Security Boulevard

Carelessness versus craftsmanship in cryptography

Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of ...
GitHub

CaringalML/Serverless-Auth-with-AWS-Cognito

An enterprise-grade, cloud-native authentication solution leveraging AWS's serverless ecosystem, implementing military-standard AES-256 token encryption via KMS, automated bot detection through ...