Security Boulevard

Carelessness versus craftsmanship in cryptography

Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of ...
Design And Reuse

Securing UALink: Introducing Synopsys UALinkSec_200 Security Module

Initially, security was considered outside the scope of the UALink specification, with the assumption that higher layers would address it. However, as the protocol matured, the need for integrated ...