[
  {
    "path": ".github/ISSUE_TEMPLATE/add_crate.md",
    "content": "---\nname: Add Crate\nabout: Add a crate to the list\n---\n\n\n<!--\nThank you for providing a new crate we should add to the list!\n\nPlease make sure to include a link to the crate or its website\n(if it has one), and a short description of what it does.\nAlso, please let us know which category it belongs in.\n-->\n"
  },
  {
    "path": ".github/ISSUE_TEMPLATE/bug.md",
    "content": "---\nname: Bug report\nabout: Report a bug in the docs\n---\n\n<!--\nThanks for reporting a bug.\n\nTo report a bug, please let us know where (line number or illustrative\ntext) and describe what should be changed.\n\nIf you prefer, you can of course open a Pull Request to fix any errors.\n-->\n"
  },
  {
    "path": ".github/workflows/ci.yml",
    "content": "name: Rust Crypto CI\n\non: [pull_request, push]\n\njobs:\n  check_docs:\n    runs-on: ubuntu-latest\n    steps:\n    - uses: actions/checkout@v2\n    - name: markdown nits\n      run: |\n        sudo gem install mdl\n        mdl -s markdownlint.rb README.md\n"
  },
  {
    "path": ".gitignore",
    "content": ".jekyll-cache/\n_site\n"
  },
  {
    "path": "Awesome_Rust_Cryptography.md",
    "content": "# Short URL for this page: [cryptography.rs](https://cryptography.rs)\n\n<img align=\"right\" height=\"100px\" src=\"https://raw.githubusercontent.com/The-DevX-Initiative/RCIG_Coordination_Repo/main/mascot.png\">\n\n<img align=\"right\" height=\"100px\" src=\"https://raw.githubusercontent.com/The-DevX-Initiative/RCIG_Coordination_Repo/main/RCIG_Mascot3.png\">\nBelow is a list of actively maintained, high-quality cryptography libraries\nindependently developed by members of the Rust Community.\n\nThe list is compiled and curated by the\n[Rust Cryptography Interest Group (RCIG)](https://github.com/The-DevX-Initiative/RCIG_Coordination_Repo).\nIf you have any suggestions, questions, or other concerns with this list,\nplease\n[open an issue](https://github.com/The-DevX-Initiative/RCIG_Coordination_Repo/issues/new?title=Awesome+Rust+Cryptography:+[issue+here])\nand we'll get back to you.\n\nThe following badges are used to provide more information about libraries\nthat meet certain criteria:\n\n| Badge               | Description |\n|---------------------|-------------|\n| ![][audited-badge]  | crate has at least one security audit (click to view)  |\n| ![][verified-badge] | crate has been formally verified |\n\nNote: libraries in each section are listed in alphabetical order, *not* order\nof preference.\n\n[audited-badge]: https://img.shields.io/badge/audited-success.svg\n[verified-badge]: https://img.shields.io/badge/verified-informational.svg\n\n## Table of Contents\n\n- [High-level Libraries](#high-level-libraries)\n- [Transport Encryption Libraries](#transport-encryption-libraries)\n- [Secure Messaging Protocols](#secure-messaging-protocols)\n- [Collections of Cryptographic Primitives](#collections-of-cryptographic-primitives)\n- [Traits for Cryptographic Primitives](#traits-for-cryptographic-primitives)\n- [Symmetric Cryptography](#symmetric-cryptography)\n- [Asymmetric Cryptography](#asymmetric-cryptography)\n- [Platform / Framework Bindings](#platform--framework-bindings)\n- [Cryptographic Hardware](#cryptographic-hardware)\n- [Post-Quantum Cryptography](#post-quantum-cryptography)\n- [Random Number Generators](#random-number-generators)\n- [Zero-knowledge Proofs](#zero-knowledge-proofs)\n- [Secure Multiparty Computation](#secure-multiparty-computation)\n- [Fully Homomorphic Encryption](#fully-homomorphic-encryption)\n- [Format Decoders/Encoders](#format-decodersencoders)\n- [Defensive Measures](#defensive-measures)\n- [Arithmetic](#arithmetic)\n- [Miscellany](#miscellany)\n\n## High-level Libraries\n\n[up](#table-of-contents)\n\nThese libraries function at a very high level and are designed for simplicity\nand ease-of-use. They provide integrated key management in addition to\nproviding high-level APIs for algorithms.\n\n- [rage](https://github.com/str4d/rage) Implementation of\n [age](https://age-encryption.org/) -- a simple, secure and modern encryption\n tool with small explicit keys, no config options, and UNIX-style\n composability.\n\n- [signatory](https://github.com/iqlusioninc/crates/tree/main/signatory)\n High-level digital signature library with support for ECDSA and Ed25519.\n\n- [tink-rust](https://github.com/project-oak/tink-rust) Rust port of Google's\n high-level Tink cryptography library.\n\n## Transport Encryption Libraries\n\n[up](#table-of-contents)\n\nThese libraries implement protocols that are designed to protect\ndata-in-transit; i.e., network communications.\n\n- [rustls](https://github.com/ctz/rustls)\n [![][audited-badge]](https://cure53.de/pentest-report_rustls.pdf)\n Modern SSL/TLS library in Rust.