We've expanded our Trail of Bits Testing Handbook with a new chapter on cryptographic testing, covering Wycheproof and constant time analysis tooling. Essential reading for security professionals working with cryptographic implementations.
📖 https://lnkd.in/gdW7yW9t
Wycheproof, a comprehensive test vector collection, helps verify cryptographic algorithm implementations against known vulnerabilities and has been used to find dozens of cryptographic vulnerabilities. Our chapter details its structure and practical application in testing harnesses
Constant-time cryptography is an essential part of software security, and dozens of tools can be hard to navigate. Our new section breaks down formal, symbolic, dynamic, and statistical tools. Use these tools in your crypto code to learn how to detect and mitigate timing side channels.
Our handbook now offers in-depth coverage of static analysis, web app security, fuzzing, and cryptographic testing. It's a vital resource for security engineers looking to enhance their application security practices.
Stay tuned for new fuzzing sections, set to release next week. We'll explore language-specific security considerations and best practices for Ruby and Python developers