needed-libraries icon indicating copy to clipboard operation
needed-libraries copied to clipboard

Published 20 hours ago verified publisher icon nim-lang

Cryptography support

Open DonaldTsang opened this issue 5 years ago • 7 comments

This is an exhaustive list, not everything is needed

  1. All hash functions in https://github.com/coruus/sphlib (SHA3 candidates)
  2. All finalists hash functions in https://github.com/bsdphk/PHC (password derivation functions)
  3. AES, serpent, Twofish, RC6, MARS (AES candidates) + Camellia, SEED and ARIA
  4. All Phase 3 ciphers in the eSTREAM portfolio https://en.wikipedia.org/wiki/ESTREAM
  5. All Block cipher modes like in https://web.archive.org/web/20170904011624/http://csrc.nist.gov/groups/ST/toolkit/BCM/modes_development.html

DonaldTsang avatar Mar 16 '19 12:03 DonaldTsang

Other ways of comparing notes would be to have the ciphers, hashes and modes of https://en.wikipedia.org/wiki/Comparison_of_cryptography_libraries

DonaldTsang avatar Mar 16 '19 12:03 DonaldTsang

Nimcrypto covers a lot of these: https://github.com/cheatfate/nimcrypto

zah avatar Mar 17 '19 08:03 zah

@zah that only scratches the surface when compared to the the list, which has ~100 items

DonaldTsang avatar Mar 17 '19 09:03 DonaldTsang

Please be mindful of the security risks of implementing cryptographic functions. I'm wrapping libsodium for this reason: https://github.com/FedericoCeratto/nim-libsodium

FedericoCeratto avatar Apr 06 '19 12:04 FedericoCeratto

@FedericoCeratto for the common cryptographic functions, sure. But for the other less used and "experimental" ones? I wouldn't mind weaker implementations.

DonaldTsang avatar Apr 08 '19 04:04 DonaldTsang

This feels more like a bucket-list, i.e. exhaustive, than needed. I’ve been using crypto for a long time and never needed more than a small number of algorithms like SHA, MD5, AES, RSA, xx25519, Blake2b, ChaCha.

The trend in modern crypto libraries is curation and higher-level operations, not a huge set of primitives. No one but a crypto researcher needs access to 50 different symmetric stream ciphers. (And if you do, the C APIs for crypto functions are ridiculously simple, so they’re very easy to Nim-wrap yourself.)

the other less used and "experimental" ones? I wouldn't mind weaker implementations.

A weak implementation of a crypto primitive is actively dangerous, unless you’re just using it for research. Doesn’t seem like something that should be in a library, where someone could find it without being aware of the danger.

snej avatar Oct 01 '20 16:10 snej

Agree with @snej I'd rather have a couple of primitives that are widely used, well implemented, well optimized and audited than a collection that gathers dust.

For example the only SHA3 candidates that actually see widespread use are SHA3, Keccak and BLAKE2.

Now regarding cryptography support, do not that we are in the middle of a security audit at Status and the following primitives are went under review:

  • Nimcrypto's SHA2, HMAC, PBKDF2: https://github.com/cheatfate/nimcrypto/tree/master/nimcrypto
  • libp2p HKDF, RSA, Curve25519, ChachaPoly and CSPRNG: https://github.com/status-im/nim-libp2p/tree/03f5bbba/libp2p/crypto, https://github.com/status-im/nim-bearssl
  • BLS12-381 and BLS signatures including HKDF: https://github.com/status-im/nim-blscurve
  • Key storage and wallets for crypto funds (Scrypt, PBKDF2, AES): https://github.com/status-im/nim-beacon-chain/blob/78ceeed80/beacon_chain/spec/keystore.nim https://github.com/status-im/nim-beacon-chain/blob/78ceeed80/beacon_chain/keystore_management.nim

Also as a side project I'm implementing a comprehensive library for pairing-based cryptography and zero-knowledge proofs: https://github.com/mratsim/constantine

mratsim avatar Oct 01 '20 19:10 mratsim