\n\n- [snow](https://github.com/mcginty/snow) Pure Rust implementation of Trevor\n Perrin's [Noise Protocol](https://noiseprotocol.org).\n\n- [strobe-rs](https://github.com/rozbb/strobe-rs) Relatively barebones,\n `no_std` implementation of the [Strobe protocol\n framework](https://strobe.sourceforge.io/) in pure Rust.\n\n- [OpenMLS](https://github.com/openmls/openmls/)\n [MLS](https://datatracker.ietf.org/doc/draft-ietf-mls-protocol/)\n implementation in Rust.\n\n- [webpki](https://github.com/briansmith/webpki) validates Web PKI (TLS/SSL)\n certificates\n\n## Secure Messaging Protocols\n\n[up](#table-of-contents)\n\nThis section is for secure messaging protocols that transfer messages with end-to-end encryption (E2EE) and may use perfect forward secrecy and post-compromise security.\n\n- [OpenMLS](https://github.com/openmls/openmls/) IETF Messaging Layer Security (MLS) protocol designed for secure group messaging with forward secrecy, post-compromise security, and deniable authentication [RFC 9420](https://datatracker.ietf.org/doc/html/rfc9420).\n\n- [mls-rs](https://github.com/awslabs/mls-rs.git) IETF MLS protocol library that has been validated for conformance to the RFC 9420 specification but has not yet received a full security audit by a 3rd party.\n\n- [Matter protocol](https://github.com/project-chip/rs-matter) A secure application layer message protocol for devices, particularly home automation devices, that supports encryption, authentication, and privacy.\n\n- [vodozemac](https://github.com/matrix-org/vodozemac) An implementation of Olm (Double Ratchet) and Megolm cryptographic ratchets used in message based protocols. This crate has received one security [audit](https://matrix.org/media/Least%20Authority%20-%20Matrix%20vodozemac%20Final%20Audit%20Report.pdf) by [Least Authority](https://leastauthority.com/), with no significant findings.\n\n## Collections of Cryptographic Primitives\n\n[up](#table-of-contents)\n\nThese libraries provide omnibus collections of different cryptographic\nprimitives contained within a single library.\n\n- [evercrypt-rust](https://github.com/franziskuskiefer/evercrypt-rust)\n ![][verified-badge] Rust bindings for\n [evercrypt](https://github.com/project-everest/hacl-star/tree/master/providers/evercrypt),\n a set of high-performance HACL\\*-verified implementations of cryptographic\n primitives. bindings crate, bringing HACL-verified cryptographic primitives.\n\n- [libsm](https://github.com/citahub/libsm) China's Standards of Encryption\n Algorithms (SM2/3/4).\n\n- [orion](https://github.com/brycx/orion) Collection of usable, easy and safe\n pure-Rust cryptographic primitives.\n\n- [\\*ring\\*](https://github.com/briansmith/ring)\n [![][audited-badge]](https://cure53.de/pentest-report_rustls.pdf)\n focused on the implementation, testing, and optimization of a core set of\n cryptographic operations exposed via an easy-to-use (and hard-to-misuse)\n API. \\*ring\\* exposes a Rust API and is written in a hybrid of Rust, C, and\n assembly language.\n\n- [themis](https://github.com/cossacklabs/themis) Cross-platform general\n purpose crypto library for securing data during authentication, storage,\n messaging, network exchange, etc.\n\n- [dryoc](https://github.com/brndnmtthws/dryoc) A pure-Rust, general purpose\n crypto library that implements libsodium primitives.\n\n## Traits for Cryptographic Primitives\n\n[up](#table-of-contents)\n\nThe crates in this section provide trait-based abstractions for different types\nof cryptographic primitives, allowing implementations of higher-level\ncryptographic algorithms and protocols which are generic over specific\nprimitives and implementations.\n\n- [aead](https://github.com/RustCrypto/traits/tree/master/aead) Authenticated\n Encryption with Additional Data (AEAD) cipher traits.\n\n- [ark-ec](https://github.com/arkworks-rs/algebra/tree/master/ec) Elliptic\n curve traits as used by the [`arkworks` ecosystem](arkworks.rs).\n\n- [ark-ff](https://github.com/arkworks-rs/algebra/tree/master/ff) Finite\n field traits as used by the [`arkworks` ecosystem](arkworks.rs).\n\n- [cipher](https://github.com/RustCrypto/traits/tree/master/cipher) Block\n cipher and stream cipher traits.\n\n- [crypto](https://github.com/RustCrypto/traits/tree/master/crypto) Facade\n for all [RustCrypto](https://github.com/RustCrypto) traits.\n\n- [crypto-mac](https://github.com/RustCrypto/traits/tree/master/crypto-mac)\n Message Authentication Code (MAC) traits.\n\n- [digest](https://github.com/RustCrypto/traits/tree/master/digest)\n Digest/hash algorithm traits.\n\n- [elliptic-curve](https://github.com/RustCrypto/traits/tree/master/elliptic-curve)\n Elliptic curve traits as used by the RustCrypto ecosystem.