[Suggestion] Crypto API (native)

Question

[Suggestion] Crypto API (native)

redfast00 opened this issue 7 years ago · 8 comments

redfast00 commented 7 years ago

Hi, while I was browsing the forum, I came across a post that implemented SHA256 in Lua. One hash almost took 2 seconds, and this is probably too slow for some projects (not to mention inefficient). Is it possible to add a crypto API with the basic building blocks (secure hash, symetric encryption, assymetric encryption,...)?

Lignum · Answer 1 · 2017-08-05T15:45:18.000Z

A straight-up crypto API would be too much, I feel. I'd be for doing what CCTweaks does, which is adding a biginteger library, which would allow faster implementations of crypto algorithms to be written.

redfast00 · Answer 2 · 2017-08-05T15:53:40.000Z

That would be fine, as long as it's fast (2 seconds for hashing is way too long). This would allow for secure rednet communication.

Lignum · Answer 3 · 2017-08-05T15:58:42.000Z

What library are you using? This one is pretty fast for CC. Either way, hashing alone won't allow for secure rednet, you'd need to implement Diffie-Hellman and AES, which would also be much more feasible with a biginteger library.

redfast00 · Answer 4 · 2017-08-05T16:14:53.000Z

Oh, I meant secure as authenticated, not encrypted (I should have been clearer, my bad). I can construct an HMAC out of a secure hash. If all nodes in the network have a pre-shared key, they will be able to verify that the message they received was indeed sent by a node in the network. Nonetheless, it would still be nice to have crypto algo's (AES,...) built in, but the biginteger library will do (this does however go against "don't roll your own crypto").

Lignum · Answer 5 · 2017-08-05T16:41:07.000Z

this does however go against "don't roll your own crypto"

Hmm, not so much. That saying more applies to inventing your own algorithm, which is not the case here, it's just implementing an existing one.

SquidDev · Answer 6 · 2017-08-05T17:11:50.000Z

this does however go against "don't roll your own crypto"

To add to @Lignum's comments, I'd argue ComputerCraft is the perfect place to implement an existing crypto library. You're gonna learn a lot about various algorithms, and it isn't the end of the world if there are timing attacks, side channel attacks, etc...

xAnavrins · Answer 7 · 2017-08-06T13:19:24.000Z

Try my version of SHA256 here
http://www.computercraft.info/forums2/index.php?/topic/8169-sha-256-in-pure-lua/page__view__findpost__p__246117
It's faster than any other implementations I could find, and it includes HMAC and PBKDF2.
As for the other algorithms, a biginteger api would be nice rather than having Diffie-Hellman or RSA directly, it would allow you to have your own shot at trying to implement them.

The algorithms themselves are simple, it's the calculation that are pretty heavy, a lua-side biginteger is possible but it's nowhere near as efficient as something like CCTweak's.

dan200 · Answer 8 · 2017-09-10T17:20:20.000Z

please keep this issues page for bugs, not feature requests

Share to