At Galois, we are interested in expanding the capabilities of privacy-preserving technologies, as we believe such technology will play a vital role in our future privacy-sensitive world. One such technology that we’ve been exploring is Homomorphic Encryption (HE), a cryptographic mechanism that allows someone to perform computation on encrypted data. In a previous project, we’ve […]
Distributed protocols enable components such as blockchain validator nodes, cloud servers, or IoT devices to coordinate and cooperate toward a common goal. However, in such a diverse environment, a lot of things can go wrong: hardware can fail, software can be buggy, network links can be unreliable, attackers may compromise components, and so on. Due […]
Field arithmetic code is important and has edge cases lurking everywhere. Cryptol is a tool that can guarantee you’ve got the edge cases right! In this post, we continue reproducing an NCC Group Post about programming in z3. In our last post, we checked the implementation of part of the QUIC protocol. Now we’ll explore […]
Building secure communication systems requires both secure cryptographic primitives and also secure cryptographic protocols that build messaging schemes on top of those primitives. Well-designed protocols are the backbone of almost all modern digital communication, enabling key exchange, entity authentication, secure channels, and anonymous messaging. On the other hand, improperly designed protocols can render the best […]
The mantra “don’t roll your own crypto” is widely known and accepted amongst programmers, but what does it actually mean? It turns out that such a simple statement is not so simple to follow. What many people take away from “don’t roll your own crypto” is that they shouldn’t create their own crypto algorithms. This […]
After four and a half years of work on the DARPA I2O Brandeis Program, we are excited to announce the completion of Jana, a project which set out to develop accessible privacy-preserving data as a service (PDaaS) to protect the privacy of data subjects while retaining data utility to users. The Galois-led Jana project aimed […]
Today, Microsoft announced our joint work on ElectionGuard and the upcoming release of the software development kit. This SDK will be freely available, and can be used to enable end-to-end verifiable (E2E-V) elections around the world. An E2E-V election uses cryptography to produce proofs that an election has been run correctly. In a properly implemented […]
This article originally appeared in the Fall 2018 edition of the U.S. Cybersecurity Magazine When obdurate isolationist Woodrow Wilson won 1916 re-election under the slogan, “He kept us out of the war!”, he hadn’t anticipated a simple act of data sharing. On January 17, 1917, Room 40 (British Naval Intelligence) finally decrypted the infamous German “Zimmerman […]
This article originally appeared in the Spring 2018 edition of the U.S. Cybersecurity Magazine Much of cyber defense today relies on the same approach used in kinetic defense over the last few thousand years. We use hard perimeters (firewalls) to repel attacks, sentries (IDSs) to trigger incident response, and carefully guarded entry points (VPNs, websites) to […]
This article originally appeared in the Summer 2017 edition of the U.S. Cybersecurity Magazine More and more computation is being outsourced to public clouds such as Amazon’s GovCloud and Elastic Compute Cloud, RackSpace, and others. It’s the new “gig” economy for computer hardware. These cloud computers can be just as vulnerable as any other computer, […]
We take pride in personally connecting with all interested partners, collaborators and potential clients. Please email us with a brief description of how you would like to be connected with Galois and we will do our best to respond within one business day.