\n\n- [ff](https://github.com/zkcrypto/ff) Finite field traits as used by the\n RustCrypto and ZKCrypto ecosystems.\n\n- [group](https://github.com/zkcrypto/group) Elliptic curve group traits as\n used by the RustCrypto and ZKCrypto ecosystems.\n\n- [pairing](https://github.com/zkcrypto/pairing)\n Pairing-friendly curve traits as used by the ZKCrypto ecosystem.\n\n- [password-hash](https://github.com/RustCrypto/traits/tree/master/password-hash)\n Password hashing traits and support for the PHC string format.\n\n- [signature](https://github.com/RustCrypto/traits/tree/master/signature)\n Digital signature traits.\n\n- [universal-hash](https://github.com/RustCrypto/traits/tree/master/universal-hash)\n Universal Hash Function (UHF) traits.\n\n## Symmetric Cryptography\n\n[up](#table-of-contents)\n\nThese crates implement individual symmetric cryptography algorithms.\n\n### Authenticated Encryption with Associated Data (AEAD) Algorithms\n\nThese are high-level symmetric encryption libraries which ensure both the\nconfidentiality and integrity of data.\n\n- [aes-gcm](https://github.com/RustCrypto/AEADs/tree/master/aes-gcm)\n [![][audited-badge]](https://research.nccgroup.com/2020/02/26/public-report-rustcrypto-aes-gcm-and-chacha20poly1305-implementation-review/)\n Pure Rust implementation of the AES-GCM Authenticated Encryption with\n Associated Data (AEAD) cipher.\n\n- [aes-gcm-siv](https://github.com/RustCrypto/AEADs/tree/master/aes-gcm-siv)\n AES-GCM-SIV (RFC 8452) is a state-of-the-art high-performance Authenticated\n Encryption with Associated Data (AEAD) cipher which also provides nonce\n reuse misuse resistance.\n\n- [aes-siv](https://github.com/RustCrypto/AEADs/tree/master/aes-siv) AES-SIV\n Misuse-Resistant Authenticated Encryption Cipher.\n\n- [ascon-aead](https://github.com/RustCrypto/AEADs/tree/master/ascon-aead)\n Pure Rust implementation of the Ascon Authenticated Encryption with\n Associated Data (AEAD) cipher, including implementations of the Ascon-128\n and Ascon-128a variants.\n\n- [ccm](https://github.com/RustCrypto/AEADs/tree/master/ccm) Pure Rust\n implementation of the Counter with CBC-MAC (CCM) mode (RFC 3610): an\n Authenticated Encryption with Associated Data (AEAD) algorithm generic over\n block ciphers with block size equal to 128 bits.\n\n- [chacha20poly1305](https://github.com/RustCrypto/AEADs/tree/master/chacha20poly1305)\n [![][audited-badge]](https://web.archive.org/web/20240108154854/https://research.nccgroup.com/wp-content/uploads/2020/02/NCC_Group_MobileCoin_RustCrypto_AESGCM_ChaCha20Poly1305_Implementation_Review_2020-02-12_v1.0.pdf)\n Pure Rust implementation of ChaCha20Poly1305 (RFC 8439): an Authenticated\n Encryption with Associated Data (AEAD) cipher amenable to fast,\n constant-time implementations in software.\n\n- [deoxys](https://github.com/RustCrypto/AEADs/tree/master/deoxys) Pure Rust\n implementation of the Deoxys Authenticated Encryption with Associated Data\n (AEAD) cipher, including the Deoxys-II variant which was selected by the\n CAESAR competition as the best choice for in-depth security.\n\n- [eax](https://github.com/RustCrypto/AEADs/tree/master/eax) Pure Rust\n implementation of the EAX Authenticated Encryption with Associated Data\n (AEAD) cipher.\n\n### Ciphers (low-level block ciphers and stream ciphers)\n\nNote: most users should use higher-level AEAD encryption algorithms\nenumerated above.  Crates in this section are low-level \"unauthenticated\"\nciphers which should be wrapped up in a higher-level construction prior to\nuse.\n\n- [aes](https://github.com/RustCrypto/block-ciphers/tree/master/aes)\n [![][audited-badge]](https://research.nccgroup.com/2020/02/26/public-report-rustcrypto-aes-gcm-and-chacha20poly1305-implementation-review/)\n Pure Rust implementation of the Advanced Encryption Standard (AES)\n permutation with optional AES-NI and ARMv8 hardware acceleration.\n\n- [block-modes](https://github.com/RustCrypto/block-modes)\n Generic implementation of block cipher modes of operation, including CBC and\n ECB modes.\n\n- [chacha20](https://github.com/RustCrypto/stream-ciphers/tree/master/chacha20)\n [![][audited-badge]](https://research.nccgroup.com/2020/02/26/public-report-rustcrypto-aes-gcm-and-chacha20poly1305-implementation-review/)\n Pure Rust implementation of the ChaCha20 Stream Cipher including XChaCha20.\n\n- [ctr](https://github.com/RustCrypto/block-modes/tree/master/ctr) Generic\n implementations of the Counter Mode (CTR) of operation for block ciphers.\n\n- [des](https://github.com/RustCrypto/block-ciphers/tree/master/des)  Data\n Encryption Standard (DES) and 3DES.\n\n- [salsa20](https://github.com/RustCrypto/stream-ciphers/tree/master/salsa20)\n  Pure Rust implementation of the Salsa20 Stream Cipher.