Cossack Labs
Cossack Labs
development
4 Apr 2019
Building Defence in Depth for Your Data Using Acra
How to protect the data in your app infrastructure using the defence in depth approach, explained on the example of Acra encryption suite.
22 Nov 2018
How to Implement Tracing in a Modern Distributed Application
A battle-tested explanation of why tracing is a very useful technique you can benefit from in your projects. A story from the trenches of implementing distributed tracing in our Acra data security suite.
29 May 2018
Reducing Docker Image Size for Acra
We tried out and described a few approaches to reducing the size of Docker images for the components of our database encryption suite Acra. As a result, we found a way to reduce the container size by roughly 62 times.
23 Nov 2017
Auditable Macros in C Code
Turning macros into auditable C code in a highly parameterised cross-platform cryptographic library Themis with a help of preprocessor customization.
21 Sep 2017
Replacing OpenSSL with Libsodium
The second article in a series of three that covers our experiments with different sources of crypto primitives for Themis. This time we tested its multi-platform capabilities with Libsodium.
6 Mar 2017
Importing with ctypes in Python: fighting overflows
Best cases of boring technical debt are understood when reflected properly. This post addresses a simple one: inelegant flags in core C library ended up breaking Python tests. This is no small case to us: tests breaking sometimes might end up in things seeming to work, but not really working. Not something you can afford yourself when you're doing cryptography, do you?
28 Feb 2017
Plugging leaks in Go memory management
Investigating memory leaks can be fun, sometimes. Sometimes it might even teach you a few lessons in how the language you know and like actually works.
23 May 2016
Choose your Android crypto (Infographic)
This blog post features infographic on how to choose cryptographic frameworks when developing Android apps and adds a few notes about Native/Java crypto.
7 Apr 2016
Benchmarking Secure Comparator
This post summarizes our experiences of testing Secure Comparator as an authentication mechanism for HTTP.
While we were planning, designing and implementing Comparator, real infrastructure in which it has to function (letting Toughbase instances without shared trust to be able to exchange records and request personal data safely) was very far from being ready, but we wanted to understand how good it was for some practical applications. So we chose the obvious - seeing how SC could work as HTTP authentication mechanism.
30 Mar 2016
Crypto in iOS: Choose your destiny (Infographic)
This blog post features infographic on how to choose crypto when developing iOS apps. It's always useful to put tool choice in context of causes (goals) and effects. This is what we've tried to do in this post.
