computer with a shield over it

Our team includes PhD-level cryptographers who have spent years developing and cryptanalyzing complex cryptographic protocols (for example, see our published analysis and contributions to the EDHOC protocol). At the same time, we aren't solely academics. Half of our team comes from a traditional software and security background. We bring the best of both worlds; we know math, theory, software, and real-world systems.

Book a technical office hours session

Book a complimentary one-hour meeting with one of our engineers to dive into a challenging technical issue, explore tooling options, and gain valuable insights directly from our experts. This session is purely technical—no sales talk, just a focused discussion that showcases our depth, talent, and capabilities.

Book a session

Cryptography Services:

Cryptographic Design Assessment

Cryptography is uniquely sensitive to design flaws, which can lead to severe vulnerabilities that are often subtle and hard to detect without specialized knowledge. Our team, skilled in theoretical and applied cryptography, assesses your design documents before you begin implementation, helping you avoid costly mistakes and rebuilds.

  • Comprehensive initial analysis

    Our initial manual assessment focuses on understanding the system, identifying "low-hanging fruit" issues, and evaluating design choices. We examine algorithm security, parameter choices, and threat models to help ensure the design aligns with standard practices. We aim to clarify design goals and create reasonable threat models if they don't already exist.

  • In-depth analysis and clarification

    Building on the initial understanding, we develop clarifying questions to discuss with you. These questions address underspecified areas and inconsistencies and refine threat models or design goals.

  • Tailored analysis for different systems

    Our analysis is tailored for diverse systems, from traditional cryptographic systems like end-to-end encryption (E2EE) to completely novel cryptographic protocols. For systems like E2EE systems, we have extensive experience verifying their design goals and know the best design practices for key management, forward secrecy handling of images and files, and many more. For novel cryptographic protocols, we assess underlying assumptions and security proofs and enhance clarity, accuracy, and soundness to instill confidence in the protocol.

  • Automated analysis with powerful tools

    In parallel with manual assessments, we integrate powerful cryptographic protocol verification tools such as Verifpal, ProVerif, CryptoVerif, and Tamarin. These tools automate the identification of known cryptographic attacks and verify specific properties.

Explore Our Design Assessments: Public Report for ZeroTier

Cryptographic Code Assessment

Our team has extensive experience assessing standardized cryptography and cryptosystems. For each NIST standard, we maintain internal guidance and checklists for common vulnerabilities and misuse of these algorithms; we know what bugs to look for and how to find them. Whether you're building an encrypted hard drive, public key infrastructure, end-to-end encryption (E2EE) protocols, or any other standardized cryptography application, our team can help you.In addition to more standard and traditional cryptosystems, our team also prides itself on being experts in the cutting edge areas of cryptography, such as the following:

  • Zero-knowledge proofs

    We have extensive experience assessing systems that leverage zero-knowledge proofs (ZKPs), including privacy coins, virtual machines, and frameworks like Circom, Halo2, and others. For each of these systems, we know the biggest threats and common mistakes to look for. For instance, for privacy coins, we look for Fiat-Shamir issues, input validation issues, violation of theoretical assumptions, specification and implementation discrepancies, etc.

  • Threshold signature schemes and multi-party computation

    Multi-party computation (MPC) systems, and threshold signature schemes (TSS) in particular, are plagued with critical vulnerabilities. Assessing these systems effectively requires expertise in the theory underlying the protocols and low-level software (as many of these issues are subtle). We maintain an internal list of known vulnerabilities (and potential variants) against all major TSS and MPC protocols.

  • Novel and E2EE protocols

    When tackling new protocols, we leverage our knowledge of similar protocols to inform our analysis. We have extensive experience designing and analyzing protocols, so we know how to formalize security notions, go beyond common assumptions, and formally prove security. When applicable, we commonly use formal verification tools such as Verifpal to quickly understand and analyze novel protocols. Over the past few years, E2EE has been a big trend in the industry, and our team has developed specialized expertise in designing and securing these systems.

  • Cloud cryptography

    Our cloud cryptography assessments focus on high-level considerations, assessing whether systems use cloud cryptography services as intended and recommending efficiency gains. We emphasize avoiding insecure practices and offer ongoing guidance specific to various cloud cryptography platforms.

  • Hardware-based cryptography

    We assess configurations for security concerns, restrict privileged access, and optimize resource usage in hardware-based cryptography systems. Our internal guidance includes high-level considerations for cryptographic hardware generally, as well as low-level guidance for specific hardware platforms.

  • Rust and Go cryptography

    Our entire Assurance practice has extensive experience working with Rust and Go. We maintain internal checklists and comprehensive guidance for securing Rust and Go codebases, and the cryptography team regularly leverages these insights in our security assessments. However, we don’t just assess code; we have also built several tools and implemented multiple complex cryptographic protocols in both Rust and Go. We know how to write code securely, efficiently, and idiomatically, and we use this to inform our security assessments.

Explore Our Comprehensive Code Assessment: Public Report for SimpleX

Cryptographic Engineering

We specialize in engineering secure cryptographic solutions tailored to your unique requirements. Our approach involves producing detailed specifications and implementing products with comprehensive documentation, safe APIs, and thorough testing. We offer four service variants:

  1. Designing and engineering from scratch
  2. Reviewing existing designs and engineering them for you
  3. Enhancing legacy implementations with improved documentation and testing and new features
  4. Producing a comprehensive design specification
  • Security software engineering

    Cryptographic software is just like any other software, so building it securely requires the same knowledge of security engineering as any other software.

  • Languages we support

    • Rust
    • Go
    • C/C++
    • Python
    • JavaScript/TypeScript
  • Specification writing

    We understand the importance of clear and comprehensive documentation. We know what topics need to be included, what level of detail is required, and how to incorporate your design requirements.

  • Mandatory peer code reviews

    Every line of code written in our cryptographic engineering projects is assessed by another member of the cryptography team who did not write that code. This helps ensure that every codebase produced in our engineering projects has a security posture comparable with any other codebase our team has assessed. These internal checks and balances are considered part of our development process and are not an additional charge to the service.

Case Study Image

Case study: Navigating zkEVM Challenges

Scroll, a company extending Ethereum’s capabilities through zero-knowledge (ZK) technology and EVM compatibility faced the challenge of auditing its zkEVM circuits. Recognizing the need for advanced expertise and impactful recommendations, Scroll turned to Trail of Bits for several key reasons:

  • Advanced expertise in ZK circuits.
  • Impactful recommendations that enhance your SDLC.
  • Instructions on implementing tools and custom Semgrep rules into your CI.

Learn how our comprehensive approach and expert insights empowered Scroll to strengthen their ZK circuit security and development practices.

Read the case study
Why we offer assessments and not audits

Unlike many firms that provide security audits, we offer security assessments. Standard audits follow a predefined checklist that limits the scope and capabilities, our assessments don't look to check boxes but discover the root causes of security weaknesses identified. This approach allows us to provide nuanced, actionable insights that do more than fix the immediate problems—they also enhance the system's overall resilience and security for the future. By focusing on the root causes and broader implications of security vulnerabilities, we empower our clients to not just respond to bugs but to develop stronger, more resilient software design, development, and coding practices.

Read our assessment of Aleo
Our services

We believe in the power of collaboration and the synthesis of knowledge across various fields to deliver unparalleled services to our clients. Our diverse company lines are not isolated silos of expertise. Instead, they represent a spectrum of capabilities that we seamlessly blend to meet the unique needs of each project.