5 releases
| 0.1.4 | Mar 13, 2024 |
|---|---|
| 0.1.3 | Dec 8, 2023 |
| 0.1.2 | Jul 24, 2023 |
| 0.1.1 | Jun 1, 2023 |
| 0.1.0 | Mar 8, 2023 |
#1496 in Cryptography
Used in 6 crates
(5 directly)
16KB
268 lines
Cosmian Cloudproof Data Protection Library
Cloudproof Encryption provides libraries and tools to encrypt and securely index large repositories of data with advanced, high-performance security primitives with Post-Quantum resistance.
See an introduction to Cosmian libraries and a description of the cryptosystems used.
The libraries are available in multiple languages to facilitate encryption close to the data source and decryption close to the decryption target, including mobile devices and browsers.
The Cloudproof Rust repository provides these interfaces such as FFI, WebAssembly and Pyo3 to run :
- FFI interface is used by:
- cloudproof_java: the Cloudproof Java Library
- cloudproof_flutter: the Cloudproof Flutter Library
- WebAssembly interface is used by:
- cloudproof_js: the Cloudproof Javascript Library
- Pyo3 interface is used by:
- cloudproof_python: the Cloudproof Python Library
Licensing
The library is available under a dual licensing scheme Affero GPL/v3 and commercial. See LICENSE.md for details.
Cryptographic primitives
These interfaces are based on:
-
CoverCrypt algorithm which allows creating ciphertexts for a set of attributes and issuing user keys with access policies over these attributes.
CoverCryptoffers Post-Quantum resistance. -
Findex which is a cryptographic protocol designed to securely make search queries on an untrusted cloud server. Thanks to its encrypted indexes, large databases can securely be outsourced without compromising usability.
-
FPE provides
Format Preserving Encryption(FPE) techniques for use in a zero-trust environment. These techniques are based on FPE-FF1 which is described in NIST:800-38G.
Building and testing
To build all interfaces (including the FFI, Wasm and Pyo3):
cargo build --release --all-features
The latter will build the shared libraries for cover_crypt and findex. On Linux, one can verify that the FFI symbols are present using:
objdump -T target/release/libcosmian_cover_crypt.so
objdump -T target/release/libcosmian_findex.so
The code contains numerous tests that you can run using:
cargo test --release --all-features
Building the library for cloudproof_java
From the root directory:
cargo build --release --features ffi,cloud
The .so libraries can then be found in target/release/.
Building the library for cloudproof_flutter
From the root directory:
cargo build --release --features ffi
The .so libraries can then be found in target/release/.
Build the library for cloudproof_js
From the root directory:
wasm-pack build -t web --release --features wasm
The .wasm libraries can then be found in pkg/.
These can be used to test new functionalities in cloudproof_js.
Build the library for cloudproof_python
From the root directory:
maturin build --release --manifest-path crates/<cover_crypt or findex>/Cargo.toml --features python
Note: when a new function or class is added to the PyO3 interface, its signature needs to be added to
[**init**.pyi](./crates/<covercrypt or findex>/python/cloudproof<cover_crypt or findex>/init.pyi).
To run tests on the Python interface, run:
bash ./scripts/test_python.sh
The .whl libraries can then be found in target/wheels/.
Building the library for a different glibc
Go to the build directory for an example on how to build for GLIBC 2.17
Benchmarks
The benchmarks presented in this section are run on a Intel(R) Xeon(R) Platinum 8171M CPU @ 2.60GHz.
Documentation
CoverCrypt
A formal description and proof of the CoverCrypt scheme is given in this paper. It also contains an interesting discussion about the implementation.
The developer documentation can be found on doc.rs
Findex
Findex technical documentation can be found here.
The developer documentation can be found on doc.rs
Format Preserving Encryption
Findex technical documentation can be found here.
Releases
All releases can be found in the public URL package.cosmian.com.