Go vs Rust for crypto implementations

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/crypto

Our great sponsors
  • SonarLint - Deliver Cleaner and Safer Code - Right in Your IDE of Choice!
  • Scout APM - Less time debugging, more time building
  • SaaSHub - Software Alternatives and Reviews
  • tink-rust

    Rust port of Tink cryptography library

    As it were, it's being used as such to implement a Tink-compatible Rust library as part of Google's Project Oak.

  • traits

    Collection of cryptography-related traits (by RustCrypto)

    The main difference between those two languages, I think you should look at, is power of type system. A good type system allows to encode various invariants checked at compile time, help with interoperability, and even improve performance a bit (e.g. by eliminating runtime-checks). In this regard Rust is far, far ahead of Go in my opinion and continues to improve in this regard (e.g. soon we will have const generics). For example, in RustCrypto we have trait crates which contain "interfaces" of several algorithm types. Almost all algorithm implementations in this org (and some third-party implementations) are implemented in terms of those traits, which means you can easily swap algorithms with each other and combine them like Lego blocks, without diving deep into source code. This property is especially important if you want to support less common algorithms (e.g. regional standards or newly developed algorithms).

  • SonarLint

    Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.

  • rustls

    A modern TLS library in Rust

    Of course, Rust cryptographic ecosystem also contains "traditional" libraries as well, such as wrappers around OpenSLL/libsodium, OS crypto providers, and notably ring. To add a bit of promotion: ring heavily borrows BoringSSL code (Google's fork of OpenSSL), intentionally restricts number of supported algorithms, and is used by rustls, which has noticeably outperformed OpenSSL.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts