Scott Arciszewski on The Trail of Bits Blog

Scott Arciszewski on The Trail of Bits Bloghttps://miscreants.github.io/blog.trailofbits.com/authors/scott-arciszewski/Recent content in Scott Arciszewski on The Trail of Bits BlogHugoen-usFri, 14 Nov 2025 00:00:00 -0500How we avoided side-channels in our new post-quantum Go cryptography librarieshttps://miscreants.github.io/blog.trailofbits.com/2025/11/14/how-we-avoided-side-channels-in-our-new-post-quantum-go-cryptography-libraries/Fri, 14 Nov 2025 07:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/11/14/how-we-avoided-side-channels-in-our-new-post-quantum-go-cryptography-libraries/We’ve released open-source Go implementations of ML-DSA and SLH-DSA.Cloud cryptography demystified: Google Cloud Platformhttps://miscreants.github.io/blog.trailofbits.com/2024/08/05/cloud-cryptography-demystified-google-cloud-platform/Mon, 05 Aug 2024 09:00:03 -0400https://miscreants.github.io/blog.trailofbits.com/2024/08/05/cloud-cryptography-demystified-google-cloud-platform/This post, the second in our series on cryptography in the cloud, provides an overview of the cloud cryptography services offered within Google Cloud Platform (GCP): when to use them, when not to use them, and important usage considerations. Stay tuned for future posts covering other cloud services. At Trail of Bits, […]Announcing AES-GEM (AES with Galois Extended Mode)https://miscreants.github.io/blog.trailofbits.com/2024/07/12/announcing-aes-gem-aes-with-galois-extended-mode/Fri, 12 Jul 2024 09:00:35 -0400https://miscreants.github.io/blog.trailofbits.com/2024/07/12/announcing-aes-gem-aes-with-galois-extended-mode/Today, AES-GCM is one of two cipher modes used by TLS 1.3 (the other being ChaCha20-Poly1305) and the preferred method for encrypting data in FIPS-validated modules. But despite its overwhelming success, AES-GCM has been the root cause of some catastrophic failures: for example, Hanno Böck and Sean Devlin exploited nonce misuse to […]Cloud cryptography demystified: Amazon Web Serviceshttps://miscreants.github.io/blog.trailofbits.com/2024/02/14/cloud-cryptography-demystified-amazon-web-services/Wed, 14 Feb 2024 09:00:06 -0500https://miscreants.github.io/blog.trailofbits.com/2024/02/14/cloud-cryptography-demystified-amazon-web-services/This post, part of a series on cryptography in the cloud, provides an overview of the cloud cryptography services offered within Amazon Web Services (AWS): when to use them, when not to use them, and important usage considerations. Stay tuned for future posts covering other cloud services. At Trail of Bits, we […]