\n\n### Hash Functions and Friends\n\n- [ascon-hash](https://github.com/RustCrypto/hashes/tree/master/ascon-hash)\n Pure Rust implementation of the Ascon hash and extendable output function\n (XOF) including the Ascon-128 and Ascon-128a variants.\n\n- [BLAKE2](https://github.com/RustCrypto/hashes/tree/master/blake2) Pure Rust\n implementation of the BLAKE2 hash function family.\n\n- [BLAKE3](https://github.com/BLAKE3-team/BLAKE3) Official implementation of\n the BLAKE3 cryptographic hash function.\n\n- [HKDF](https://github.com/RustCrypto/KDFs/tree/master/hkdf) HMAC-based\n Extract-and-Expand Key Derivation Function (HKDF) for Rust.\n\n- [MACs](https://github.com/RustCrypto/MACs) Collection of Message\n Authentication Code algorithms written in pure Rust including CMAC, HMAC, and\n PMAC.\n\n- [Poseidon252](https://github.com/dusk-network/poseidon252) Reference\n implementation for the Poseidon Hashing algorithm.\n\n- [RIPEMD160](https://github.com/RustCrypto/hashes/tree/master/ripemd160)\n Pure Rust implementation of the RIPEMD160 hash function.\n\n- [SHA-2](https://github.com/RustCrypto/hashes/tree/master/sha2) Pure Rust\n implementation of the SHA-2 hash function family including SHA-224, SHA-256,\n SHA-384, and SHA-512.\n\n- [SHA-3](https://github.com/RustCrypto/hashes/tree/master/sha3) Pure Rust\n implementation of the SHA-3 (Keccak) hash function.\n\n- [universal-hashes](https://github.com/RustCrypto/universal-hashes)\n [![][audited-badge]](https://research.nccgroup.com/2020/02/26/public-report-rustcrypto-aes-gcm-and-chacha20poly1305-implementation-review/)\n Collection of Universal Hash Functions written in pure Rust including\n GHASH, POLYVAL, and Poly1305.\n\n### Password Hashing Functions\n\n- [argon2](https://github.com/RustCrypto/password-hashes/tree/master/argon2)\n Pure Rust implementation of the Argon2 password hashing function.\n\n- [bcrypt](https://github.com/Keats/rust-bcrypt) Pure Rust implementation of\n the bcrypt password hashing function.\n\n- [pbkdf2](https://github.com/RustCrypto/password-hashes/tree/master/pbkdf2)\n Pure Rust implementation of the Password-Based Key Derivation Function v2\n (PBKDF2).\n\n- [phpass](https://github.com/clausehound/phpass)\n  Pure Rust implementation of the PhPass algorithm used by WordPress.\n\n- [pkcs5](https://github.com/RustCrypto/formats/tree/master/pkcs5)\n Pure Rust implementation of Public-Key Cryptography Standards #5: Password-Based\n Cryptography Specification Version 2.1 (RFC 8018) with support for the scrypt\n and PBKDF2 password-based key derivation functions.\n\n- [rust-argon2](https://github.com/sru-systems/rust-argon2) Rust library for\n hashing passwords using Argon2, the password-hashing function that won the\n Password Hashing Competition (PHC).\n\n- [scrypt](https://github.com/RustCrypto/password-hashes/tree/master/scrypt)\n Pure Rust implementation of the scrypt key derivation function.\n\n## Asymmetric Cryptography\n\n[up](#table-of-contents)\n\nThese crates implement individual asymmetric (a.k.a. public key) cryptography\nalgorithms.\n\n### Asymmetric Primitives\n\n- [ark-curves](https://github.com/arkworks-rs/curves) Implementation of a\n number of popular elliptic curves.\n\n- [curve25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek)\n [![][audited-badge]](https://blog.quarkslab.com/security-audit-of-dalek-libraries.html)\n A pure-Rust implementation of group operations on the\n [Ristretto](https://ristretto.group) and Curve25519 elliptic curves.\n\n- [bls12_381](https://github.com/zkcrypto/bls12_381) Implementation of the\n BLS12-381 pairing-friendly elliptic curve group.\n\n- [bn](https://github.com/paritytech/bn) Pairing cryptography library written\n in pure Rust, making use of the Barreto-Naehrig (BN) curve construction.\n\n- [bp256](https://github.com/RustCrypto/elliptic-curves/tree/master/bp256)\n Brainpool P-256 elliptic curves.\n\n- [fiat-rust](https://github.com/mit-plv/fiat-crypto/tree/master/fiat-rust)\n ![][verified-badge] Formally verified arithmetic implementations for several\n elliptic curves and word sizes, extracted to Rust from specifications\n written using in the Coq theorem prover.\n\n- [h2c-rust-ref](https://github.com/armfazh/h2c-rust-ref)\n Pure Rust reference implementation of the hash to curve specification from\n IETF/CFRG Hash to Curve\n [document](https://datatracker.ietf.org/doc/draft-irtf-cfrg-hash-to-curve).\n Contains hashing methods for elliptic curves in Weierstrass, Montgomery,\n and Twisted Edwards form.\n\n- [jubjub](https://github.com/zkcrypto/jubjub) Pure Rust implementation of\n the Jubjub elliptic curve group and its associated fields.