std.crypto: Add public RSA module

ziglang / zig

General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.

https://ziglang.org

MIT License

32.16k stars 2.35k forks source link

std.crypto: Add public RSA module #19776

Open clickingbuttons opened 2 months ago

clickingbuttons commented 2 months ago

RSA is still widely used for general cryptography. As such, it deserves a public module.

Move RSA functions from Certificate and tls.Client to new rsa module.
Add serialization
Fix side channel vulnerabilities
Add key generation

voidastro4 commented 2 months ago

RSA-KEM[1] is useful to have, and due to arbitrary RSA key length it can serve as a hedge against PQC algos breaking by pushing quantum computer requirements higher.

[1] https://datatracker.ietf.org/doc/html/rfc5990

jedisct1 commented 2 months ago

RSA-KEM[1] is useful to have, and due to arbitrary RSA key length it can serve as a hedge against PQC algos breaking by pushing quantum computer requirements higher.

Post-quantum safe RSA would require 1 terabyte keys. https://cr.yp.to/papers/pqrsa-20170419.pdf

Not exactly practical.

voidastro4 commented 1 month ago

RSA-KEM[1] is useful to have, and due to arbitrary RSA key length it can serve as a hedge against PQC algos breaking by pushing quantum computer requirements higher.

Post-quantum safe RSA would require 1 terabyte keys. https://cr.yp.to/papers/pqrsa-20170419.pdf

Not exactly practical.

On the premise that no quantum computer could ever be constructed to crack them.

With MP-RSA and 1-10 MB keys you can buy decades at the very least.