), encrypting files on disk, protecting contents (e.g., DVD or Blu-ray), user authentication (e.g., elections and auctions), and many more.</p><p>Cryptography is a tremendous tool but it is not a solution for all security problems.</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/b4b9c3bed76ca26443dc94ed5c8e69b9adf59c5cf499105a90983d6dafd9a767.gif" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>For example, cryptography does not secure us from software bugs or social engineering attacks. Correct implementation is a part of cryptography security: that is, even if the cryptographic construction is absolutely secure the improper implementation can easily break the security.</p><h1 id="h-contents" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Contents</h1><p>In this article, we will mostly talk about secure communication case and will cover both establishing shared secret key and data transmission.</p><ul><li><p>Introduction</p></li><li><p>Definitions</p></li><li><p>What is a cipher</p></li><li><p>Ciphers in blockchain</p></li><li><p>Types of ciphers</p><ul><li><p>1. One Time Pad (OTP) Cipher</p></li><li><p>2. Stream Cipher – a modification of OTP</p></li><li><p>3. Block Cipher</p></li><li><p>PRP examples</p><ul><li><p>DES</p></li><li><p>3DES</p></li><li><p>AES</p></li></ul></li><li><p>Using Block Ciphers</p><ul><li><p>CBC (Cipher Blockchaining Mode)</p></li><li><p>CTR (the Counter Mode)</p></li></ul></li><li><p>Cipher security</p></li><li><p>4. MAC ciphers</p></li></ul></li><li><p>Keys: one-time keys vs many-time keys</p></li><li><p>Types of attacks</p></li><li><p>Key Exchange</p></li><li><p>Data Encryption Standard and conclusions</p></li><li><p>Sources</p></li></ul><h1 id="h-definitions" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Definitions</h1><p>Disclaimer: the definition list quit long, however, there is no need to read it all. Just check that the listed words are familiar to you so it will be easy to understand the main part of the article. If some word sounds a bit vague – check the explanation =)</p><ul><li><p>Message – a piece of data one party is sending to another party.</p></li><li><p>Plaintext – unencrypted message readable for a human. Message and plaintext can be considered to mean the same thing.</p></li><li><p>Ciphertext – message encryption performed on plaintext using an algorithm, called a cipher.</p></li><li><p>Least significant bit (LSB) – the rightmost bit in a binary number representation.</p></li><li><p>Most significant bit (MSB) – the leftmost bit in a binary number representation.</p></li><li><p>Block – fixed-length group of bits.</p></li><li><p>Adversary – a malicious entity whose aim is to prevent the users of the cryptosystem from achieving their goal (primarily privacy, integrity, and availability of data).</p></li><li><p>Active Adversary – a much more highly skilled cyber criminal, possibly with sophisticated software and networking skills, who will gain entry to the systems, possibly lay dormant for a period of time, and wait for opportunities to target code or execute scripts that prevent themselves from being detected while they look for and exfiltrate higher value data and assets. In our case, we assume an adversary to be active if their goal is message modification (tampering) not just eavesdropping.</p></li><li><p>Symmetric encryption – two parties share the same secret key $$k$$, and there are two algorithms: encryption algorithm $$E$$ and decryption algorithm $$D$$. $$E$$ takes as inputs the message $$m$$ and the key $$k$$ and produces a cipher $$c: E(m,k) = c$$. $$D$$ takes as inputs the cipher $$c$$ and the key $$k$$ and decrypts the message $$m: D(c,k) = m$$. The algorithms $$E$$ and $$D$$ are publicly known.</p></li><li><p>Asymmetric encryption (public key encryption) – uses pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic algorithms based on mathematical problems termed one-way functions.</p></li><li><p>Secret key (private key) – in symmetric cryptography, a piece of information, usually a string of numbers or letters, which, when processed through a cryptographic algorithm, can encode or decode cryptographic data.</p></li><li><p>Public key – used to encrypt data securely before it is sent over the internet.</p></li><li><p>One-way function – a function that is easy to compute on every input, but hard to invert given the image of a random input.</p></li><li><p>Key space – the set of all valid, possible, distinct keys of a given cryptosystem.</p></li><li><p>Confidentiality – the attacker can’t know anything about what messages are communicated.</p></li><li><p>Integrity – ensuring that information remains unaltered and free from tampering.</p></li><li><p>Alice and Bob (sometimes Alice, Bob, and Eve) – fictional characters commonly used as placeholders in discussions about cryptographic systems and protocols, and in other science and engineering literature where there are several participants in a thought experiment.</p></li><li><p>Deterministic algorithm – an algorithm that, given a particular input, will always produce the same output.</p></li><li><p>Randomized algorithm – an algorithm that employs a degree of randomness as part of its logic or procedure.