\n\n- [k256](https://github.com/RustCrypto/elliptic-curves/tree/master/k256)\n [![][audited-badge]](https://research.nccgroup.com/2023/08/30/public-report-entropy-rust-cryptography-review/)\n Pure Rust implementation of the secp256k1 (K-256) elliptic curve using complete\n formulas based on projective coordinates.\n\n- [libsecp256k1-rs](https://github.com/sorpaas/libsecp256k1-rs) Pure Rust\n implementation of secp256k1.\n\n- [p256](https://github.com/RustCrypto/elliptic-curves/tree/master/p256) Pure\n Rust implementation of the NIST P-256 elliptic curve (a.k.a. prime256v1,\n secp256r1).\n\n- [pasta_curves](https://github.com/zcash/pasta_curves/)\n Rust implementation of the Pallas-Vesta curve cycle for recursive\n zero-knowledge proofs.\n\n- [RSA](https://github.com/RustCrypto/RSA)\n [![][audited-badge]](https://delta.chat/assets/1907-otf-deltachat-rpgp-rustrsa-gb-reportv1.pdf)\n Pure Rust implementation of the RSA algorithm.\n\n- [redox-ecc](https://github.com/armfazh/redox-ecc)\n Pure Rust reference implementation of the elliptic curve operations for\n Weierstrass, Montgomery, and Twisted Edwards curves.\n\n- [rust-secp256k1](https://github.com/rust-bitcoin/rust-secp256k1) Rust FFI\n bindings for Bitcoin Core's secp256k1 library written in C.\n\n### Digital Signatures\n\n- [bls_like](https://github.com/w3f/bls) Aggregate BLS signatures with\n extensive tuning options.\n\n- [bls-signatures](https://github.com/filecoin-project/bls-signatures)\n Implementation of BLS Signatures in pure Rust.\n\n- [ecdsa](https://github.com/RustCrypto/signatures/tree/master/ecdsa) Pure\n Rust implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA)\n as specified in FIPS 186-4 (Digital Signature Standard).\n\n- [ed25519](https://github.com/RustCrypto/signatures/tree/master/ed25519)\n Cross-library compatibility crate for Edwards Digital Signature Algorithm\n (EdDSA) over Curve25519 as specified in RFC 8032.\n\n- [ed25519-compact](https://github.com/jedisct1/rust-ed25519-compact)\n [![][verified-badge]](https://github.com/jedisct1/rust-ed25519-compact/issues/13)\n A compact Ed25519 implementation for Rust, no_std / WebAssembly friendly\n\n- [ed25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek/tree/main/ed25519-dalek)\n [![][audited-badge]](https://blog.quarkslab.com/security-audit-of-dalek-libraries.html)\n Fast and efficient ed25519 key generation, signing, and verification in\n Rust.\n\n- [ed25519-zebra](https://github.com/ZcashFoundation/ed25519-zebra)\n Zcash-flavored Ed25519 signatures for consensus-critical applications.\n\n- [milagro_bls](https://github.com/sigp/milagro_bls) BLS signatures using the\n [Apache Milagro](https://github.com/apache/incubator-milagro-crypto-rust)\n Cryptographic Library.\n\n- [nisty](https://github.com/nickray/nisty) NIST P-256 signatures for\n Cortex-M4 microcontrollers.\n\n- [rust-minisign](https://github.com/jedisct1/rust-minisign/) Pure Rust\n implementation of the [Minisign](https://jedisct1.github.io/minisign/)\n signature system.\n\n- [schnorrkel](https://github.com/w3f/schnorrkel) Implements Schnorr\n signature on Ristretto compressed Ed25519 points, as well as related\n protocols like HDKD, MuSig, and a verifiable random function (VRF).\n\n### Encryption (Hybrid Encryption)\n\n- [hpke-rs](https://github.com/franziskuskiefer/hpke-rs) - Implementation of\n [HPKE](https://cfrg.github.io/draft-irtf-cfrg-hpke/draft-irtf-cfrg-hpke.html)\n using\n [Evercrypt](https://github.com/franziskuskiefer/evercrypt-rust/tree/master/evercrypt-rs).\n\n- [rust-hpke](https://github.com/rozbb/rust-hpke) Early implementation of the\n [HPKE](https://datatracker.ietf.org/doc/draft-irtf-cfrg-hpke/) hybrid\n encryption standard, written in pure Rust.\n\n### Key Exchange\n\n- [opaque-ke](https://github.com/novifinancial/opaque-ke) A Rust\n implementation of the [OPAQUE](https://eprint.iacr.org/2018/163.pdf)\n Password-Authenticated Key Exchange protocol.\n\n- [PAKEs](https://github.com/RustCrypto/PAKEs) Collection of\n Password-Authenticated Key Agreement protocols.\n\n- [x25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek/tree/main/x25519-dalek)\n [![][audited-badge]](https://blog.quarkslab.com/security-audit-of-dalek-libraries.html)\n Pure-Rust implementation of x25519 elliptic curve Diffie-Hellman key\n exchange, with curve operations provided by\n [curve25519-dalek](https://github.com/dalek-cryptography/curve25519-dalek).\n\n### Threshold & Multiparty Signatures\n\n- [multi-party-ecdsa](https://github.com/KZen-networks/multi-party-ecdsa)\n Rust implementation of {t,n}-threshold ECDSA (elliptic curve digital\n signature algorithm).\n\n- [multi-party-schnorr](https://github.com/KZen-networks/multi-party-schnorr)\n Multiparty and threshold Schnorr signatures\n\n- [threshold_crypto](https://github.com/poanetwork/threshold_crypto) A\n pairing-based threshold cryptosystem for collaborative decryption and\n signatures.