I started this blog just a few months ago and it’s been something of a learning experience. Someday maybe I’ll talk about that, but not in this post. What I’m here to talk about is regret — regret that there are so many things I missed the opportunity to blog about in 2011.

Since I’m finally done traveling and the alternative is to actually be productive, I thought this might be a good opportunity to make up for some of that lost blogging ground. Hence this post: my attempt to sum up what’s happened in practical cryptography in 2011.

Before anyone objects, I’m going to clarify the ground rules. This list is naturally incomplete, and moreover, I’m going to take ‘practical‘ seriously. That rules out reduced-round attacks (on anything); improvements in Fully-Homomorphic Encryption (getting faster!); and any paper with ‘composable’ in the title. I will cover implementation and usability issues. But I don’t really plan to take any of my own rules that seriously. If you think I missed something important, please feel free to follow up in comments.

Phishers don’t mess with the

imaginary SecurID key storage facility.

And that’s 2011. I’m sure I’m missing tons of important stuff — and that’s what comments are for. Please enjoy the rest of your holidays and be safe in the new year.