</p></li><li><p>Efficient algorithm – the algorithm runs within the polynomial time.</p></li><li><p>$$XOR$$ – mod 2 addition. For the goals of this article, we should keep in mind that (i) $$a ⊕ b = b ⊕ a$$, (ii) $$x ⊕ x = 0$$, (iii) $$x ⊕ 0 = x$$.</p></li></ul><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/a98e969f6f316e20afafa00d4b0a59e5e95adeb58b764cfa822b070401a37256.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><ul><li><p>Permutation – rearrangement of elements.</p></li><li><p>Padding – adding data to the beginning, middle, or end of a message prior to encryption. It can be used to prevent an attacker from knowing the exact length of the plaintext message, to achieve a specific required message length, etc.</p></li><li><p>Dummy block – a block which contains only padding bytes. It can be used as a signal for decryptor of how many padded bytes should be removed.</p></li><li><p>Negligible and non-negligible probability – while talking about ciphers’ security, we often refer to negligible and non-negligible probability. Negligible can be informally explained as a very very small. However, there is no specific universal number of what is very very small. It depends on the one who defines and the specific case.<br>In practice, we say that the scalar ε is negligible if $$ε ≤ 2^n$$, where $$n$$ can be 30 or 80 or other number. By “depending on the case”, we mean that something (like collision) shouldn’t happen over the key life for a specific cipher.</p></li><li><p>Nonce – a unique value that doesn’t repeat during the whole key life. Note, there is no requirement for nonce to be random.</p></li><li><p>Probability distribution – the probabilities of occurrence of different possible outcomes.</p></li><li><p>Uniform probability distribution – every possible outcome has an equal likelihood of happening.</p></li><li><p>Theorem: if $$Y$$ is a random variable arbitrary distributed (i.e. we know nothing about its distribution) over $${0,1}^n$$ and $$X$$ is an independent (from $$Y$$) random variable uniformly distributed over $${0,1}^n$$ then $$z = x ⊕ y$$ is a uniformly distributed random variable over $${0,1}^n$$. This $$XOR$$ property low-key explains why cryptographers like using $$XOR$$.</p></li><li><p>The birthday paradox: let $$r_1,…,r_n∈U$$ be <em>independent</em> identically distributed random variables, then when $$n = 1.2 * U^{1/2}$$, $$Pr[∃i≠j: r_i = r_j] ≥ 1/2$$. That is, if one samples $$1.2 * U^{1/2}$$ variables from the set, the probability that two of them will be the same is larger than $$1/2$$.</p></li></ul><p>That was a bunch of definition that are good to know to move further to meet ciphers!</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/c7473805e72ff9da6decf6108f0984405be0285c21ad786ae434777b6da5cbc5.gif" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><h1 id="h-what-is-a-cipher" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">What is a cipher</h1><p>A cipher, defined over $$(K, M, C)$$ where $$K$$ is the set of all possible keys, $$M$$ is the set of all possible messages, and $$C$$ is the set of all possible ciphers, is a pair of “efficient” algorithms $$E$$ and $$D$$, where $$E: K × M → C$$ and $$D: K × C → M$$ such that $$∀m ∈ M$$ and $$∀k ∈ K: D(k, E(k,m)) = m$$.</p><h1 id="h-ciphers-in-blockchain" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Ciphers in blockchain</h1><p>As we told in the introduction – cryptography is everywhere and ciphers are everywhere. For a more specific example, we should mention hash functions (e.g. SHA256) and digital signatures (e.g. ECDSA) that deal exactly with ciphers. Furthermore, new specific ciphers are constructed on a regular basis to be more efficient or provide specific properties. For example, a while ago the Poseidon hash function was suggested as a zk-specific one.</p><h1 id="h-types-of-ciphers" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Types of ciphers</h1><p><em>Note: ⊕ is a notation for XOR.</em></p><h1 id="h-1-one-time-pad-otp-cipher" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">1. One Time Pad (OTP) Cipher</h1><ul><li><p>$$M = C = K = {0,1}^n$$, that is, the message, the cipher, and the key are a string of the same n-bit length.</p></li><li><p>$$c = E(k,m) = k ⊕ m$$<strong>.</strong></p></li><li><p>$$m = D(k,c) = k ⊕ c$$<strong>.</strong></p></li><li><p>To prove that the One Time Pad Cipher is consistent, check if $$D(k, E(k,m)) = m$$. $$D(k, E(k,m)) = D(k, k ⊕ m) = k ⊕ (k ⊕ m) = (k ⊕ k) ⊕ m = 0 ⊕ m = m$$. So, the OTP cipher is consistent.</p></li><li><p>The advantage of OTP is that encryption and decryption are really fast. The disadvantage is that the ciphertext is as long as the plaintext.</p></li></ul><h1 id="h-2-stream-cipher-a-modification-of-otp" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">2. Stream Cipher – a <strong>modification of OTP</strong></h1><ul><li><p>Uses a pseudorandom key instead of a random key.</p></li><li><p>A pseudorandom generator (PRG) is a function $$G: {0,1}^s → {0,1}^n$$ with $$n &gt;&gt; s$$. That is, the function $$G$$ maps an s-bit string (a seed space) into an n-bit string (an output) where n is much much larger than s and an output looks random. PRG can also include a nonce.