Blog

23 Nov 2017
Auditable Macros in C Code
Turning macros into auditable C code in a highly parameterised cross-platform cryptographic library Themis with a help of preprocessor customization.
21 Sep 2017
Replacing OpenSSL with Libsodium
The second article in a series of three that covers our experiments with different sources of crypto primitives for Themis. This time we tested its multi-platform capabilities with Libsodium.
15 Sep 2017
Themis 0.9.5 release
Themis 0.9.5 is here! Improved compatibility, small fixes, nice extras, and pre-built binaries from package server for your convenience.
11 Jul 2017
Replacing OpenSSL with BoringSSL in a Complex Multi-Platform Layout
To provide better multi-platform support in Themis, we've built multi-donor support abstraction layer for cryptographic primitives, called Soter. This is the first article in a series of three that will cover our experiments with different sources of crypto primitives, this time - BoringSSL.
8 Mar 2017
Presenting Acra
Today we're revealing Acra: a database security suite, built to provide selective encryption and intrusion prevention for modern microservice-rich products and web apps.
6 Mar 2017
Importing with ctypes in Python: fighting overflows
Best cases of boring technical debt are understood when reflected properly. This post addresses a simple one: inelegant flags in core C library ended up breaking Python tests. This is no small case to us: tests breaking sometimes might end up in things seeming to work, but not really working. Not something you can afford yourself when you're doing cryptography, do you?
28 Feb 2017
Plugging leaks in Go memory management
Investigating memory leaks can be fun, sometimes. Sometimes it might even teach you a few lessons in how the language you know and like actually works.
30 Dec 2016
2016 at Cossack Labs
Bright and full of new 2016 year insensibly came to an end. Sharing the summary of our work!
21 Dec 2016
Themis database modules
In an ongoing effort to make Themis functions available anywhere we (and potential users) might need them, we're starting to release Themis wrappers for popular databases. This post outlines the first two - for Redis and PostgreSQL databases.
13 Dec 2016
12 and 1 ideas on how to enhance backend data security
Previously, we’ve talked about classic design patterns in backend data security and about key management goals and techniques. In this article, we'll discuss how modern approaches differ and shed light on our solutions. Updated in 2019