At Zxs, we have been involved in several AWS Nitro Enclave-related projects. We have noticed a few areas where the AWS documentation doesn’t clearly mention some cryptographic considerations. We have discussed these issues with the security team at AWS and we understand that their hands are tied: they can’t easily change their existing design/APIs and they don’t want to risk confusing their developers by appending their documentation.
Blog
Short (usually) posts for your enjoyment.
-
Thoughts on AWS Nitro Enclave ⇔ AWS KMS interactions
Cryptography Aws nitro enclave December 15, 2024
-
Confidential Computing at 1Password: audit report
Cryptography Aws nitro enclave November 29, 2024
Zxs conducted an external security assessment of 1Password’s Confidential Computing system. 1Password leverages AWS Nitro Enclaves to provide server-side features while preserving a security and privacy profile equivalent to their current end-to-end setup.
-
Programming Zero Knowledge Proofs
Cryptography Blogs October 07, 2024
Programming ZKPs: From Zero to Hero is a great tutorial about zero knowledge proofs following their initial post, A Friendly Introduction to Zero Knowledge. Save this link for your next rainy day.
-
Cryptographic Right Answers
Cryptography Blogs August 15, 2024
In 2018, Latacora published Cryptographic Right Answers which is a very well written post summarizing which cryptographic algorithms to pick for a given task.
-
Encrypted & authenticated data diode communications
Network security Cryptography November 14, 2023
Data diodes provide physically guaranteed one-way communications in computer networks. Data diodes can be built using commercial off the shelf components, such as by disconnecting the receive end of a fiber transceiver. Several dedicated appliances are also available. Traditionally, data diodes have been used in high security settings, such as military or industrial control systems. Data diodes might also have a place in other industries, such as health care or finance, especially to transmit logs, analytics, usage, or billing information.
-
Two cryptographers playing cards
Cryptography October 02, 2023
I tooted the following puzzle:
Do you teach cryptography? If yes, ask your students to design a protocol for two people to play a cards game over the internet (eg Uno, Gin Rummy, Go fish or whatever). The protocol should be trustless so the players don’t have to rely on a centralized server to deal cards and players shouldn’t be able to peek at the deck unless the game rule allows it.
Give extra points to students who come up with simpler protocols, formal proofs, or an actual implementation.
-
Cryptopals
Cryptography Challenges August 16, 2023
9+ years later, Cryptopals remains a tremendously valuable tool for learning about cryptography by working on practical pieces of code. Cryptopals is a collection of 8 sets of challenges, starting very gently and ending with some non-trivial problems. By working through these challenges you will implement various cryptosystems and well known attacks.