Forem: Wai Yip, WONG The latest articles on Forem by Wai Yip, WONG (@waiyip000). https://forem.com/waiyip000 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3373117%2Fa011d7d0-2fdb-4816-bd6e-0b6271ff1c8c.png Forem: Wai Yip, WONG https://forem.com/waiyip000 en TraplessPKE β€” A New Direction for Post-Quantum Cryptography Wai Yip, WONG Tue, 05 Aug 2025 09:34:32 +0000 https://forem.com/waiyip000/traplesspke-a-new-direction-for-post-quantum-cryptography-1mp1 https://forem.com/waiyip000/traplesspke-a-new-direction-for-post-quantum-cryptography-1mp1 <h2> πŸš€ TraplessPKE β€” A New Direction for Post-Quantum Cryptography </h2> <p><em>How I designed a cryptographic system that abandons algebraic structure and survives quantum attacks</em></p> <p>πŸ”— [GitHub] | 🧾 [Whitepaper] | πŸ‘¨β€πŸ’» Author: Wai Yip, WONG (github.com/waiyip000)</p> <h3> ❓ What Is TraplessPKE? </h3> <p>TraplessPKE is a <strong>quantum-safe cryptographic system</strong> I designed to achieve:</p> <ul> <li>βœ… Public-Key Encryption</li> <li>βœ… Message-Bound Digital Signatures</li> <li>βœ… Zero reliance on lattices, primes, elliptic curves, or algebraic traps</li> <li>βœ… Compatibility with hardware and embedded systems</li> <li>βœ… Epistemic defense: validation is impossible without a secret β€” not just hard</li> </ul> <h3> 🧠 What Makes It Different? </h3> <p>Unlike NIST-style PQC schemes based on algebraic hardness (like LWE, lattices, or codes), <strong>TraplessPKE</strong> is:</p> <blockquote> <p>A structure-free cryptographic scheme based on entropy, filtering, and deliberate ambiguity.</p> </blockquote> <p><strong>Core principle:</strong></p> <blockquote> <p><em>You cannot break what you cannot recognize.</em><br> There is no structure to invert. No equations to solve. Only filtered meaning for those with the key.</p> </blockquote> <h3> πŸ” How It Works (Simplified) </h3> <p>TraplessPKE uses:</p> <ul> <li>A <strong>Selector Map</strong> β€” links messages and ciphertexts via a common label space</li> <li>A <strong>Public Predicate</strong> β€” filters plausible ciphertexts</li> <li>A <strong>Trapdoor</strong> β€” blinds inputs via XOR masking</li> <li>A <strong>Hash-Bound Signature</strong> β€” cryptographically binds message + trapdoor</li> </ul> <p>All operations are constant-time and linear-space.</p> <p>No discrete logs. No modular arithmetic. No vectors.</p> <h3> πŸ“ Use Cases </h3> <ul> <li>Post-Quantum Secure Messaging</li> <li>Digital Signatures that can’t be reused or transferred</li> <li>Identity-bound credentials (ZK-friendly)</li> <li>Hardware authentication in constrained devices</li> <li>Defense systems where no cryptographic oracle or structure must exist</li> </ul> <h3> πŸ’‘ Why I Built It </h3> <p>After two decades in banking risk and compliance, I saw firsthand how <strong>security often depends on assumptions</strong> that attackers eventually break. Quantum computing accelerates that collapse.</p> <p>TraplessPKE is my answer:<br> A <strong>non-invertible surface</strong> designed to survive even when quantum attackers arrive β€” because there’s no algebra to attack.</p> <h3> πŸ“˜ Want to Learn More? </h3> <p>πŸ”— <strong>Full Whitepaper:</strong> <a href="https://waiyip000.github.io/TraplessPKE/TraplessPKE_whitepaper_V1.0.pdf" rel="noopener noreferrer">TraplessPKE_whitepaper_V1.0.pdf</a><br> πŸ“¦ <strong>GitHub Repo:</strong> <a href="https://github.com/waiyip000/traplesspke" rel="noopener noreferrer">github.com/waiyip000/traplesspke</a></p> <h3> πŸ’¬ Your Thoughts? </h3> <p>I’d love your feedback β€” questions, critiques, or use-case ideas.</p> <blockquote> <p><em>β€œSecurity through ambiguity. Access through design. Meaning for those who are allowed.”