\n\n- [FROST (on redjubjub)](https://github.com/ZcashFoundation/redjubjub)\n [![][audited-badge]](https://github.com/ZcashFoundation/redjubjub/blob/main/zcash-frost-audit-report-20210323.pdf)\n An implementation of FROST (Flexible Round-Optimized Schnorr Threshold)\n RedJubjub signatures.\n\n### Verifiable Delay Functions (VDFs)\n\n- [vdf](https://github.com/poanetwork/vdf) An implementation of Verifiable\n Delay Functions in Rust.\n\n### Verifiable Random Functions (VRFs)\n\n- [schnorrkel](https://github.com/w3f/schnorrkel) Implements Schnorr\n signature on Ristretto compressed Ed25519 points, as well as related\n protocols like HDKD, MuSig, and a verifiable random function (VRF).\n\n## Platform / Framework Bindings\n\n[up](#table-of-contents)\n\nThese libraries are FFI bindings to OS platforms and commonly used\ncryptography frameworks.\n\n- [mesalink](https://mesalink.io/) OpenSSL-compatible C library implemented in\n Rust\n\n- [native-tls](https://github.com/sfackler/rust-native-tls) An abstraction\n over platform-specific TLS implementations.\n\n- [openssl](https://github.com/sfackler/rust-openssl) OpenSSL FFI bindings\n for the Rust programming language.\n\n- [schannel](https://github.com/steffengy/schannel-rs) Rust bindings to the\n Windows SChannel APIs providing TLS client and server functionality.\n\n- [security-framework](https://github.com/kornelski/rust-security-framework)\n Bindings to the Apple's Security.framework. Allows use of TLS and Keychain\n from Rust.\n\n## Cryptographic Hardware\n\n[up](#table-of-contents)\n\nThese libraries provide host-side drivers for cryptographic hardware devices\n(e.g. authentication tokens, HSMs).\n\n- [cryptoki](https://github.com/parallaxsecond/rust-cryptoki) Rust-native\n PKCS#11 library.\n\n- [rust-cryptoauthlib](https://github.com/PelionIoT/rust-cryptoauthlib/)\n Rust library for interfacing with ATECCx08a devices.\n\n- [solo](https://github.com/solokeys/solo) Solo is an open source security\n key.\n\n- [tss-esapi](https://github.com/parallaxsecond/rust-tss-esapi) Rust-native\n library for interfacing with TPM 2.0 devices via the TCG Enhanced System API\n (ESAPI).\n\n- [yubihsm](https://github.com/iqlusioninc/yubihsm.rs) Pure-Rust client\n library for YubiHSM 2 devices which implements most the functionality of the\n libyubihsm C library from Yubico's YubiHSM SDK.\n\n- [yubikey](https://github.com/iqlusioninc/yubikey.rs) Pure Rust\n cross-platform host-side driver for YubiKey devices from Yubico with support\n for public-key encryption and digital signatures using the Personal Identity\n Verification (PIV) application.\n\n## Post-Quantum Cryptography\n\n[up](#table-of-contents)\n\nThese libraries are designed to be secure against hypothetical future attacks\nby large quantum computers.\n\n- [ml-kem](https://github.com/RustCrypto/KEMs/tree/master/ml-kem) Pure Rust\n  implementation of the Module-Lattice-Based Key-Encapsulation Mechanism\n  standard (formerly known as Kyber) as described in FIPS 203 (final).\n\n- [oqs](https://github.com/open-quantum-safe/liboqs-rust) Wrapper around\n Open-Quantum-Safe's liboqs cryptographic library.\n\n- [pqcrypto](https://github.com/rustpq/pqcrypto) FFI bindings to quantum-safe\n cryptographic libraries.\n\n- [picnic-bindings](https://github.com/ait-crypto/picnic-bindings-rs) FFI\n  bindings to Picnic library implementating the traits from\n  [signature](https://github.com/RustCrypto/traits/tree/master/signature).\n\n- [pqcrypto-picnic](https://github.com/ait-crypto/pqcrypto-picnic) FFI bindings\n  to Picnic library implementating the traits from\n  [pqcrypto](https://github.com/rustpq/pqcrypto).\n\n## Random Number Generators\n\n[up](#table-of-contents)\n\n- [rand](https://github.com/rust-random/rand) Rust library for random number\n generation.\n\n- [getrandom](https://docs.rs/getrandom/0.2.3/getrandom/) Interface to the\n operating system's random number generator.\n\n## Zero-knowledge Proofs\n\n[up](#table-of-contents)\n\n- [arkworks](https://github.com/arkworks-rs) An ecosystem for developing and\n programming with zkSNARKs.\n\n- [bellman](https://github.com/zkcrypto/bellman)\n [![](https://img.shields.io/badge/1-audited-success.svg)](https://cybermashup.files.wordpress.com/2018/08/zcash-audit.pdf)\n [![](https://img.shields.io/badge/2-audited-success.svg)](https://raw.githubusercontent.com/QED-it/sapling-audit/master/sapling-audit-report.pdf)\n A crate for building zk-SNARK circuits.\n\n- [bellman-ce](https://github.com/matter-labs/bellman) Bellman fork with\n support for Ethereum's BN256.\n\n- [bellperson](https://github.com/filecoin-project/bellperson) Bellman fork\n with GPU parallel acceleration for FFT and Multiexponentation subroutines in\n the Groth16 prover.