Publications
Factoring "short-sleeve" RSA keys with polynomials
We found hundreds of weak RSA and DSA keys with biased bits that we could quickly factor using a new polynomial-based cryptanalytic technique.
We beat Google’s zero-knowledge proof of quantum cryptanalysis
Trail of Bits discovered and exploited memory safety and logic vulnerabilities in Google’s Rust zero-knowledge proof code to forge a proof claiming better quantum circuit performance metrics than Google’s original results, demonstrating unique security risks in zkVM systems.