constantine
nimkernel
constantine | nimkernel | |
---|---|---|
14 | 4 | |
254 | 602 | |
- | - | |
8.4 | 0.0 | |
6 days ago | over 2 years ago | |
Nim | Nim | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
constantine
-
A beginner's guide to constant-time cryptography (2017)
Percival cache attacks on Hyperthreading.
I go over some examples here: https://github.com/mratsim/constantine/issues/358#issuecomme...
-
D Programming Language
`when myCondition():` instead of `if myCondition:` is done at compile-time.
Alternatively you can use a `static:` code block to force compile time evaluation. Or tag a function {.compileTime.} or tag function inputs with `static` modifier.
It is possible to create a compiler or an assembler running fully in Nim macros as well:
- https://github.com/mratsim/constantine/blob/master/constanti... (all that file runs at compile-time)
You can also implement Continuation-Passing-Style transformation at compile-time:
- Fast constant-time pairing or elliptic curve based cryptography (Nim/C)
-
Matrix Multiplication Using Only Addition
At a glance this sounds like a re-discovery of addition chains and using them to construct Pippenger algorithm. But applied to matrices instead of group elements.
See: https://github.com/mratsim/constantine/issues/37
-
Elliptic Curve Cryptography Explained
I usually explain extension fields as similar to complex numbers with regards to reals.
I've collected a lot of extension fields references while working on my own implementation: https://github.com/mratsim/constantine/tree/master/constanti...
The best likely being
- Arithmetic of Finite Fields
- Constant-Time Big Numbers: An Introduction
-
just a question that has been lingering on my mind
Regarding your first question, you don't need to attack the hard-drive, for non constant-time crypto you can read power consumption or electromagnetic traces when the secret key is used to reconstruct it: - https://github.com/mratsim/constantine/wiki/Constant-time-arithmetics
-
Const [pdf]
Unfortunate name collision with my constant-time pairing-based cryptography library :/.
https://github.com/mratsim/constantine
-
DSL for Zero Knowledge Proofs
KZG for sure yes, I actually already started implementing them: https://github.com/mratsim/constantine/tree/c2d716b/research/kzg_poly_commit
-
How is Elliptic Curve Cryptography Encryption Fast?
I have a small write-up on various details of elliptic curve crypto implementation here: https://github.com/mratsim/constantine/tree/master/constantine/elliptic
nimkernel
-
D Programming Language
> kernel developers do not allow third party runtimes in the kernel. Even meager Rust's "panic" runtime is a contentious
Much in Linux is contentious :-) which is why the module system is nice. A kernel module for C code requires no permission from Linux-core unless you need it distributed with the kernel (which, yes, might be required for "credibility" - but critically also might not). It may require many decls to access various kernel APIs, but those can be (semi-)automated or just done as-needed. So, Linux kernel policy is not so relevant (at best) which is what I meant by "no special support" (admittedly brief). Kernel coding is always a bit trickier, and you may need to build up some support code to make integration nice, though as well as decl generators.
> Can one disable runtime in Nim completely -- no GC, no exceptions?
To answer your question, and as discussed elsewhere in this subthread, Nim has many options for memory management.. only stdlib seq/string really needs automatic methods. One can disable the runtime completely via os:standalone and statically check that no exceptions are raised with Nim's effect system (and there are also both setjmp & goto based exception impls which may/may not be workable in Linux/BSD kernel module settings). As "proof more by example", a few people have written OS kernels in Nim recently[1,2] and there was another toy kernel long ago[3].
People have also written OS kernels in Go which "has a GC and runtime".[4] So, I acknowledge it's not quite the same example, but I also see no fundamental blockers for kernel modules.
[1] https://github.com/khaledh/axiom
[2] https://prosepoetrycode.potterpcs.net/2023/01/a-barebones-ke...
[3] https://github.com/dom96/nimkernel
[4] https://github.com/mit-pdos/biscuit/
-
Ask HN: Why did Nim not catch-on like wild fire as Rust did?
Niceness is subjective, but Nim is just as valid an addition to that group. Nim compiles to C and has had an --os=standalone mode for like 10 years from its git history, and as mentioned else-thread (https://news.ycombinator.com/item?id=36506087) can be used for Linux kernel modules. Multiple people have written "stub OSes" in it (https://github.com/dom96/nimkernel & further along https://github.com/khaledh/axiom).
While it can use clang as a backend, Nim does not rely upon LLVM support like Zig or Rust (pre-gcc-rust working). Use on embedded devices is fairly popular: https://forum.nim-lang.org/search?q=embedded (or web search).
Latency-wise, for a time, video game programming was a perceived "adoption niche" or maybe "hook" for Nim and games often have stringent frame rendering deadlines. If you are interested in video games, you might appreciate https://github.com/shish/rosettaboy which covers all but Ada in your list with Nim being fastest (on one CPU/version/compiler/etc). Note, however, that cross-PL comparisons are often done by those with much "porting energy" but limited familiarity with any but a few of the PLs. A better way to view it is that "Nim responds well to optimization effort" (like C/Ada/C++/Rust/Zig).
- OSDev in Nim
- A small kernel written in Nim
What are some alternatives?
blst - Multilingual BLS12-381 signature library
procs - Unix process&system query&format lib&multi-command CLI in Nim
nim-stint - Stack-based arbitrary-precision integers - Fast and portable with natural syntax for resource-restricted devices.
iomrascalai - Iomrascálaí is an AI for the game of Go/Weiqi/Baduk written in Rust
secp256k1 - Optimized C library for EC operations on curve secp256k1
wasmer - 🚀 The leading Wasm Runtime supporting WASIX, WASI and Emscripten
noir - Noir is a domain specific language for zero knowledge proofs
rosettaboy - A gameboy emulator in several different languages
Practical-Cryptography-for-Developers-Book - Practical Cryptography for Developers: Hashes, MAC, Key Derivation, DHKE, Symmetric and Asymmetric Ciphers, Public Key Cryptosystems, RSA, Elliptic Curves, ECC, secp256k1, ECDH, ECIES, Digital Signatures, ECDSA, EdDSA
axiom - A 64-bit kernel implemented in Nim
mbedTLS - An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
vos - Vinix is an effort to write a modern, fast, and useful operating system in the V programming language