wycheproof
noise_spec
wycheproof | noise_spec | |
---|---|---|
12 | 6 | |
2,587 | 450 | |
- | 0.0% | |
0.0 | 10.0 | |
about 4 years ago | over 5 years ago | |
Java | HTML | |
Apache License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
wycheproof
- Google's Project Wycheproof
- SHA-3 Buffer Overflow - CVE-2022-37454
-
When To Roll Your Own X
I failed to notice the relevant Wycheproof test vectors because they weren’t listed on the front page (they still aren’t).
-
Automated Tests Are the Safety Net that Saves You
When I wrote the Monocypher cryptographic library, I didn't really know how to write serous tests. With some help, I eventually got something pretty good, with 100% code and path coverage, that test every possible input lengths as well as obscure corner cases I stole from various places (most notably Whycheproof).
- Project Wycheproof
- Psychic Signatures in Java
- What are some real-world security issues in cryptography?
-
How to verify ECC double and add algorithm implementation
"GitHub - google/wycheproof: Project Wycheproof tests crypto libraries against known attacks." https://github.com/google/wycheproof
-
An Illustrated Guide to Elliptic Curve Cryptography Validation
Thankfully, Curve25519 is much easier to implement, with much fewer death traps than short Weierstraß curves. For X25519, just follow DJB’s advice from ECC Hacks https://www.youtube.com/watch?v=vEt-D8xZmgE and make sure your arithmetic is up to snuff (constant time arithmetic is actually the hard part, by default I strongly suggest you steal it from the ref10 implementation).
For EdDSA, just follow the relevant explicit formulas, avoid clever (but dangerous) tricks such as converting to Montgomery form and back, and test with Wycheproof’s Ed25519 test vectors. https://github.com/google/wycheproof/blob/master/testvectors...
-
Is AES 256-bit good enough for files.
Have you tested all your applicable components against the Wycheproof test vectors and passed?
noise_spec
-
I worked at LastPass as an engineer. My 2 cents on the situation
Because I always want to identify the solution when we point to the problem:
https://doc.libsodium.org/
http://noiseprotocol.org/
-
How should I encrypt files for sharing over the internet?
If you're not looking to share files but instead need a full communications protocol, the question gets more complex. TLS is the most commonly used encryption layer, and lots of other protocols use TLS to encrypt their traffic. In the rare cases where it's not suitable, the Noise Protocol Framework works to design a secure protocol for the necessary uses.
-
help with Monocypher on an embedded system
TLS Client Authentication formalizes this, as do several patterns in the Noise protocol framework.
-
When To Roll Your Own X
As you now know, I have implemented a whole cryptographic library with a similar API to Libsodium’s. In addition I’ve worked on authenticated key exchange (similar to Noise), as well as PAKE (symmetric and augmented). And I’ve realised that the whole NaCl family of libraries, including NaCl, Libsodium, TweetNaCl, and Monocypher, are all too low-level for regular people to use safely.
-
Tim Cook revealed the real reason Apple won’t add RCS to the iPhone
Many other messaging apps use a separate client/server encryption protocol for this purpose. Several use TLS. The WhatsApp Security Whitepaper notes they use the Noise protocol when the client is a mobile device.
-
Mega: Malleable Encryption Goes Awry
What are real world implementations of the Noise Protocol? https://github.com/noiseprotocol/noise_spec/blob/v34/noise.m...
Quick search shows WireGuard protocol, but I am not sure if how much of the WireGuard protocol is the same as the Noise Protocol.
https://www.wireguard.com/formal-verification/
What are some alternatives?
ejbca-ce - EJBCA® – Open-source public key infrastructure (PKI) and certificate authority (CA) software.
minisign - A dead simple tool to sign files and verify digital signatures.
kyberJCE - Pure Java implementation of the Kyber (version 3) post-quantum IND-CCA2 KEM.
Monocypher - An easy to use, easy to deploy crypto library
cryptofuzz - Fuzzing cryptographic libraries. Magic bug printer go brrrr.
magic-wormhole - get things from one computer to another, safely
wireguard-vyatta-ubnt - WireGuard for Ubiquiti Devices
jdk17u - https://wiki.openjdk.org/display/JDKUpdates/JDK+17u
Monokex - A simpler alternative to the Noise protocol framework.
writeups - CTF writeups from The Flat Network Society
age - A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.