Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Vishnu exer

Hello everyone,


My requirement is to do encryption in Lua for a production system.


For doing this i'm exploring below 2 ways.


1) Use encryption library already implemented in Lua 

2) Use C/C++/C#/Java (or any other language) encryption library which can be called from Lua


Can you please help me with your inputs on some encryption libraries which can be used in a Lua production system ?


Thanks

Vishnu

Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Rob Kendrick-2
On Thu, Feb 04, 2021 at 11:37:39AM +0530, Vishnu exer wrote:

> My requirement is to do encryption in Lua for a production system.
>
> For doing this i'm exploring below 2 ways.
>
> 1) Use encryption library already implemented in Lua
> 2) Use C/C++/C#/Java (or any other language) encryption library which can
> be called from Lua
>
> Can you please help me with your inputs on some encryption libraries which
> can be used in a Lua production system ?

What sort of encryption do you want to do?  What are you trying to
protect against?  There are numerous libraries out there but which to
use depends on the problem you are trying to solve.  (At-rest storage,
transmission over untrusted connections, key exchange over untrusted
connections, secret sharing, stream vs. block ciphers, authentication,
etc etc etc).

B.
Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Vishnu exer
Thanks for the reply Rob. We want to do encryption to protect the metadata sent in headers of email messages. (Email messages are being sent though a tool which is implemented in LUA which is where we want to encrypt the metadata). 

On Thu, Feb 4, 2021 at 1:45 PM Rob Kendrick <[hidden email]> wrote:
On Thu, Feb 04, 2021 at 11:37:39AM +0530, Vishnu exer wrote:
> My requirement is to do encryption in Lua for a production system.
>
> For doing this i'm exploring below 2 ways.
>
> 1) Use encryption library already implemented in Lua
> 2) Use C/C++/C#/Java (or any other language) encryption library which can
> be called from Lua
>
> Can you please help me with your inputs on some encryption libraries which
> can be used in a Lua production system ?

What sort of encryption do you want to do?  What are you trying to
protect against?  There are numerous libraries out there but which to
use depends on the problem you are trying to solve.  (At-rest storage,
transmission over untrusted connections, key exchange over untrusted
connections, secret sharing, stream vs. block ciphers, authentication,
etc etc etc).

B.
Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Rob Kendrick-2
On Thu, Feb 04, 2021 at 03:01:03PM +0530, Vishnu exer wrote:
> Thanks for the reply Rob. We want to do encryption to protect the metadata
> sent in headers of email messages. (Email messages are being sent though a
> tool which is implemented in LUA which is where we want to encrypt the
> metadata).

Protect them from what and who?  What you are trying to *defend* against
is important to know before selecting a library, but if we're talking
email then you should probably be using something that implements
OpenPGP.  I'm not sure there is anything Lua-specific there, but you
could always shell out the gnupg or similar.

B.
Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Tom Sutcliffe
In reply to this post by Vishnu exer
Given a clean slate and no specific constraints, I'm a fan of libsodium https://doc.libsodium.org/ which has an approachable API that's hard to mess up (from a security point of view, I mean).

I'm sure there are probably others, but there are some Lua bindings to a subset of the libsodium API in NodeMCU which might be useful, if only as an example:

https://github.com/nodemcu/nodemcu-firmware/blob/dev-esp32/components/modules/sodium.c
https://nodemcu.readthedocs.io/en/dev-esp32/modules/sodium/

As a general rule, doing cryptography right is _extremely_ difficult and I would be cautious of any implementation written in Lua (or Javascript, or Python, etc). There's a reason OpenSSL, libsodium, GnuPG/libcrypto etc are all written in C. Examples of things you might not realise compromise your security are things like timing attacks, the C implementation of libsodium (to take one example) takes care to avoid falling foul of CPU branch prediction by avoiding conditional branches on critical code paths. The odds of that kind of thing surviving being translated into another language are extremely low. For example, in JavaScript your code may get JITted at runtime which could utterly destroy timing attack defences.

So whatever solution you go with, I'd recommend one written in C with Lua bindings. Under no circumstances should you be tempted to "roll your own" cryptography. You will get it wrong.

As others have said however, picking the "right" crypto for a particular situation is a bit of a minefield, it's a very complex subject, many solutions have tradeoffs that aren't always obvious or well documented, and very few people truly understand every nuance. Myself included! Given all that, I'm hesitant to provide any specific recommendations.

Regards,

Tom

> On 4 Feb 2021, at 6:07 am, Vishnu exer <[hidden email]> wrote:
>
> Hello everyone,
>
> My requirement is to do encryption in Lua for a production system.
>
> For doing this i'm exploring below 2 ways.
>
> 1) Use encryption library already implemented in Lua
> 2) Use C/C++/C#/Java (or any other language) encryption library which can be called from Lua
>
> Can you please help me with your inputs on some encryption libraries which can be used in a Lua production system ?
>
> Thanks
> Vishnu
Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Pierre Chapuis
I agree with Tom, if you must do crypto "online" (i.e. for instance in a Web server) then you must rely on C bindings. Pure Lua crypto can be used for "offline" things e.g. to encrypt or decrypt a file sent / received by email, since this is not vulnerable to things like timing attacks. And even then, Lua crypto library are much less audited than C libraries, so use bindings when you can. In case you really need one, the two relatively serious pure Lua crypto libraries I know are plc [1] and lockbox [2].

