Post · Kakapo Social

Post

Log in

Carelessness versus craftsmanship in cryptography

Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. […] The aes-js/pyaes maintainer, on the other hand, has taken a more… cavalier approach.

🔓 https://blog.trailofbits.com/2026/02/18/carelessness-versus-craftsmanship-in-cryptography/

#aesctr #itsecurity #key #javascript #js #iv #pyaes #cryptography #carelessness #aes #cybersecurity #cryptography #itsec #encryption #craftsmanship #reuse #fail

The Trail of Bits Blog

Carelessness versus craftsmanship in cryptography

Kakapo Social

Kakapo Social: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.2-alpha.34 no JS en

Automatic federation enabled

Log in