\n\n- [bulletproofs](https://github.com/dalek-cryptography/bulletproofs)\n [![][audited-badge]](https://blog.quarkslab.com/security-audit-of-dalek-libraries.html)\n Pure-Rust implementation of\n [Bulletproofs](https://crypto.stanford.edu/bulletproofs/) using\n [Ristretto](https://ristretto.group).\n\n- [bulletproof](https://github.com/KZen-networks/bulletproofs) Implements\n [Bulletproofs+](https://eprint.iacr.org/2020/735.pdf) and\n [Bulletproofs](https://eprint.iacr.org/2017/1066.pdf) aggregated range proofs\n with multi-exponent verification.\n\n- [Dusk-Zerocaf](https://github.com/dusk-network/dusk-zerocaf) Pure-Rust\n cryptographic library constructed to define operations for an elliptic curve\n embedded into the [Ristretto](https://ristretto.group) scalar field.\n\n- [merlin](https://github.com/dalek-cryptography/merlin) Composable proof\n transcripts for public-coin arguments of knowledge.\n\n- [OpenZKP](https://github.com/0xProject/OpenZKP) Pure-Rust implementations\n of Zero-Knowledge Proof systems.\n\n- [snarkVM](https://github.com/AleoHQ/snarkVM) A Rust implementation of\n [Zexe](https://eprint.iacr.org/2018/962.pdf), a model for decentralized private\n computation using zero-knowledge proofs\n\n- [Spartan](https://github.com/microsoft/Spartan) High-speed zkSNARKs without\n trusted setup.\n\n- [winterfell](https://github.com/novifinancial/winterfell/) A distributed\n STARK prover.\n\n- [ZoKrates](https://github.com/Zokrates/ZoKrates) A toolbox for zkSNARKs on\n Ethereum.\n\n- [zkp](https://github.com/zkcrypto/zkp) Macro-based zero-knowledge proof\n compiler for Schnorr proofs.\n\n## Secure Multiparty Computation\n\n[up](#table-of-contents)\n\nThese libraries allow several participants to collectively perform a\ncomputation without revealing what is being computed to the participants.\n\n- [libpaillier](https://github.com/mikelodder7/paillier-rs) Rust\n implementation of the Paillier cryptosystem with additive homomorphism\n\n- [swanky](https://github.com/GaloisInc/swanky) A suite of Rust libraries for\n secure multi-party computation.\n\n- [white-city](https://github.com/KZen-networks/white-city) API to integrate\n distributed network for secure computation protocols.\n\n## Fully Homomorphic Encryption\n\n[up](#table-of-contents)\n\nThese libraries allow to perform secure computation, e.g. computations over\nencrypted data.\n\n- [concrete](https://github.com/zama-ai/concrete) Rust implementation of\n various FHE operations based on the TFHE scheme.\n- [TFHE-rs](https://github.com/zama-ai/tfhe-rs) Pure Rust implementation of the TFHE scheme for boolean and integers FHE arithmetics.\n\n## Format Decoders/Encoders\n\n[up](#table-of-contents)\n\nThese libraries implement parsers and serializers for various\ncryptography-related formats.\n\n- [base64ct](https://github.com/RustCrypto/formats/tree/master/base64ct)\n Constant-time Base64 decoder/encoder with `no_std` support.\n\n- [der](https://github.com/RustCrypto/formats/tree/master/der)\n Cryptography-oriented ASN.1 DER decoder/encoder with `no_std` support.\n\n- [pem-rfc7468](https://github.com/RustCrypto/formats/tree/master/pem-rfc7468)\n Constant-time implementation of the strict PEM encoding rules for PKIX, PKCS,\n and CMS Structures.\n\n- [pkcs1](https://github.com/RustCrypto/formats/tree/master/pkcs1) Pure Rust\n implementation of Public-Key Cryptography Standards #1: RSA Cryptography\n Specifications Version 2.2 (RFC 8017).\n\n- [pkcs8](https://github.com/RustCrypto/formats/tree/master/pkcs8) Pure Rust\n implementation of Public-Key Cryptography Standards #8: Private-Key\n Information Syntax Specification (RFC 5208).\n\n- [rasn](https://github.com/XAMPPRocky/rasn) A `no_std` ASN.1 codec framework\n (like serde but for ASN.1). Supports the following formats: BER, CER, DER.\n\n- [x509-parser](https://github.com/rusticata/x509-parser) X.509 v3 (RFC5280)\n parser, implemented with the nom parser combinator framework.\n\n## Defensive Measures\n\n[up](#table-of-contents)\n\nThese libraries can be used to harden cryptographic algorithms against\nattacks.\n\n### Constant-Time Code\n\n- [subtle](https://github.com/dalek-cryptography/subtle)\n [![][audited-badge]](https://blog.quarkslab.com/security-audit-of-dalek-libraries.html)\n Pure-Rust traits and utilities for constant-time cryptographic implementations.\n\n### Protecting Secrets in Memory\n\n- [secrecy](https://github.com/iqlusioninc/crates/tree/main/secrecy) A simple\n secret-keeping library for Rust.\n\n### Zeroing Memory\n\n- [zeroize](https://github.com/RustCrypto/utils/tree/master/zeroize) Securely\n zero memory while avoiding compiler optimizations.\n\n## Arithmetic\n\n[up](#table-of-contents)\n\nThese libraries implement mathematical algorithms potentially interesting for\ncryptography-related applications.