</p><p>Using PRG, one can have a small key $$k$$, but using the algorithm $$G$$, $$G(k)$$ will be of the same length as the message:</p></li></ul><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/fd576d0f33904b12ee16111887278f45c53d200070f9981089a21e0964ea66a9.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><ul><li><p>The function $$G$$ should be deterministic, efficient and unpredictable. By unpredictable, one means that given the first i bits of $$G(k)$$, it is impossible to predict any single other bit of $$G(k)$$.</p><p>Stream Cipher security directly depends on the PRG security. For PRG to be secure, the distribution of its outputs should be indistinguishable from the uniform distribution. In other words, it means that the PRG output looks random.</p></li></ul><p>Going back to the Stream Cipher:</p><ul><li><p>$$c = E(G(k),m) = G(k) ⊕ m$$<strong>.</strong></p></li><li><p>$$m = D(G(k),c) = G(k) ⊕ c$$<strong>.</strong></p></li><li><p>A modern example of a Stream Cipher is Salsa 20: $${0,1}^{128/ 256} × {0,1}^{64} → {0,1}^n$$ where $${0,1}^{128/ 256}$$ is the seed, $${0,1}^{64}$$ is the nonce, and $${0,1}^n$$ is the ciphertext. Salsa 20 takes two inputs: the key $$k$$ and the nonce r and adds counter. $$Salsa \ 20 = H(k, (r,0)) || H(k, (r,1)) || …$$ where $$H$$ can be described as following:</p></li></ul><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/b9c68ad866b33213e6f29db42498b3703bda859fe0f29393f45098664bebbd08.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>$$h$$ is an invertible function, and 𝜏 are some pre-defined constants.</p><h1 id="h-3-block-cipher" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">3. Block Cipher</h1><ul><li><p>A pair of algorithms $$(E, D)$$ that take an n-bit input and produce an n-bit output using a k-bit key $$k: E(k,m) = c$$, $$D(k,c)=m$$.</p></li><li><p>Block cipher works by iteration. In particular, it takes key $$k$$ as an input and expands it into $$n$$ keys. Then it iteratively uses the round function $$R(m_{n-1},k) = m_n$$.</p></li></ul><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/01f70eff33a353d863aa0244a32dd11e687fe1f63fcceaa4b94ba3fd37a4cc00.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>To understand the construction of block cipher, we need to introduce PRF and PRP – Pseudo Random Function and Pseudo Random Permutation</p><ul><li><p><strong>Pseudo Random Function (PRF)</strong> defined over $$(K,X,Y)$$ where $$K$$ is the key set, $$X$$ is the input set, and $$Y$$ is the output set, is the function $$F: K×X→Y$$ such that there exists an efficient algorithm to evaluate $$F(k,x)$$.</p><p>PRF can be used to construct PRG. For example, $$G(k) = F(k,0) || F(k,1) || … || F(k,t)$$.</p></li><li><p><strong>Pseudo Random Permutation (PRP)</strong> defined over $$(K,X)$$ where $$K$$ is the key set, and $$X$$ is the input and output set is the function $$E: K×X→X$$ such that (i) there exists an efficient deterministic algorithm to evaluate $$E(k,x)$$, (ii) the function $$E(k,⋅)$$ is one-to-one, and (iii) there exists an efficient inversion algorithm $$D(k,y)$$.</p><p>Formally, PRP is a PRF where $$X = Y$$ and the function is efficiently invertible. And any secure PRP is a secure PRF whenever the set $$X$$ is sufficiently large.</p></li></ul><h1 id="h-prp-examples" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">PRP <strong>examples</strong></h1><p>A couple of pretty widely known <em>modern</em> examples of PRPs are <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://en.wikipedia.org/wiki/Triple_DES">3DES</a> and <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://en.wikipedia.org/wiki/Advanced_Encryption_Standard">AES</a>.</p><p>To describe 3DES, let’s first take a look at DES – the ancestor of the two PRPs mentioned above.</p><h3 id="h-des-the-data-encryption-standard" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0"><strong>DES: The Data Encryption Standard</strong></h3><ul><li><p>The DES basis is the Fesitel Network that takes $$d$$ arbitrary functions $$f_1,…,f_d: {0,1}^n → {0,1}^n$$ and constructs an invertible function $$F: {0,1}^{2n} → {0,1}^{2n}$$.</p></li></ul><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/e24adf8f3195ba88509fb32463894039aaaceb94cf4623bac8fe93f224b56d66.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>If $$f: K×{0,1}^n→{0,1}^n$$ is a secure PRF, then 3-round (with 3 different independent keys) Feistel $$F: K^3×{0,1}^{2n}→{0,1}^{2n}$$ is a secure PRP.</p><ul><li><p>DES is 16-round Feistel Network constructed with 16 arbitrary functions $$f_1,…,f_{16}$$ and 16 different independent keys (that are expanded from the initial key k):</p></li></ul><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/b535ed2c39b9a590371c3441e64d536196ac5efb10fbf91523d540a82d0a2115.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>To specify what is a round:</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/4ac2b08d1d6b1a38833da710998da7c7db9e70776c95a4ead774db1edce3d3ea.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><ul><li><p>Where $$E$$ is an expansion functions that maps 32-bit input into 48-bit output replicating and permutating the bits.