Rust Security Tooling and Quantum Safe Algos Resources

[andar1an]

I am a big fan of cryptography.rs, and would love to know if there is something similar for rust tooling regarding more general security suites and testing (e.g. is there a list of Rust projects pertaining to security and testing from the rust cryptography working group).

I have started with this reference: https://github.com/osirislab/awesome-rust-security, but I am not too familiar with what is recommended or awesome in the rust community. I see a lot about Burp Suite and Crowdstrike, but I would rather learn about offerings written with Rust.

Any direction or recommended reading would be wonderful. Thank you!

[andar1an]

As another note, I would also be curious about the status of rust implementations for quantum safe algo's implemented with Rust (e.g. https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms). I have found a Crystals-Kyber rust implementation but have not looked to thoroughly yet.

[andar1an]

A few of the links here may have actually addressed my second question: https://cryptography.rs/#post-quantum-cryptography.

[tarcieri]

Yeah, quantum safe algorithms should be covered there, although the section could probably be updated with some new crates which have recently appeared

[dconnolly]

We should remove the Picnic items from that list, Picnic was broken via its block cipher LowMC being significantly weakened - I would not recommend Picnic to anyone now.

On Fri, Apr 12, 2024 at 2:04 PM Tony Arcieri @.***> wrote:

Yeah, quantum safe algorithms should be covered there, although the section could probably be updated with some new crates which have recently appeared

— Reply to this email directly, view it on GitHub https://github.com/The-DevX-Initiative/RCIG_Coordination_Repo/issues/89#issuecomment-2052229467, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAEHAAKJHJJ44RTI56SPKS3Y5AO2BAVCNFSM6AAAAABGEPA5Z6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANJSGIZDSNBWG4 . You are receiving this because you are subscribed to this thread.Message ID: <The-DevX-Initiative/RCIG_Coordination_Repo/issues/89/2052229467@ github.com>

[andar1an]

Are there any QRNG projects in Rust world?

[tarcieri]

Most CSPRNGs are already quantum-safe, as in they can't be easily attacked using Grover's Algorithm

[andar1an]

I understand. The 2 main mathematical methods for NIST selected algorithms are based on lattices (for majority) and hashing for 1 if I remember correctly.

However, I have found some quantum random number generators this morning, that leverage quantum state to generate random numbers (what I have found uses QISkit which leverages some IBM quantum machines).

I am on a bit of a journey into this learning and am wondering if there is anything like [this](https://github.com/ozaner/qRNG] or similar written in Rust