\n\n- [crypto-bigint](https://github.com/RustCrypto/crypto-bigint)\n [![][audited-badge]](https://research.nccgroup.com/2023/08/30/public-report-entropy-rust-cryptography-review/)\n Cryptography-oriented \"bignum\" library with constant-time algorithms\n including modular arithmetic, stack-allocated big integers, and `no_std`\n support\n\n- [crypto-primes](https://github.com/entropyxyz/crypto-primes)\n [![][audited-badge]](https://research.nccgroup.com/2023/08/30/public-report-entropy-rust-cryptography-review/)\n A crate for generating random primes and primality testing based on `crypto-bigint` integers.\n\n- [nalgebra](https://github.com/rustsim/nalgebra) Linear algebra library for\n Rust.\n\n- [num](https://github.com/rust-num/num) Collection of numeric types and\n traits for Rust. (Bigint).\n\n- [rust-decimal](https://github.com/paupino/rust-decimal) Decimal\n implementation written in pure Rust suitable for financial calculations that\n require significant integral and fractional digits with no round-off errors.\n\n- [secret-integers](https://github.com/hacspec/rust-secret-integers)\n  Integer wrapper types that guarantee constant-time operations only.\n\n## Miscellany\n\n[up](#table-of-contents)\n\nOther libraries which don't fall into the categories listed above.\n\n- [librustzcash](https://github.com/zcash/librustzcash) A (work-in-progress)\n set of Rust crates for working with Zcash.\n\n- [sequoia](https://gitlab.com/sequoia-pgp/sequoia) Implements OpenPGP in\n Rust.\n"
  },
  {
    "path": "CNAME",
    "content": "cryptography.rs"
  },
  {
    "path": "README.md",
    "content": "# Rust Cryptography Interest Group (RCIG) [![Zulip Chat][chat-img]][Zulip Chat]\n\n<img width=\"100px\"\nsrc=\"https://raw.githubusercontent.com/The-DevX-Initiative/RCIG_Coordination_Repo/main/mascot.png\">\n<img align = \"right\" width=\"170px\"\nsrc=\"https://raw.githubusercontent.com/The-DevX-Initiative/RCIG_Coordination_Repo/main/RCIG_Mascot3.png\">\n\nThis repository is the central [issue tracker] used by the RCIG in order to\ncoordinate efforts towards promoting cryptography in Rust.\n\n## Join in!\n\nCome talk with us via [Zulip Chat] or by [opening an issue].\n\n## Projects\n\n- [Awesome Rust Cryptography][cryptography.rs] (a.k.a. [cryptography.rs]):\n  curated list of  actively maintained, high-quality Rust cryptography libraries.\n\n## About\n\nThis repository is where the Rust Cryptography Interest Group stores the following:\n\n- meeting  minutes from Sync-Up calls\n- open issues based on ongoing discussions\n- suggest follow  up topics of discussion for future sync-up calls\n- be a place where the community  coordinates.\n\nThe aim will be for this repo to evolve an archive and a place\nwhere actionable items can be\npicked up easily by members of the RCIG community.\n\n## Mission\n\nOur mission is to foster a robust Rust cryptography ecosystem:\n\n- Create a focal point for discussion and work on Rust cryptography in general\n- Provide overall direction for cryptography in Rust by fostering\n  collaboration on an interoperable cryptographic ecosystem\n- Act as a resource for answering questions about the use of cryptography\n  in Rust projects\n\nNote that this is a new group and figuring out its exact purpose is a work-in-progress.\nAs we figure out a governance process we will be revising our mission statement and\nhopefully publishing a [vision document].\n\n[issue tracker]: https://github.com/The-DevX-Initiative/RCIG_Coordination_Repo/issues\n[opening an issue]: https://github.com/The-DevX-Initiative/RCIG_Coordination_Repo/issues/new/choose\n[vision document]: https://github.com/The-DevX-Initiative/RCIG_Coordination_Repo/issues/4\n[Zulip Chat]: https://rcig.zulipchat.com/\n[chat-img]: https://img.shields.io/badge/zulip-join_chat-blue.svg?logo=zulip\n[cryptography.rs]: https://cryptography.rs\n"
  },
  {
    "path": "_config.yml",
    "content": "title: Awesome Rust Cryptography\ndescription: Showcase of notable cryptography libraries developed in Rust\ntheme: jekyll-theme-hacker\ninclude:\n  - index.html\n  - Awesome_Rust_Cryptography.md\n"
  },
  {
    "path": "index.html",
    "content": "---\ntitle: Awesome Rust Cryptography\ndescription: Showcase of notable cryptography libraries developed in Rust\nlayout: default\n---\n\n{% capture my_include %}{% include_relative Awesome_Rust_Cryptography.md %}{% endcapture %}\n{{ my_include | markdownify }}\n"
  },
  {
    "path": "markdownlint.rb",
    "content": "# markdownlint style rules\n# See https://github.com/markdownlint/markdownlint/blob/master/docs/RULES.md\n# To install, \n\nall\n\n#exclude_rule 'MD013' # Line length\nexclude_rule 'MD026' # Trailing punctuation in header\nexclude_rule 'MD033' # Inline HTML\n"
  }
]