</p></li><li><p>$$P$$ is the permutation functions that maps 32-bit input into 32-bit output.</p></li><li><p>$$s_i$$ is a function in a form of lookup table that maps 6-bit input into 8-bit output.</p></li></ul><h3 id="h-3des" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">3DES</h3><p>However, DES was easy to break by exhaustive search. In 1998, DES was broken by the “deep crack” Machine built by the Electronic Frontier Foundation (EFF) that cost $250k. In 2006, it was broken by 120 FPGAs that cost $10k. The core problem was 56-bit key that is too small in terms of the key set size – $$2^{56}$$.</p><p>To strengthen DES construction from the exhaustive search attack, the 3DES (the Triple Data Encryption Standard) was introduced. In 3DES the key length is 56*3=168 bits. So the key set contains $$2^{168}$$ elements that is already can’t be broken by the exhaustive search attack (at least today).</p><ul><li><p>Let $$E: K×M→M$$ be a block cipher.</p></li><li><p>$$3E: K^3 × M → M$$ as $$3E((k_1,k_2, k_3),m) = E(k_1, D(k_2, E(k_3,m)))$$.</p></li><li><p>3DES is 3 times slower than DES.</p></li><li><p>3DES is a <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://www.nist.gov/">NIST</a> standard.</p></li></ul><h3 id="h-aes-the-advanced-encryption-standard" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">AES (The Advanced Encryption Standard)</h3><ul><li><p>For modern hardware, 3DES was too slow, so the AES algorithm was introduced. It was adopted as a standard in 2000, has 128-bit block size and the key size can be 128-bit, 192-bit, or 256-bit long. The larger the key – the more secure the cipher, but at the same time the larger the key – the slower the cipher.</p></li><li><p>AES is based on the Substitution-Permutation Network:</p></li></ul><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/368dc7310b915d0328bb02249f92b27a479845cc428c88b21441c200fb72103a.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>The substitution and permutation layers include</p><ul><li><p><code>ByteSub()</code> function that is a 1-byte S-box (a 256-byte lookup table) applied to each byte of the input;</p></li><li><p><code>ShiftRow()</code> function cyclically shifts the rows (cyclically means that the first row is shifted by one position, the second row is shifted by two positions, etc.);</p></li><li><p><code>MixColumn()</code> function that applies a linear transformation to each column;</p></li><li><p><code>AddRoundKey()</code> function is used to map an initial 16-bit key into 11 keys $$k_0,…,k_{10}$$, 16-bit long each.</p></li></ul><h1 id="h-using-block-ciphers" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Using Block Ciphers</h1><p>Block cipher mode is an algorithm that uses a block cipher to provide information security such as confidentiality or authenticity.</p><p>Two widely-known cipher modes are CBC (Cipher Blockchaining Mode) and CTR (the Counter Mode). Below we are exploring them in more details.</p><h3 id="h-cbc-cipher-blockchaining-mode" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">CBC (Cipher Blockchaining Mode)</h3><ul><li><p>Let $$IV$$ be unpredictable and randomly chosen from $$X$$ and $$(E,D)$$ be a PRP.</p></li></ul><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/84076137c158454d83c55befd168413d85bb4fbc4934b2c8992054eb6e02360a.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><h3 id="h-ctr-the-counter-mode" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">CTR (the Counter Mode)</h3><p>Let <em>$$F$$</em> be a secure PRF, $$F: K×{0,1}^n → {0,1}^n$$.</p><p>The CTR works as following:</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/c864ccdc8b0abea6027129d01f2d7eaffa418f1708ba5864a5f7c91e53100eb7.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>Note: unlike CBC, CTR is parallelizable that allows to accelerate the encryption if having several hardware machines.</p><p>In modern world, CTR is more popular and widely-adopted than CBC because it is superior over CBC by all criteria:</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/6864b3094f69d40ab0c679436d08c1a252f5239f7d61a4565a95eb605f598938.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><h1 id="h-keys-one-time-keys-vs-many-time-keys" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Keys: one-time keys vs many-time keys</h1><p>One-time key is used only once to encrypt only one message. Hence, the adversary sees only one ciphertext encrypted with a particular key.</p><p>When we use the key many times (many-time key) – the adversary sees many ciphertexts encrypted with the same key. That if used in a trivial way might lead to some attacks such as chosen plaintext attack (check the section “Types of Attacks” to learn more.)</p><p>There are several ways to mitigate the risk of many-time key exploit:</p><ol><li><p>Randomized ecnrytption: encrypting the same message twice will give different results thanks to adding some random bits. In this case, the ciphertext will be larger than the plaintext.</p></li><li><p>Nonce-based encryption: instead of taking two inputs $$k$$ and $$m$$ such that $$c = E(k,m)$$ the encryption algorithm now takes three inputs, $$k$$, $$m$$, and $$n$$, where $$n$$ is the nonce, such that $$c = E(k,m,n)$$ and the pair of $$(k,n)$$ never repeats.