[ANN] CryptoGroups, CryptoSignatures, DiffieHellman, SecureIO, Multiplexers

Hello everyone!

I have been persistently prototyping a new kind of electronic voting system (see SynchronicBallot.jl) which produced commonly used cryptographic tools along the way. I am a theoretical physicist, and I know little about cryptography thus don’t use these libraries in critical systems. They could be useful for learning some cryptography as most of them follow Wikipedia entries and do not contain much or very intelligent code. The APIs had been tested with some length and thus could be useful for prototyping.

CryptoGroups

A library which I developed for trying to implement a Diffie-Hellman key exchange algorithm. I started with learning a little bit about prime groups that there is a discrete log problem, etc. and thus made abstraction which made Diffie-Hellman protocol to be more straightforward. Googled some prime groups, wrote them in the code and tested their cyclic and prime property. I also managed to wrap ECC as a cryptographic group which I tested for a cyclic property.

CryoptoSignatures

There are many types of cryptographic signatures, which I plan to develop here. Currently, only the DSA algorithm is implemented as reference taking Wikipedia and ECC which could suffer from a timing attack. Fortunately, that seems to be easily solvable by juicing in some @asyncs and Channels for background computations and making the line s=mod(kinv*(h + x*r),G) constant in time for any x.

DiffieHellman

A simple Diffie-Hellman key exchange for a socket which can serialize and deserialize data. A cryptographic signature algorithm must be provided with sign and verify methods for avoiding a man in the middle attacks. In future perhaps the serialization of the cryptographic group is going to be taken out of the function.

SecureIO

When both ends had agreed on the key, they would like to use one needs a way to encrypt the socket. SecureSerializer is precisely for that purpose which uses SHA256 for calculating 32 byte key and AES256 for encryption/decryption. SecureSerializer was made with composability in mind so one could make onion protocols, etc.

Multiplexers

A library to split a single socket into multiple ones with a Multiplexer type. Offers also a method for forwarding multiple sockets into a single socket. To use it together with SecureIO one needs to write a boilerplate. In this way, one can swap Serialization with JSON or some other serializer.

All these libraries suffer from a low performance as the code is currently is rather dynamic. One of the biggest problems is deserialize method since the compiler lacks thelepathical powers. The documentation is lacking, and I don’t see time for writing that anytime soon. Nevertheless, I would be happy to help here or on Slack :slight_smile:

7 Likes

Maybe you would be interested in the computational algebra packages, such as:

  1. https://github.com/wbhart/AbstractAlgebra.jl (general algebraic structures interfaces, Rings, Fields, etc)
  2. http://nemocas.github.io/Nemo.jl/latest/ (implementation of Galois fields and many many more)
  3. https://github.com/thofma/Hecke.jl (a LOT of algebraic number theory with elliptic curves over finite fields)

You should definitely check how they treat fields vs field elements, parent objects, etc, i think it helpful.

Yeah, I still don’t have a clue what they can do. Number theory feels to be too dry for a humble theoretical physicist who does Taylor series most of the time :innocent: