Jim Miller

Congrats to Ryan Keegan for being the first to exploit the simulator we used to validate the secret quantum circuits: blog.trailofbits.com/2026/04/17/we-… It kills me that the (now fixed) bugs were simple (we didn't port the op validation code from C++ to Rust!), but that's to be expected.

@trailofbits Going further, there’s a way to protect the guest program even against potential compiler bugs: formally verify the guest RISC-V assembly code, like I’m experimenting with in evm-asm.

Great write up of how Trail of Bits was able to find vulnerabilities in Google’s zero knowledge prover and generate a fake proof: blog.trailofbits.com/2026/04/17/we-…

Google used a ZK proof to disclose a quantum breakthrough that cuts the cost of breaking cryptocurrency by 20x without handing attackers the circuit. We found anyone could forge a “proof” of an even stronger attack. 🧵

Lets break down these attacks: x.com/tjade273/statu… First up is wiretap.fail The key insight is that TEEs do not randomize their memory encryption. This is because the encrypted data needs to fit in the same space as the plaintext, so there is no room for a nonce or IV. The typical cipher mode is AES-XEX or the related AES-XTS. en.m.wikipedia.org/wiki/Xor%E2%80… Every memory location acts like an independently keyed cipher, so it’s not quite ECB Tux level bad, there is a sort of _temporal tux_ problem. Every time a value is encrypted at a particular memory location, the ciphertext is the same.

My colleagues wrote a great explainer on the historic hack from today and what it means for the industry. Must read 👇

The $1.5B Bybit hack marks a new era in cryptocurrency security. Attackers have moved beyond technical exploits to sophisticated operational attacks. Read our initial analysis of this historic breach and its industry-wide implications: blog.trailofbits.com/2025/02/21/the…

I am honored to be selected as part of the program committee by the MPCA, so please don't hesitate to reach out with any questions. This will be a great event showcasing the practical side/challenges of MPC. I hope to see you all in Sofia ❤️

The RWMPC workshop will be a 1 day event on March 25 in Sofia, Bulgaria. The content will cover a variety of practical MPC use cases: currently accepting potential talks across real-world deployments, standards, security, formal verification, legal implications, and more!

Start the year off right and register/submit a talk for the Real World MPC workshop! The MPC Alliance is hosting this as a co-located event for Real World Crypto, and the CFP is now open and accepting talks across a wide variety of MPC topics 🙂. Details and links are in 🧵

The first ever Queer in Cryptography conference will be held in Rochester, NY on March 6th and 7th 2025! Register now and come celebrate the many great cryptography contributions from the LGBTQ+ community- allies welcome! cryptography.lgbt

@zama Or another, similar one would be the boxes with gloves that they use for handling nuclear material. For FHE this box would not have see-through glass and only allows for very specific operations with the gloves

@zama I like extensions to the typical "lockbox" encryption analogy. For instance, the lockbox contains metal objects of differing sizes, and the FHE analogy is using a magnet to move the objects around (sort them by size, for example). Noise/weight are potential side-channel attacks

Got a solid analogy to explain Fully Homomorphic Encryption (FHE) in one tweet or image? We know it's a complex topic, but if you can break it down, reply below ⬇️ We’ll mail swag to the best ones 📦🧢🟨

.@trailofbits had one of the best weeks ever! From groundbreaking ML research to advancing post-quantum crypto, here's a summary of last week:🧵

Interested in using any of the post quantum algorithms standardized this week? Check out our Rust implementation of SLH-DSA!

Two days ago, @NIST finalized three post-quantum cryptography standards. Today, we are announcing an open-source Rust implementation of one of these standards, SLH-DSA, now available in RustCrypto! blog.trailofbits.com/2024/08/15/we-…

Will these algorithms start to become widely supported? Yes! Our crypto team anticipated this and implemented the stateless hash-based digital signature scheme (SLH-DSA or SPHINCS) in Rust, now part of RustCrypto. buff.ly/3SN6Lq1

It's official, NIST has finalized 3 post-quantum cryptography standards!