</p><p>Nonce can be used as a counter (0, 1, 2, 3, …), then there is no need to provide nonce for decryption, as both parties (encrypting and decrypting) can have the same counter.</p><p>As another approach – nonce can be randomly picked from a nonce set though then the set should be large enough so that the nonce won’t repeat within the key life.</p></li></ol><p>One should mention that even though the many-time key can be used many times it doesn’t mean infinitely many times. Depending on specific security assumptions, the many-time key still should be changed. For example, in AES, the key should be changed after each $$2^{48}$$ blocks and in 3DES after each $$2^{16}$$ blocks.</p><h1 id="h-cipher-security" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Cipher security</h1><p><em>Disclaimer: One might say that security consists of confidentiality (the ciphertext does NOT disclose anything about the plaintext) and integrity (NO data modification is possible). However, there are use cases when only of them is necessary. So, there can be different ciphers that provide only confidentiality or only integrity or both of them.</em></p><h3 id="h-confidentiality" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Confidentiality</h3><ol><li><p><strong>Perfect secrecy</strong>: the ciphertext reveals no information about the plaintext, in other words, no eavesdropping is possible. Formally, a cipher(E,D) has perfect secrecy if $$∀m_0,m_1∈M$$ that the attacker can really exhibit explicitly such that $$len(m_0)=len(m_1)$$ and $$∀c∈C$$, $$Pr[E(k,m_0)=c] ≈ Pr[E(k,m_1)=c]$$ where k is uniformly distributed over K and ≈ stands for “computationally indistinguishable”. To calculate this probability, for any given message $$m∈M$$ and cipher $$c∈C$$, the probability that m is mapped into c is number of $$k∈K$$ such that $$E(k,m) = c$$ divided by total number of $$k∈K$$.</p></li><li><p><strong>Semantic Security</strong>: there are two parties, a challenger and an adversary. The adversary sends the challenger two messages, $$m_0$$ and $$m_1$$. The challenger encrypts one of them and sends it back to the adversary. The adversary is expected to tell which of the messages was encrypted.</p></li></ol><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/4348e6370c43d234304aeff7e47bd7277d34a7411301b623fc89bcbf75187d00.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>for $$b = 0, 1: W_b := [event \ that \ EXP(b) = 1]$$</p><p>If an adversary cannot guess with better probability than $$1/2$$, then we say that the cipher is semantically secure.</p><p>To clarify the difference between perfect secrecy and semantic security, perfect secrecy implies that the cipher text is impossible to break, whereas semantic security implies that cipher text is infeasible to break with high probability.</p><h3 id="h-integrity" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Integrity</h3><p>To provide message integrity, one uses MAC – Message Authentication Code consisting of two algorithms $$(S,V)$$ where $$S$$ is the signing algorithm and $$V$$ is the verification algorithm.</p><p><em>Note: MAC provides only integrity without confidentiality.</em></p><ul><li><p>The sender generates a tag: algorithm $$S$$ takes message $$m$$ and key $$k$$ as inputs and produces a ‘short’ tag: $$tag ← S(k,m)$$;</p></li><li><p>The sender sends the message and the tag to the second party;</p></li><li><p>The second party applies the tag verification algorithm to check that the message wasn’t tempered: $$V(k,m,tag) =$$ “yes” or “no”.</p></li></ul><p>Secure MAC means that the attacker (i) can’t produce a valid tag for a new message, (ii) given a pair of a message and a tag $$(m,t)$$, the attacker can’t produce a pair $$(m,t’)$$ for $$t ≠ t’$$.</p><h3 id="h-collision-resistance" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Collision Resistance</h3><ul><li><p>Let $$H$$ be a hash function $$H: M→T$$ where $$|M| &gt;&gt;|T|$$.</p></li><li><p>A collision for $$H$$ is a pair $$m_0, m_1 ∈ M$$ such that $$H(m_0)=H(m_1)$$ and $$m_0≠m_1$$.</p></li><li><p>A function is collision resistant if it is “hard to find” collisions for this function.</p></li></ul><h1 id="h-4-mac-ciphers" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">4. MAC ciphers</h1><p>MAC provides integrity only (no confidentiality).</p><ul><li><p>A secure MAC can be constructed using secure PRF, then the signing algorithm $$S(k,m) = F(k,m)$$. Hence, AES is a MAC for 16-byte messages.</p></li><li><p>For “arbitrary” large messages, CBC-MAC (often used in banking system for provide integrity for account transfers) and HMAC (often used in internet protocols such as SSL) are the most widely-used. In particular, they convert small PRF into large PRF and then use it to construct MAC.</p></li></ul><h3 id="h-encrypted-cbc-mac-ecbc-consequent-construction" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Encrypted CBC-MAC (ECBC) – consequent construction</h3><ul><li><p>Let $$F$$ be a PRP, $$F: K×X→X$$;</p></li></ul><p>The ECBC works as following</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/2d958ddef886db499bc7fccc2ea3f52f1e83e4d7f7a7ba566f710a7044cce23b.