16 Apr 2019

Acra on DigitalOcean Marketplace

Acra encryption suite is now available as 1-Click App running in a Droplet on DigitalOcean Marketplace.

Read more...


4 Apr 2019

Building Defence in Depth for Your Data Using Acra

How to protect the data in your app infrastructure using the defence in depth approach, explained on the example of Acra encryption suite.

Read more...


26 Oct 2016

Why making Internet safe is everyone’s responsibility

... not the security vendors, nor government or big corporations can solely fix the current state of things. It's everybody's duty and the earlier we understand it - the better.

Read more...


21 Apr 2016

Building Sesto, in-browser password manager

Sesto is one of PoC tools we've developed while working on WebThemis - the cryptographically sane front-end framework for Google Chrome. Sesto enables web users to store any secrets (for example, login credentials) on the server and use them from any computer that has Google Chrome installed. 

Read more...


17 Mar 2016

Building secure end-to-end webchat with Themis

While doing some protocol design for front-end clients with WebThemis services, we wanted to try it in real-world situations first: how easily could we deploy complicated cryptographic behavior into web apps? Turns out, quite easily. This post describes one of such web apps, designed to illustrate some zero-server-trust design patterns we're using in other developments. 

Read more...


8 Mar 2016

Building and Using Themis in PNaCl

This post outlines our experience of porting typical C/C++ library (which is obviously Themis, in our case) to PNaCl module. A few challenges, a number of interesting riddles and Themis suddenly has a new home!

Read more...


3 Mar 2016

What's wrong with Web Cryptography

Threats you may face when implementing cryptography within your web application JS way.

Read more...


1 Mar 2016

WebThemis: proper crypto for modern Web

Introducing WebThemis: a Google Chrome library to develop secure web applications.

Read more...


26 Nov 2015

Why we need novel authentication schemes?

Current technological advancements in authenticating users seems to be sufficient for most cases. However, taking a more detailed look reveals weaknesses and tradeoffs in all existing authentication schemes. Before explaining the methodology and cryptography behind Secure Comparator, our authentication protocol, we wanted to outline reasons for developing it in a brief review of existing authentication methods.

Read more...


20 Nov 2015

WeakDH/LogJam vs Secure Session

Being asked several times 'Is Secure Session prone to attacks similar to WeakDH/LogJam', we've decided to outline some principal differences, which render Secure Session really secure from these attacks.

Read more...

All posts

Previous Previous