Security Boulevard

Carelessness versus craftsmanship in cryptography

Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of ...

Why are Epstein’s emails full of equals signs?

Many of the emails released by the Department of Justice from its investigation into Jeffrey Epstein are full of garbled ...