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>where a new PRF takes a pair of keys $$(k, k_1)$$ and an arbitrary long message $$X$$. It then splits this message into blocks of equal size $$m[0], m[1], …,$$ apply function $$F$$ consequently to each block, XORing the result of the step $$n-1$$ with $$m[n]$$ and using it as an input to a new iteration of function $$F$$.</p><h3 id="h-pmac-parallel-construction" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">PMAC – parallel construction</h3><ul><li><p>Let $$F$$ be a PRP, $$F: K×X→X$$;</p></li></ul><p>The PMAC works as following</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/a3bb0b6955db87280b77899533644bb50413e95450ba50c33469528609129c55.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>where function P enforces a specific block order preventing from malicious block swap.</p><h3 id="h-hash-mac-hmac" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Hash-MAC (HMAC)</h3><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/61e43c9a35f8cbf108c50a45a2041020031fd78b2b0df6830d8a51851778358f.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>where ipad is internal pad.</p><h3 id="h-confidentiality-and-integrity" class="text-2xl font-header !mt-6 !mb-4 first:!mt-0 first:!mb-0">Confidentiality AND integrity</h3><p>If one needs both properties – authenticated encryption is used.</p><p>An authenticated encryption system $$(E,D)$$ is a cipher where $$E: K × M × N → C$$ and $$D: K × C × N → M ∪ {⊥}$$ where ⊥ means that the ciphertext is rejected and $$⊥∉ M$$.</p><h1 id="h-types-of-attacks" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Types of attacks</h1><p><em>Disclaimer: the list is not exhaustive.</em></p><ul><li><p>Ciphertext only attack – the attacker has access only to the ciphertext and attempts to derive the plaintext or the encryption key without any knowledge of the encryption algorithm or the key used.</p></li><li><p>Two Time Pad attack – for OTP and Stream Cipher, if one uses the same key twice: $$c_1 = G(k) ⊕ m_1$$ and $$c_2 = G(k) ⊕ m_2$$. The adversary can decrypt the messages $$m_1$$ and $$m_2$$ by XORing $$(G(k) ⊕ m_1) ⊕ (G(k) ⊕ m_2) = m_1 ⊕ m_2$$. To mitigate the issue, one can use nonce.</p></li><li><p>Related Key Attack – the attacker has access to pairs of plaintexts and their corresponding ciphertexts that are encrypted with different keys that are related in some way. This attack exploits the relationship between the keys to uncover.</p></li><li><p>Exhaustive search attack (brute force attack) – trying every possible key until the correct key is identified.</p></li><li><p>Meet-in-the-middle attack (MITM) – exploits the relationship between two halves of the encryption process to reduce the computational complexity required to find the secret key. The attack involves encrypting plaintext with one key and decrypting ciphertext with another key simultaneously, essentially meeting in the middle of the encryption/decryption process.</p></li><li><p>Timing attack – a type of side-channel attack that exploits the variations in the time it takes for a system to perform cryptographic operations.</p></li><li><p>Power attack – a type of side-channel attack that exploits the variations in the power consumption of a device while it performs cryptographic operations.</p></li><li><p>Side channel attack – precise measurement of time to encrypt and decrypt and consumed power for encryption and decryption.</p></li><li><p>Fault attack – causing the smartcard to malefunction at the right moment might expose the secret key.</p></li><li><p>Chosen Plaintext Attack (CPA) – under security check, instead of providing two different messages m_0 and m_1, the adversary provides two same messages m and m, and a result it gets c = E(k,m). So, with a many-time key, the adversary can get arbitrary many pairs (m,c) encrypted with the same key and break the cipher, that is to produce a valid new message.</p></li><li><p>Chosen Ciphertext Attack (CCA) – the attacker can choose arbitrary ciphertexts and obtain their corresponding plaintexts, typically through an oracle. The goal of this attack is to exploit the decryption process to reveal information about the secret key or to decrypt other ciphertexts.</p></li><li><p>Verification timing attack – a specific type of side-channel attack that exploits the time variations in the execution of cryptographic operations, particularly during the authentication or verification processes.</p></li><li><p>Collision attack – the goal is to find two distinct inputs that produce the same hash output.</p></li><li><p>Replay attack – an attacker intercepts and captures a valid data transmission, such as a message or transaction, and then maliciously retransmits that data to deceive the system into thinking it is a legitimate request.</p></li><li><p>Side channel attack – gaining information from the physical implementation of a computer system.</p></li><li><p>Padding attack – exploits the way data is padded before encryption.</p></li><li><p>Dictionary attack – systematically entering every word in a predefined list (dictionary) of likely passwords.