Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
github.com/cloudflare/circl
- Version published
- Created
CIRCL
CIRCL (Cloudflare Interoperable, Reusable Cryptographic Library) is a collection of cryptographic primitives written in Go. The goal of this library is to be used as a tool for experimental deployment of cryptographic algorithms targeting Post-Quantum (PQ) and Elliptic Curve Cryptography (ECC).
Security Disclaimer
🚨 This library is offered as-is, and without a guarantee. Therefore, it is expected that changes in the code, repository, and API occur in the future. We recommend to take caution before using this library in a production application since part of its content is experimental. All security issues must be reported, please notify us immediately following the instructions given in our Security Policy.
Installation
You can get CIRCL by fetching:
go get -u github.com/cloudflare/circl
Alternatively, look at the Cloudflare Go fork to see how to integrate CIRCL natively in Go.
List of Algorithms
Elliptic Curve Cryptography
| Diffie-Hellman Protocol |
|---|
- X25519 and X448 functions. (RFC-7748)
- Curve4Q function based on FourQ curve. (draft-ladd-cfrg-4q)
| Digital Signature Schemes |
|---|
- Ed25519 and Ed448 signatures. (RFC-8032)
- BLS signatures. (draft-irtf-cfrg-bls-signature)
| Prime Groups |
|---|
- P-256, P-384, P-521. (FIPS 186-5)
- Ristretto group. (RFC-9496)
- Bilinear pairings: with the BLS12-381 curve, and hash to G1 and G2.
- Hash to curve, hash to field, XMD and XOF expanders. (RFC-9380)
| High-Level Protocols |
|---|
- HPKE: Hybrid Public-Key Encryption (RFC-9180)
- VOPRF: Verifiable Oblivious Pseudorandom functions. (RFC-9497)
- RSA Blind Signatures. (RFC-9474)
- Partilly-blind Signatures. (draft-cfrg-partially-blind-rsa)
- CPABE: Ciphertext-Policy Attribute-Based Encryption. (ia.cr/2019/966)
- OT: Simplest Oblivious Transfer (ia.cr/2015/267).
- Threshold RSA Signatures (Shoup Eurocrypt 2000).
Post-Quantum Cryptography
| KEM: Key Encapsulation Methods |
|---|
- ML-KEM: modes 512, 768, 1024 (FIPS-203).
- Kyber KEM: modes 512, 768, 1024 (KYBER).
- FrodoKEM: modes 640-SHAKE. (FrodoKEM)
- CSIDH: Post-Quantum Commutative Group Action (CSIDH).
- (insecure, deprecated)
SIDH/SIKE: Supersingular Key Encapsulation with primes p434, p503, p751 (SIKE).
| Digital Signature Schemes |
|---|
Zero-knowledge Proofs
- Schnorr: Prove knowledge of the Discrete Logarithm. (RFC-8235)
- DLEQ: Prove knowledge of the Discrete Logarithm Equality. (RFC-9497)
- DLEQ in Qn: Prove knowledge of the Discrete Logarithm Equality for subgroup of squares in (Z/nZ)*.
Symmetric Cryptography
| XOF: eXtendable Output Functions |
|---|
- SHAKE128 and SHAKE256 (FIPS 202).
- BLAKE2X: BLAKE2XB and BLAKE2XS (Blake2x)
- KangarooTwelve: fast hashing based on Keccak-p. (KangarooTwelve).
- SIMD Keccak f1600 Permutation.
| LWC: Lightweight Cryptography |
|---|
- Ascon v1.2: Family of AEAD block ciphers (ASCON)
Misc
| Integers |
|---|
- Safe primes generation.
- Integer encoding: wNAF, regular signed digit, mLSBSet representations.
| Finite Fields |
|---|
- Fp25519, Fp448, Fp511, Fp434, Fp503, Fp751.
- Fp381, and its quadratic, sextic and twelveth extensions.
- Polynomials in monomial and Lagrange basis.
| Elliptic Curves |
|---|
- P-384 Curve
- FourQ
- Goldilocks
- BLS12-381
Testing and Benchmarking
Library comes with number of make targets which can be used for testing and benchmarking:
testperforms testing of the binary.benchruns benchmarks.coverproduces coverage.lintruns set of linters on the code base.
Contributing
To contribute, fork this repository and make your changes, and then make a Pull Request. A Pull Request requires approval of the admin team and a successful CI build.
How to Cite
To cite CIRCL, use one of the following formats and update the version and date you accessed this project.
APA Style
Faz-Hernandez, A. and Kwiatkowski, K. (2019). Introducing CIRCL:
An Advanced Cryptographic Library. Cloudflare. Available at
https://github.com/cloudflare/circl. v1.5.0 Accessed Oct, 2024.
Bibtex Source
@manual{circl,
title = {Introducing CIRCL: An Advanced Cryptographic Library},
author = {Armando Faz-Hernandez and Kris Kwiatkowski},
organization = {Cloudflare},
abstract = {{CIRCL (Cloudflare Interoperable, Reusable Cryptographic Library) is
a collection of cryptographic primitives written in Go. The goal
of this library is to be used as a tool for experimental
deployment of cryptographic algorithms targeting Post-Quantum (PQ)
and Elliptic Curve Cryptography (ECC).}},
note = {Available at \url{https://github.com/cloudflare/circl}. v1.5.0 Accessed Oct, 2024},
month = jun,
year = {2019}
}
CFF Style
See attached CITATION.cff file.
License
The project is licensed under the BSD-3-Clause License.
FAQs
Unknown package
Package last updated on 10 Oct 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024