Best of CryptographyApril 2026

  1. 1
    Article
    Avatar of nodejsNode.js·5w

    Node.js — Node.js 24.15.0 (LTS)

    Node.js 24.15.0 'Krypton' LTS has been released with several notable changes: a new --max-heap-size CLI option, require(esm) and module compile cache marked as stable, raw key format support added to KeyObject crypto APIs, a throwIfNoEntry option for fs.stat, HTTP/1 fallback configuration for HTTP/2, setTOS/getTOS added to Socket, SQLite marked as release candidate with a new limits property, C++ support for diagnostics channels, and improvements to the test runner including worker ID exposure and SIGINT handling. The release also includes numerous bug fixes across streams, crypto, HTTP, ESM, and buffer modules, plus dependency updates including npm 11.12.1, SQLite 3.52.0, and updated root certificates.

  2. 2
    Article
    Avatar of lnLaravel News·6w

    Manage Software Licenses in Laravel with Laravel Licensing

    Laravel Licensing is a package that brings enterprise-grade software license management to Laravel applications. It supports offline verification using PASETO v4 tokens signed with Ed25519, seat-based license enforcement, multi-product isolation via License Scopes with separate signing keys, grace periods, renewals, expiration, and full audit logging. The package provides artisan commands for generating root certificates and signing keys, and a fluent API for creating licenses, registering devices, and issuing offline verification tokens. Two companion packages extend the ecosystem: a client-side validator and a Filament admin panel for managing licenses and monitoring seat usage.

  3. 3
    Article
    Avatar of collectionsCollections·4w

    HIPPO is a storeless password manager that derives site passwords on the fly using cryptography

    HIPPO is a research-stage browser extension that eliminates password storage entirely by deriving site-specific passwords on the fly. It uses an Oblivious Pseudorandom Function (OPRF) protocol: the extension blinds your master passphrase and sends it to a server, which processes it with its own secret key — neither side sees the other's raw secret. The result is a deterministic, high-entropy password per site that gets auto-filled. A 25-person user study found HIPPO scored higher on perceived security and trust compared to manual password entry. Key tradeoffs include server dependency as a single point of failure, no 2FA support, and unresolved master password change and account lockout scenarios. HIPPO remains a research concept with no live deployment yet.

  4. 4
    Article
    Avatar of singularityhubSingularity Hub·3w

    Quantum Computers Are Coming to Break Cryptography Faster Than Anyone Expected

    Algorithmic advances are accelerating the timeline for quantum computers to break widely used cryptography. Google's Quantum AI team published a March 2026 study showing elliptic-curve cryptography (used by Bitcoin and Ethereum) could be cracked by a quantum computer with fewer than 500,000 physical qubits — roughly 10x fewer than previous estimates. A separate Caltech-Berkeley-Oratomic preprint suggests Shor's algorithm could run on 10,000–20,000 atomic qubits. While no immediate threat exists, NIST has standardized post-quantum cryptographic algorithms and recommends migration by 2035. Organizations relying on elliptic-curve or RSA encryption should begin planning transitions now, as both hardware and algorithmic improvements are steadily closing the gap.

See all Cryptography archives