</p></li></ul><h1 id="h-key-exchange" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Key Exchange</h1><p>In most data exchange cases we mention above it is assumed that two parties have a shared secret key. How can they do it:</p><ul><li><p>Option 1 (the most obvious one): online trusted third party (TTP) creates a shared key and shares it with both partied: for (toy) example, party $$A$$ has a key $$k_A$$, party B has a key $$k_B$$, the trusted third party creates a key $$k_{AB}$$. It encrypts the shared key using $$k_A$$ and sends to the party $$A$$ and also encrypts using $$k_B$$ and sends to the party $$B$$.</p></li></ul><p>However, the trusted third party introduces trust that is an undesirable property for a robust system. Can we do better?</p><ul><li><p>Option 2: Merkle Puzzles</p><ul><li><p>Alice prepares $$2^{32}$$ puzzles.</p></li><li><p>Bob picks one random puzzle and solves it by brute-forcing (checking all possible $$2^{32}$$ values). As a result, Bob obtains $$(x_i, k_i)$$ and sends $$x_i$$ to Alice so she knows Bob has solved the puzzle. $$k_i$$ is now used as a shared key between Bob and Alice.</p></li></ul></li><li><p>Option 3: the Diffie-Hellman protocol</p></li></ul><p>Fix a large prime $$p$$ (e.g. 600 digits).</p><p>Fix an integer $$g$$ in $${1, …, p}$$.</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/eb76c1743c454967000bc8f33814e36f9d099eaa48fb6939298a094acad7ff6d.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>$$B^a(mod \ p) = (g^b)^a = g^{ab}(mod \ p) = (g^a)^b = A^b(mod \ p)$$</p><ul><li><p>Option 4: Public Key Encryption</p></li></ul><p>Definition: a public-key encryption system is a triple of algorithms $$(G, E, D)$$ where $$G()$$ is a randomized algorithm that outputs a key pair $$(pk, sk)$$, $$E(pk,m)$$ is a randomized algorithm that takes $$m ∈ M$$ (message) and outputs $$c ∈ C$$ (ciphertext), and $$D(sk, c)$$ is a determined algorithm that takes $$c ∈ C$$ and outputs $$m ∈ M$$ or ⊥.</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/51c6ce541424f24b195df84b8a7b268be40d2660f1b09807d704ae472aab819d.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>Public key encryption is very popular in modern world. For example, it is often used for session setup (establishing a communication session between two or more entities, such as clients and servers, in a networked environment) and non-interactive applications (e.g. email).</p><p>One of the most widely known public key encryption protocols is the RSA trapdoor permutation (1977) – it is used, for example, in SST/TSL protocols, secure emailing and file systems, etc.</p><p>Among other examples of public key encryption – ElGamal that relies on Diffie-Hellman protocol.</p><h1 id="h-data-encryption-standard-and-conclusions" class="text-4xl font-header !mt-8 !mb-4 first:!mt-0 first:!mb-0">Data Encryption Standard and conclusions</h1><p>The National Institute of Standards and Technology, also known as the NIST, is a United States government laboratory that works to develop, test, and recommend best practices for federal agencies, and other organizations relating to things such as online security. Metrics, measurements, and regulations, like the <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://www.encryptionconsulting.com/education-center/what-is-fips/">Federal Information Protection Standard</a>, are created by the NIST to help strengthen the reliability and security of technologies being developed.</p><p>For Cryptographic Standards and Guidelines, check the <a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://csrc.nist.gov/projects/cryptographic-standards-and-guidelines">NIST website</a>.</p><p>One should mention that adopted as a standard doesn’t mean 100% secure forever. Though it means that a lot of great minds checked, explored, and researched the specific primitive and came to the conclusion that it is secure following a specific security definition for this specific primitive.</p><p>While more research is being conducted, hardware acceleration moves forwards, R&amp;D in the quantum domain progresses, the cryptography landscape will change: new primitives will substitute previous generations. For example, using 256-bit keys instead of 128-bit ones.</p><p>And while cryptography is one of the most exciting and dynamically developing areas, it is also extremely complex and tricky. That is why, as recommended by Dan Boneh, it is better not to invent your own cryptography, not to write own implementations of already existing cryptography, and stick to existing standards. It doesn’t guarantee 100% security, however, it guarantees as good security as it is possible to achieve.</p><p><em>Sources</em></p><ul><li><p><em>This article mostly relies on the legendary Dan Boneh’s “</em><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://crypto.stanford.edu/~dabo/courses/OnlineCrypto/"><em>Cryptography I</em></a><em>”</em></p></li><li><p><em>For definitions, wikipedia, investopedia, </em><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="https://www.cloudflare.com/en-gb/learning/ssl/what-is-asymmetric-encryption/"><em>cloudflare</em></a><em>, </em><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="http://brilliant.org/"><em>brilliant.org</em></a><em> were used.</em></p></li><li><p><a target="_blank" rel="noopener noreferrer nofollow ugc" class="dont-break-out" href="http://csrc.nist.gov/"><em>csrc.nist.gov</em></a></p></li></ul>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/b900c3aeffc45ac23243cd5015ac6231a8c387c20878341b85d2730d76542bc4.jpg" length="0" type="image/jpg"/>