</em><br> β€” TraplessPKE, 2025</p> </blockquote> cryptography postquantum security protocols Launching ANCP β€” Secure Login for AI Agents Without VPN or OAuth Wai Yip, WONG Sun, 20 Jul 2025 22:12:41 +0000 https://forem.com/waiyip000/launching-ancp-secure-login-for-ai-agents-without-vpn-or-oauth-h48 https://forem.com/waiyip000/launching-ancp-secure-login-for-ai-agents-without-vpn-or-oauth-h48 <h1> πŸš€ Launching ANCP β€” Secure Login for AI Agents Without VPN or OAuth </h1> <p>AI agents are evolving from tools into autonomous reasoning actors β€” capable of reading, writing, and acting on sensitive data. But today’s authentication systems were built for <strong>humans with browsers</strong>, not intelligent agents with goals.</p> <p>That’s why I’m launching <strong>ANCP</strong> β€” the <strong>Agent-Native Challenge Protocol</strong>.</p> <p>It’s a new kind of login protocol built specifically for LLMs like ChatGPT, Gemini, Claude, and future autonomous agents.</p> <h2> πŸ” What Makes ANCP Different? </h2> <p>ANCP lets an AI agent authenticate and access backend infrastructure <strong>without</strong>:</p> <ul> <li>❌ VPN tunnels </li> <li>❌ OAuth 2.0 or browser redirects </li> <li>❌ Static API keys </li> <li>❌ Service accounts or secret-sharing</li> </ul> <p>Instead, it uses:</p> <ul> <li>βœ… <strong>PGP-based challenge–response login</strong> </li> <li>βœ… <strong>Zero-trust, stateless session negotiation</strong> </li> <li>βœ… <strong>AI-readable <code>.well-known/ancp.discovery.json</code> endpoint metadata</strong> </li> <li>βœ… <strong>Prompt-native reasoning over identity</strong> </li> </ul> <h2> 🧠 Why It Matters </h2> <p>Today’s LLMs are capable of:</p> <ul> <li>Making API calls </li> <li>Generating SQL queries </li> <li>Accessing CRMs or HR systems </li> <li>Recommending product launches, policy decisions, or financial strategies</li> </ul> <p>But if the only login method available is:</p> <ul> <li> <em>β€œPaste this OAuth token in a browser...”</em> </li> <li>…the agent becomes blocked or dangerously over-permissioned.</li> </ul> <p><strong>ANCP makes identity a reasoning-aligned interaction.</strong><br><br> The agent proves it understands <em>what it's doing</em> β€” cryptographically and semantically.</p> <h2> πŸ“¦ GitHub Repository </h2> <p>πŸ‘‰ <a href="https://github.com/waiyip000/agent-native-auth" rel="noopener noreferrer">https://github.com/waiyip000/agent-native-auth</a></p> <p>Includes:</p> <ul> <li>Full whitepaper (<code>whitepaper.docx</code>) </li> <li>SHA256 validation hash </li> <li> <code>.well-known/ancp.discovery.json</code> sample </li> <li>PGP digest tool (<code>digest.py</code>) </li> <li>Attribution-secured LICENSE</li> </ul> <h2> πŸ“„ Whitepaper SHA256 Digest </h2> <p>To verify authorship and originality of the protocol:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>SHA256 (whitepaper.docx): 407f2e29bc6ba9bb8710cd43da58401d056bd1d1cb7c0dadeb6729a99a9c4c36 </code></pre> </div> <h2> πŸ§‘β€πŸ’» Created and authored by </h2> <p><strong>Wai Yip, WONG</strong><br><br> πŸ”— <a href="https://www.linkedin.com/in/wai-yip-wong" rel="noopener noreferrer">LinkedIn</a><br><br> πŸ’» <a href="https://github.com/waiyip000" rel="noopener noreferrer">GitHub</a></p> <h2> πŸ“£ Call to Action </h2> <p>I’m inviting:</p> <ul> <li>OSS contributors </li> <li>LLM security architects </li> <li>AI infra developers </li> <li>Zero-trust security teams</li> </ul> <p>…to <strong>collaborate</strong>, test, and build on ANCP.</p> <p>Let's make secure, intelligent infrastructure <strong>agent-native.</strong></p> <h1> ANCP #LLM #AI #ZeroTrust #Security #Authentication #PGP #PromptNative #OpenSource </h1> ai security authentication opensource