subtle
Pure-Rust traits and utilities for constant-time cryptographic implementations. (by dalek-cryptography)
FaCT
Flexible and Constant Time Programming Language (by PLSysSec)
subtle | FaCT | |
---|---|---|
1 | 5 | |
229 | 191 | |
0.9% | 0.0% | |
0.0 | 10.0 | |
2 months ago | about 2 years ago | |
Rust | OCaml | |
BSD 3-clause "New" or "Revised" License | BSD 3-clause "New" or "Revised" License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
subtle
Posts with mentions or reviews of subtle.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-10-23.
-
Fact: Constant Time Programming Language
Rust has some great constant time libs already, for instance `subtle` [0]. A `derive(ConstantTimeEq)` might get you most of the way, but a constant-timeifier would be great for wrapping whole algos where you might not want to think too hard about timing side channels.
For your sleeping proposal, it sounds a little like differential privacy [1] where you can add some randomness to gain some privacy but using up your privacy budget in the process. In that case, `N` depends on the sensitivity of the data, the noise amount, and your privacy budget. If you get it right, it has provable security properties. However, that works better when the adversary does not have physical access to the machine and can't observe the intermediate state (or side channel leaks thereof).
[0]: https://github.com/dalek-cryptography/subtle
[1]: https://github.com/dalek-cryptography/subtle
FaCT
Posts with mentions or reviews of FaCT.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-10-23.
- FaCT: Constant Time Programming Language
-
Fact: Constant Time Programming Language
While it would be nice, this is somewhat mitigated by the fact that they've got a top-level directory called "example."
https://github.com/PLSysSec/FaCT/blob/master/example/example...
What are some alternatives?
When comparing subtle and FaCT you can also consider the following projects:
movfuscator - The single instruction C compiler