Formal Verso: the Formal Methods Future of Smart Contract Security

In May 2016, the newly created Decentralized Autonomous Organization (DAO), an investor-directed venture capital fund built as a smart contract on the Ethereum blockchain, raised around $150 million worth of digital currency. Hopes were high. The fund was to be a fully transparent and decentralized organization, with investment decisions made collectively through member votes, and […]

Read More

Introducing Cheesecloth: A Tool for Proving Software Vulnerabilities in Zero Knowledge

In the world of cybersecurity, proving software vulnerabilities responsibly is a critical challenge.  Imagine a security analyst discovers a vulnerability and wants to tell a software company that their program can be hacked. Here, they face a common dilemma: when they tell the software company about the vulnerability, the company may choose to simply ignore […]

Read More

Galois Unlocks the Power of Private Set Intersection: A Game-Changer for Data Privacy

The US Department of Education (DOE) was in a quandary. Every few years, they were required to report to Congress on the state of undergraduate student financial aid in the United States, but the confidential data needed to create the report was divided between two different internal offices—offices forbidden by policy to share data with […]

Read More

Bringing Zero Knowledge Proofs to the Masses

The arcane world of cryptographic proofs seldom finds expression on the dashboard of your average automobile, but a partnership between Galois and Cybernetica is steering the state of the art in privacy-preserving technology towards the road less traveled—in Estonia, to be precise. In 2020, Estonia’s Environmental Investment Centre introduced a public program to encourage the […]

Read More

Subverting Censorship: How a Galois-developed Android App Could Change the Game for Pro-Democracy Activists

For pro-democracy activists living under authoritarian regimes, communication can be a tricky – and often dangerous – endeavor. Posting dissident messages to social media, sending an email, or texting a friend or colleague can risk interception by vigilant government agents, censorship, and even jail time. Over the past few years, Galois has been developing, in […]

Read More

Cryptol, SAW, and the Galois Origin Story

Among the many tales of innovation and impact to come from Galois over the years, the origin story of Cryptol and SAW is perhaps the most closely tied with that of the company itself. Today, these open-source verification tools have been used in national security, fintech, and cloud computing applications to keep citizens, systems, and […]

Read More

The Impact of Provable Security: AWS and Supranational

Galois’s mission is to help make the critical systems that the world relies on more secure and trustworthy. Over the years, we’ve put our team’s deep expertise in software correctness, cryptography, digital engineering, and machine learning to work, providing formal assurance for complex systems in high stakes contexts for both government and commercial clients. From […]

Read More

Securing Software Supply Chains with Zero Knowledge Proofs

Software supply chain attacks are on the rise, increasing a staggering 742% per year on average since 2019. Sometimes called “third party attacks,” these cyberattacks infiltrate third party or open source software libraries with malicious code, infecting vendors and components along the software supply chain.  These days, any given software artifact may depend on hundreds […]

Read More

An Essential Tool for Cryptography Development

Cryptography continues to rapidly transform our world. It seems like every day there’s a new story about fully homomorphic encryption, blockchains, and how these technologies secure billions and even trillions of dollars in assets.  We’ve talked about cryptographic algorithms and twice about cryptographic assurance. People who work with these concepts every day have been the […]

Read More

21st Century Cryptography – Asynchronous ASIC

Prior to spinning out of Galois, engineers from Niobium Microsystems completed work on the 21st Century Cryptography DARPA project. This project developed a proof-of-concept ASIC containing high-performance, low-energy, side-channel resistant implementations of AES-256 cryptographic primitives. These implementations were developed in correct-by-construction fashion, by directly translating formal models of the cryptographic constructs into a hardware implementation […]

Read More