All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

AI Audit Agent Finds Seven Bugs in Cloudflare's CIRCL Cryptography Library

By

Stefanos Chaliasos, Hao Pham, False Witness team

7h ago· 18 min readenInsight

Summary

zkSecurity's AI audit agent (zkao) was pointed at Cloudflare's CIRCL experimental cryptography library, where it discovered and confirmed seven real bugs — ranging from a critical float64 precision loss in threshold RSA to a complete access-control break in attribute-based encryption. All seven bugs have been fixed upstream. This is the first post in a series about bugs found by AI agents across open source cryptography.

Source

Hacker NewsAI Audit Agent Finds Seven Bugs in Cloudflare's CIRCL Cryptography Libraryblog.zksecurity.xyz

Key quotes

· 4 pulled
We pointed our AI audit pipeline at Cloudflare's CIRCL experimental cryptography library and confirmed seven real bugs, from a critical float64 precision loss in threshold RSA to a complete access-control break in attribute-based encryption.
All seven are now fixed upstream.
This is the first post in a series on bugs our agents found across open source cryptography.
The goal is simple to state and hard to do: keep an AI looking at your code, continuously, until no bugs remain that other AI tools can find.
Snippet from the RSS feed
We pointed our AI audit pipeline at Cloudflare's CIRCL experimental cryptography library and confirmed seven real bugs, from a critical float64 precision loss in threshold RSA to a complete access-control break in attribute-based encryption. All seven are

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.