Diagram of an Ockam Identity showing an example of a signed change history with three blocks

Cryptographic design review of Ockam

By Marc Ilunga, Jim Miller, Fredrik Dahlgren, and Joop van de Pol In October 2023, Ockam hired Trail of Bits to review the design of its product, a set of protocols that ...

Circomspect has been integrated into the Sindri CLI

By Jim Miller Our tool Circomspect is now integrated into the Sindri command-line interface (CLI)! We designed Circomspect to help developers build Circom circuits more securely, particularly given the limited tooling support ...

Breaking the shared key in threshold signature schemes

By Fredrik Dahlgren Today we are disclosing a denial-of-service vulnerability that affects the Pedersen distributed key generation (DKG) phase of a number of threshold signature scheme implementations based on the Frost, DMZ21, ...

Cloud cryptography demystified: Amazon Web Services

| | cryptography
By Scott Arciszewski This post, part of a series on cryptography in the cloud, provides an overview of the cloud cryptography services offered within Amazon Web Services (AWS): when to use them, ...
Chaos Communication Congress (37C3) recap

Chaos Communication Congress (37C3) recap

Last month, two of our engineers attended the 37th Chaos Communication Congress (37C3) in Hamburg, joining thousands of hackers who gather each year to exchange the latest research and achievements in technology ...
Improving Cybersecurity: Different Certifications Explained

Improving Cybersecurity: Different Certifications Explained

In the ever-evolving landscape of cybersecurity, the choice of cryptographic algorithms and certificates plays a pivotal role in ensuring the confidentiality and integrity of sensitive information.  While traditional methods such as the ...
Chain Gang, Sam Cooke

We build X.509 chains so you don’t have to

By William Woodruff For the past eight months, Trail of Bits has worked with the Python Cryptographic Authority to build cryptography-x509-verification, a brand-new, pure-Rust implementation of the X.509 path validation algorithm that ...

Celebrating our 2023 open-source contributions

At Trail of Bits, we pride ourselves on making our best tools open source, such as Slither, PolyTracker, and RPC Investigator. But while this post is about open source, it’s not about ...

Improving Shor’s Algorithm

We don’t have a useful quantum computer yet, but we do have quantum algorithms. Shor’s algorithm has the potential to factor large numbers faster than otherwise possible, which—if the run times are ...
The Trail of Bits mascot, an octopus, wears a detective's fedora and examines a trail of bits (0s and 1s) through a magnifying glass.

A trail of flipping bits

| | attacks, cryptography
By Joop van de Pol Trusted execution environments (TEE) such as secure enclaves are becoming more popular to secure assets in the cloud. Their promise is enticing because when enclaves are properly ...