        </item>
        <item>
            <title><![CDATA[When neuroatypical people want to socialize]]></title>
            <link>https://paragraph.com/@lisaakselrod/when-neuroatypical-people-want-to-socialize</link>
            <guid>t28Zul3i5F3CTitf8aJe</guid>
            <pubDate>Sun, 06 Apr 2025 12:41:47 GMT</pubDate>
            <description><![CDATA[In American movies, when kids are neuroatypical (have autism or another developmental difference) parents tell them we love you as you are and unconditionally accept, then they help them to integrate into society and learn to be part of it. In the real world, when kids are neuroatypical parents tell them why the hell you can’t just be normal as all other kids. Then it took a life to learn what the hell the average human means by ‘being normal’ and to be honest it’s quite a journey. I remember...]]></description>
            <content:encoded><![CDATA[<p>In American movies, when kids are neuroatypical (have autism or another developmental difference) parents tell them we love you as you are and unconditionally accept, then they help them to integrate into society and learn to be part of it.</p><p>In the real world, when kids are neuroatypical parents tell them why the hell you can’t just be normal as all other kids. Then it took a life to learn what the hell the average human means by ‘being normal’ and to be honest it’s quite a journey.</p><p>I remember when I was around 10 yo we had a family dinner with several dozens of relatives and my parents were telling the rest what a happy family we are. Then I stood up and said out loud that it&apos;s a lie, we are a very unhappy family, my parents hate living together, cheat on each other, and are constantly depressed. No need to say that I ruined the dinner and my parents almost killed me for that. The funny thing is that I genuinely had no idea what I did wrong, I just told the truth. I have hundreds of these stories. They all are stupidly awkward and furthermore I still continue to trap into them all the time.</p><p>In one word, what most people know about communication and understanding by default, by intuition, or my common sense, we need to learn by logic. We have to learn what makes people upset, what makes people happy, all the verbal and non-verbal euphemisms people use.</p><p>Can you guess how many times it took me to understand that “Let’s watch a movie” means “Let’s have sex”. Because comm’n if you don’t want to watch a movie why do you say “Let’s watch a movie” and if you want to have sex why not to say “Let’s have sex” but to say “Let’s watch a movie”? It took me at least three iterations to learn this one.</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/9fd3c0bd456e04f97969ee0ec607e6229aac4aeeff69483135dcb9fb56c9c955.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>When I was around 14 and got my laptop, almost the first thing I googled was how to study extrasensory perception because what if instead of decoding people’s words I could just read their thoughts and know what they mean. I think it’s a good illustration of thinking out of the box regarding problem solving skills. However it seems that even if telepathy works, the earth interfaces haven’t been developed yet.</p><p>There is an ‘easy’ way for neuroatypical human beings – choose a profession with as little communication as possible. My own problem with this is that regardless of all described above my favourite thing is hanging out with people, being quite social and interactive. If you open my diary – the most common question there is ‘oh I’d love to have more friends but God knows how I do that’ (I still don’t know how I do that tbh). But the thing is that the cost of socialization – feeling weird and awkward 24/7. It won’t be okay, it will be like this till the end.</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/6196166a1cdfead5c6213618f6ad52e7e79be87bed7f06c0909a4eccf96d311a.jpg" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>I tried to write it funny tho telling a bit about the hardships of being neuroatypical. However I omitted all really hard parts of it because they are quite heavy to perceive and as I’ve learnt so far – people prefer skeletons to stay in the wardrobes. But as a tl;dr of this note – I want everyone who is reading this note to be a bit more patient and soft to weird people because people are mostly weird for a reason. If we could choose we’d prefer being normal. Many neuroatypical people do not report it under every acquaintance nor do they put it into twitter profiles. Love u</p>]]></content:encoded>
            <author>lisaakselrod@newsletter.paragraph.com (Lisa Akselrod)</author>
            <enclosure url="https://storage.googleapis.com/papyrus_images/539a64ddd00811a09824de9ae0eacf214d09d7a48bdd9cd816aaa5a395ee89e1.jpg" length="0" type="image/jpg"/>
        </item>
    </channel>
</rss>