-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrating/Integrating WebCrypto (possibly WASM) instead of Node Forge Crypto #270
Comments
Note that we currently depend on Original discussion of this can be found here https://gitlab.com/MatrixAI/Engineering/Polykey/js-polykey/-/merge_requests/213#note_736387549 |
Note that It's an alternative to AES GCM which has higher performance when the hardware doesn't support AES-NI instructions. AES GCM is still good for compliance though, some places like government require this. But the algorithm apparently works and is designed for software-only implementations. |
We will need to elevate this issue to a higher priority, we now have empirical results on how long it takes to generate a root key in multiple arenas:
On fargate, using the 0.25 CPU containers, it takes 20 minutes to generate a root key pair. Se can be seen by this cloudwatch cpu utilisation graph: At the same time, key generation is using all cores by default. This doesn't even require the worker manager to be integrated, I think We believe that this is causing CPU starvation of all the other testing workers that jest creates and thus leading to test timeouts as can be seen in #394. As we have deployed our testnet, and we expect the need to autoscale the agents, key generation is going to be an important workload, as it delay the scaling up process. Remember even if we pass in a recovery code, the keys must still be generated and this still takes time. Furthermore we want to get #168 done before going to mainnet, because at that point users will be using our system, and we don't want to get stuck on legacy RSA. |
It's possible to override the number of workers that the |
The So this is good opportunity to take advantage of some intersectionality between crypto, workers, and task abstraction. |
The commit that introduced 16.17 into nodejs is 6e2536f1b09863e984f0479ea4b162e4fe86493d. To use it, one must use I'm going to try the latest master commit and see how we go. This will impact all of the nix-derived dependencies. |
There is 7 points remaining for this epic (since they had work done already). |
The benchmark results in #446 means that we do need webcrypto and due to iOS issues, we cannot use wasm. So we have moved to libsodium instead, and the benchmarks show that libsodium is 10x to 50x faster than webcrypto. We are also going with native There remains 2 uses of webcrypto:
The first can be replaced with our own KDF mechanism. In that sense, we would no longer use bip39. The second is a bit more difficult, it may be easier to create a webcrypto shim backed off libsodium and only for ed25519 signing. |
Specification
The work in #155 involving nativescript meant that we are starting to consider alternatives to Node forge crypto in order to standardise our crypto API and future proof to future JS-based platforms. There are number of reasons to look into webcrypto:
Uint8Array
andArrayBuffer
which can help us standardise our buffer usage across js-db, js-id, js-workers and more, especially as workers requireArrayBuffer
to do zero-copynode-forge
source code isn't well maintained and doesn't have as many eyes watching and evaluating its securityNow for some background:
This comment #43 (comment) explains how we came to be using
node-forge
as opposed to other cryptographic libraries.I know that when Polykey project first started, we initially were thinking of using PGP and thus the kbpgp.js library (https://github.com/keybase/kbpgp). We ended up going away from PGP due to its limited usage in a number of scenarios that we want PK to deal with. Namely end to end encrypted network communication which is a TLS issue, that makes use of X.509 certificates rather than PGP certificates. Furthermore we also had symmetric encryption/decryption scenarios like js-encryptedfs that again would not make use of PGP standards. Therefore it just lacked interoperability with many other cryptographic scenarios, it seemed like its own island of standards, the library can still be brought back in in the future if we find usecases for PK using PGP.
However in choosing node-forge, we came across a few other problems. Mainly overall-cross platform compatibility planning for mobile devices. This is not just a problem with crypto, but also other libraries that are used in our
networking
domain such as utp-native.Here are something I found that may be relevant to us proceeding here:
node-forge
)All of this will mean that we either replace node-forge, or end up creating a adapter pattern where we plugin different crypto implementions depending on our environment. At this point in time, the
keys
domain abstracts over most(all?) crypto operations for all other domains. Except in the case of EFS which is currently pinned tonode-forge
(it may be a good idea to abstract that and expect an interface of functions for EFS).Cross platform compatibility here isn't just about the fundamental crypto library. It's also about other parts of PK. One closely related situation is the JOSE libraries. As they involve cryptographic operations, they currently seem to "fix" their underlying crypto library as well. It would be ideal that if we standardise on a crypto library for cross-platform deployment, that we can also ensure that our JOSE library is using the same crypto library to reduce our crypto attack surface. We are currently using https://github.com/panva/jose which uses native crypto depending on the platform including webcrypto. Contenders include https://github.com/cisco/node-jose (which fixes on node-forge) and https://github.com/square/js-jose.
Additional context
bufferWrap
to supportArrayBuffer
,Uint8Array
andBuffer
js-db#3 - can help make use of the migration toArrayBuffer
and typed arraysWasmer can compile WASM code to native code. But wasm3 is for interpretation. Why use interpetation?
It appears that in some cases interpretation can be more widely deployed. There are examples of iOS apps using wasm3. https://github.com/kateinoigakukun/wasmic-ios
It's becoming fast a standard target for many languages. Even TypeScript when ported to AssemblyScript can be compiled to WASM.
Once it is WASM, the only thing missing is broad adoption of WASI. If WASI is broadly adopted like it is in nodejs (https://github.com/nodejs/uvwasi), then pretty much we have a universal portable binary capable of doing relevant system operations. WASI is like a universal standard of system calls. Like a whole new POSIX standard.
Then one would just use WASM and WASI for all platforms.
Tasks
The text was updated successfully, but these errors were encountered: