On Sun, Dec 11, 2016 at 11:14 AM, Dirkjan Ochtman <dirk...@ochtman.nl> wrote:
> Did you look at Brian Smith's *ring*, and if so, why did you decide > not to go with it? As a Rust crypto consumer, I view these libraries differently. *ring* is a fantastic library and one I've been using in my Rust crypto projects for awhile. However, it's a "safe" library in the same sort of lineage as NaCl and libsodium: it tries to expose a high-level, minimalistic API. Types like curve points/group elements are not directly exposed for safety reasons and remain part of the private API. curve25519-dalek seems much better suited for people implementing more exotic constructions using types *ring* does not (for good reasons) expose as part of its public API. These would include things like SPAKE2, hierarchical key derivation, semiprivate keys, blinded signatures, ring signatures, threshold multisignatures. Building any of the things I listed above above on top of *ring* would require forking *ring* and building atop its private API. Maybe some of those things should eventually wind up in *ring*, but I appreciate Brian being conservative about what he includes. -- Tony Arcieri
_______________________________________________ Curves mailing list Curves@moderncrypto.org https://moderncrypto.org/mailman/listinfo/curves