The `p384` v0.11.0 crate release now includes a full arithmetic implementation, enabling both ECDSA and ECDH support, using field arithmetic implementations from `fiat-crypto`: https://t.co/tY1cmvSqGb
Excited to use the new `hybrid-array` crate from @RustCryptoOrg ! It's like `generic-array` but with no `unsafe` under the hood, a bridge to using fully-featured const generics in expressions in the not-too-distant Rust future!
https://t.co/RCl026YXzd
https://t.co/0Wr0rsojTI
Our `ecdsa` crate prevents vulnerabilities like Java's CVE-2022-21449 using type safety.
We use a `NonZeroScalar` type to model the `r` and `s` components of an ECDSA signature. This prevents either of them from ever accidentally being zero.
https://t.co/4fpigNWTUt
My sha1 crate is now called sha1_smol for when you need a dependency free version. Major versions of the sha1 crate in the future will refer to the RustCrypto SHA1 implementation. Users of the 0.6 line of sha1 are auto migrated to sha1_smol. https://t.co/NK0nsSxFLb
[ANN] `crypto-bigint` v0.3.0: @rustlang big integer library designed for cryptography use cases.
Repo: https://t.co/nsM0En31cG
Docs: https://t.co/iQimqWZKFs
`crypto-bigint` v0.2.6 has been released.
Among other new features, it adds support for encoding `UInt` types using Recursive Length Prefix (RLP) encoding
https://t.co/hcBt7TCz4w
"Password auth in Rust, from scratch - Attacks and best practices"
Tutorial on how to do Argon2 in Rust using the @RustCryptoOrg `argon2` crate, part of the "Zero To Production In Rust" series:
https://t.co/VNQdCzcxPD
Why is constant-time PEM encoding important for an RSA library?
A forthcoming paper illustrates RSA key extraction from SGX enclaves using PEM/Base64 sidechannels alone:
https://t.co/3mQJU60tHH
[ANN] `rsa` v0.5.0: pure @rustlang implementation of the RSA public key cipher and digital signature algorithm.
This release includes constant-time PEM decoding/encoding for PKCS#1 and PKCS#8 keys.
- repo: https://t.co/pnwQPyKfr6
- docs: https://t.co/wBCiHL3x8L
In a moment of serendipity I just so happen to have published a new @RustCryptoOrg strict PEM parser which not only uses a constant time Base64 implementation but in the happy path completely avoids any branching or table lookups on potentially secret data
https://t.co/86ULrBIyED
Updated ECDSA/secp256k1 benchmarks comparing:
- @RustCryptoOrg's pure Rust `k256` crate
- The pure Rust `libsecp256k1` crate
- The `secp256k1` crate (FFI wrapper for the bitcoin-core C library)
Faster is better.
@derekilikered There are many other low-hanging fruit optimizations to pursue as yet.
For example, we don't yet precompute powers of the generator, which would also speed up verification.
We also use constant-time formulas for ECDSA verification. Things might be improved by e.g. wNAF.