The crypto component hosts all the implementations of cryptographic primitives we use in Libra: hashing, signing, and key derivation/generation. The NextGen directory contains implementations of cryptographic primitives that will be used in the upcoming versions: new crypto API Enforcing type safety, verifiable random functions, BLS signatures.
Libra makes use of several cryptographic algorithms:
- SHA-3 as the main hash function. It is standardized in FIPS 202. It is based on the tiny_keccak library.
- X25519 to perform key exchanges. It is used to secure communications between validators via the Noise Protocol Framework. It is based on the x25519-dalek library.
- Ed25519 to perform signatures. It is used both for consensus signatures and for transaction signatures. EdDSA is planned to be added to the next revision of FIPS 186 as mentioned in NIST SP 800-133 Rev. 1. It is based on the ed25519-dalek library with additional security checks (e.g., for malleability).
- HKDF: HMAC-based Extract-and-Expand Key Derivation Function (HKDF) based on RFC 5869. It is used to generate keys from a salt (optional), seed, and application-info (optional).
How is this module organized?
legacy_crypto/src ├── signing.rs # Ed25519 signature scheme ├── hash.rs # Hash function (SHA-3) ├── hkdf.rs # HKDF implementation (HMAC-based Extract-and-Expand Key Derivation Function based on RFC 5869) ├── x25519.rs # X25519 keys generation ├── macros/ # Derivations for SilentDebug and SilentDisplay ├── utils.rs # Serialization utility functions ├── unit_tests # Tests └── lib.rs
x25519.rs only exposes the logic for managing keys. The relevant cryptographic primitives to the Noise Protocol Framework are under the snow crate.