For my next project, I need hashing and public-key cryptography. What are the options currently available in the Julia ecosystem to get those things?
Also, I need a secure messaging system within Julia. Ideally, a Julia client for Telegram, which I could not find. Is there anything else available what can I interface easily with Julia?
I have found that ECC.jl in principle could provide the stuff I need. However, the library is too technical for my present understanding of cryptography. It would be really helpful if someone could answer the usage questions I have on it. I have posted them in the GitLab issue.
For most applications, I really really recommend using a well-established conservative C library, and not using some half-baked implementation from github / gitlab. Don’t get me wrong, half-baked implementations from github / gitlab are awesome and are exactly what you want for toying around with protocols and cryptographic research.
Crypto that faces attackers is hard.
For example, you probably want your public key functions resistant against timing sidechannel. ECC.jl is not constant-time, as far as I looked at the code. Even if it was, you are unqualified to audit the implementation for side-channels and therefore should never use it in prod.
I’m working in crypto, and finding generic side-channel resistant elliptic curve libraries seem close to impossible. People always use if branches for some reason ;).
So far only Milagro seems to fit the bill but the build process involves Python codegen for specific curves and the coding style is very strange for the GO/Rust/Java implementation.
I am just hoping that by making an awesome use of cryptographic libraries someone would be willing to invest time to make cryptographic library situation better for Julia. For the moment half baked implementations are good for me
Author of Paillier.jl here, just wanted to point out it is not using constant time functions, and doesn’t offer any hashing capabilities. Rather it is a tool for building prototypes of systems and protocols relying on a partially homomorphic cryptosystem.
I have created libs & bindings for Apache Milagro Crypto Library (AMCL) 2.0.1. It is in very early stage, but all C API should be exposed in Julia and it supports all Julia platforms (incl. Linux, Windows, MacOS, FreeBSD).
I’m working on getting it registered in the General Julia registry. Until then, you can install it from here:
This is big! Thank you for the wrapper, it is much needed
In the example, I see how to make signatures and verify them. Is it also possible to work directly with the primitives themselves? For example, can I access cryptographic groups (or curves) to use them to implement Diffie-Hellman key exchange?
Yes, you can access all primitives and low-level functions to build your own crypto.
I just did not have time to do more examples.
Get the generator point for BLS381:
using AMCL
g = AMCL.ECP_BLS381(undef)
ECP_BLS381_generator(g)
Most of the work remaining is to make the lib more fluent by defining relevant operators in the Base package. E.g. currently you can only compare two BLS381 points in the base field:
Renamed the package to more descriptive MilagroCrypto.
Created a PR to get it into the Julia General registry.
Enabled all AMCL primitives (BIG*, DBIG*, FP*, ECP*) that I could identify. You should be able to implement whatever Crypto Lib/App efficiently on top of this now.