Explore the cryptographic challenges and vulnerabilities associated with attacker-controlled keys in authenticated encryption schemes. Delve into the evolving landscape of cryptography deployment, focusing on scenarios where attackers can potentially know or guess encryption keys. Examine specific examples such as password-based authenticated encryption and reporting plaintexts, and investigate the concept of committing security. Analyze invisible salamander attacks on Counter Mode and Galois/Counter Mode (GCM), discussing their implications for multi-receiver encryption and abuse reporting in encrypted messaging systems. Learn about Facebook's Message Franking Protocol and techniques to evade message franking. Gain insights into crafting ciphertexts, partitioning oracles, and strategies to prevent invisible salamander attacks. This 31-minute Black Hat conference talk is designed for security professionals involved in cryptography design, implementation, and deployment, while remaining accessible to a general security audience. Read more