#cosmian #cloudproof #utils


Cosmian FFI tools library

4 releases

0.1.3 Dec 8, 2023
0.1.2 Jul 24, 2023
0.1.1 Jun 1, 2023
0.1.0 Mar 8, 2023

#2052 in Cryptography

Download history 232/week @ 2023-11-05 161/week @ 2023-11-12 297/week @ 2023-11-19 39/week @ 2023-11-26 91/week @ 2023-12-03 32/week @ 2023-12-10 40/week @ 2023-12-17 35/week @ 2023-12-24 35/week @ 2023-12-31 18/week @ 2024-01-07 38/week @ 2024-01-14 34/week @ 2024-01-21 123/week @ 2024-01-28 115/week @ 2024-02-04 59/week @ 2024-02-11 107/week @ 2024-02-18

404 downloads per month
Used in 6 crates (5 directly)

Custom license

268 lines

Cosmian Cloudproof Data Protection Library

Build status Build status Build status

Cloudproof Encryption provides libraries and tools to encrypt and securely index large repositories of data with advanced, high-performance security primitives with Post-Quantum resistance.

See an introduction to Cosmian libraries and a description of the cryptosystems used.

The libraries are available in multiple languages to facilitate encryption close to the data source and decryption close to the decryption target, including mobile devices and browsers.

The Cloudproof Rust repository provides these interfaces such as FFI, WebAssembly and Pyo3 to run :


The library is available under a dual licensing scheme Affero GPL/v3 and commercial. See LICENSE.md for details.

Cryptographic primitives

These interfaces are based on:

  • CoverCrypt algorithm which allows creating ciphertexts for a set of attributes and issuing user keys with access policies over these attributes. CoverCrypt offers Post-Quantum resistance.

  • Findex which is a cryptographic protocol designed to securely make search queries on an untrusted cloud server. Thanks to its encrypted indexes, large databases can securely be outsourced without compromising usability.

  • FPE provides Format Preserving Encryption (FPE) techniques for use in a zero-trust environment. These techniques are based on FPE-FF1 which is described in NIST:800-38G.

Building and testing

To build all interfaces (including the FFI, Wasm and Pyo3):

cargo build --release --all-features

The latter will build the shared libraries for cover_crypt and findex. On Linux, one can verify that the FFI symbols are present using:

objdump -T  target/release/libcosmian_cover_crypt.so
objdump -T  target/release/libcosmian_findex.so

The code contains numerous tests that you can run using:

cargo test --release --all-features

Building the library for cloudproof_java

From the root directory:

cargo build --release --features ffi,cloud

The .so libraries can then be found in target/release/.

Building the library for cloudproof_flutter

From the root directory:

cargo build --release --features ffi

The .so libraries can then be found in target/release/.

Build the library for cloudproof_js

From the root directory:

wasm-pack build -t web --release --features wasm

The .wasm libraries can then be found in pkg/.

These can be used to test new functionalities in cloudproof_js.

Build the library for cloudproof_python

From the root directory:

maturin build --release --manifest-path crates/<cover_crypt or findex>/Cargo.toml --features python

Note: when a new function or class is added to the PyO3 interface, its signature needs to be added to [**init**.pyi](./crates/<covercrypt or findex>/python/cloudproof<cover_crypt or findex>/init.pyi).

To run tests on the Python interface, run:

bash ./scripts/test_python.sh

The .whl libraries can then be found in target/wheels/.

Building the library for a different glibc

Go to the build directory for an example on how to build for GLIBC 2.17


The benchmarks presented in this section are run on a Intel(R) Xeon(R) Platinum 8171M CPU @ 2.60GHz.



A formal description and proof of the CoverCrypt scheme is given in this paper. It also contains an interesting discussion about the implementation.

The developer documentation can be found on doc.rs


Findex technical documentation can be found here.

The developer documentation can be found on doc.rs

Format Preserving Encryption

Findex technical documentation can be found here.


All releases can be found in the public URL package.cosmian.com.

No runtime deps