I agree that libsodium would be the best option, but sadly I just don't know a generic, battle-tested binding for Lua. If you go the OpenSSL route, the "openssl" and "luaossl" rocks [3] [4] are reliable (or LuaSec if you just need TLS).

[1] https://luarocks.org/modules/philanc/plc
[2] https://luarocks.org/modules/somesocks/lockbox
[3] https://luarocks.org/modules/zhaozg/openssl
[4] https://luarocks.org/modules/daurnimator/luaossl

--
Pierre Chapuis

On Sat, Feb 6, 2021, at 18:38, Tom Sutcliffe wrote:

> Given a clean slate and no specific constraints, I'm a fan of libsodium
> https://doc.libsodium.org/ which has an approachable API that's hard to
> mess up (from a security point of view, I mean).
>
> I'm sure there are probably others, but there are some Lua bindings to
> a subset of the libsodium API in NodeMCU which might be useful, if only
> as an example:
>
> https://github.com/nodemcu/nodemcu-firmware/blob/dev-esp32/components/modules/sodium.c
> https://nodemcu.readthedocs.io/en/dev-esp32/modules/sodium/
>
> As a general rule, doing cryptography right is _extremely_ difficult
> and I would be cautious of any implementation written in Lua (or
> Javascript, or Python, etc). There's a reason OpenSSL, libsodium,
> GnuPG/libcrypto etc are all written in C. Examples of things you might
> not realise compromise your security are things like timing attacks,
> the C implementation of libsodium (to take one example) takes care to
> avoid falling foul of CPU branch prediction by avoiding conditional
> branches on critical code paths. The odds of that kind of thing
> surviving being translated into another language are extremely low. For
> example, in JavaScript your code may get JITted at runtime which could
> utterly destroy timing attack defences.
>
> So whatever solution you go with, I'd recommend one written in C with
> Lua bindings. Under no circumstances should you be tempted to "roll
> your own" cryptography. You will get it wrong.
>
> As others have said however, picking the "right" crypto for a
> particular situation is a bit of a minefield, it's a very complex
> subject, many solutions have tradeoffs that aren't always obvious or
> well documented, and very few people truly understand every nuance.
> Myself included! Given all that, I'm hesitant to provide any specific
> recommendations.
>
> Regards,
>
> Tom
>
> > On 4 Feb 2021, at 6:07 am, Vishnu exer <[hidden email]> wrote:
> >
> > Hello everyone,
> >
> > My requirement is to do encryption in Lua for a production system.
> >
> > For doing this i'm exploring below 2 ways.
> >
> > 1) Use encryption library already implemented in Lua
> > 2) Use C/C++/C#/Java (or any other language) encryption library which can be called from Lua
> >
> > Can you please help me with your inputs on some encryption libraries which can be used in a Lua production system ?
> >
> > Thanks
> > Vishnu
>
Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

John Regan
On Sat, 06 Feb 2021 19:31:03 +0100
"Pierre Chapuis" <[hidden email]> wrote:

> I agree that libsodium would be the best option, but sadly I just
> don't know a generic, battle-tested binding for Lua.

Not really "battle-tested" yet since it's still pretty new, but I've
been working on a binding to libsodium here -
https://github.com/jprjr/luasodium

Works as both a standard C binding and an FFI binding. I try to
maintain really high code-coverage via automated testing, but I do need
to gather some real-world feedback.
Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Vishnu exer
In reply to this post by Pierre Chapuis
Thanks Tom & Pierre for your inputs.

Pierre - I checked #1 & #2 library given by you & their docs mention dependency for Lua >= 5.3 & Lua >=5.2 

I have Lua 5.1 on my machines & if i'm not wrong #1 & #2 libraries won't work with Lua 5.1 (FYI - i tried #2 library on my machines with Lua 5.1 & getting this error "no bitwise support found" which as per this doc is due to Lua version 5.1 not having bitwise support).

Do you have any suggestions for Lua 5.1 ?




On Sun, Feb 7, 2021 at 12:02 AM Pierre Chapuis <[hidden email]> wrote:
I agree with Tom, if you must do crypto "online" (i.e. for instance in a Web server) then you must rely on C bindings. Pure Lua crypto can be used for "offline" things e.g. to encrypt or decrypt a file sent / received by email, since this is not vulnerable to things like timing attacks. And even then, Lua crypto library are much less audited than C libraries, so use bindings when you can. In case you really need one, the two relatively serious pure Lua crypto libraries I know are plc [1] and lockbox [2].

I agree that libsodium would be the best option, but sadly I just don't know a generic, battle-tested binding for Lua. If you go the OpenSSL route, the "openssl" and "luaossl" rocks [3] [4] are reliable (or LuaSec if you just need TLS).

[1] https://luarocks.org/modules/philanc/plc
[2] https://luarocks.org/modules/somesocks/lockbox
[3] https://luarocks.org/modules/zhaozg/openssl
[4] https://luarocks.org/modules/daurnimator/luaossl

--
Pierre Chapuis

On Sat, Feb 6, 2021, at 18:38, Tom Sutcliffe wrote:
> Given a clean slate and no specific constraints, I'm a fan of libsodium
> https://doc.libsodium.org/ which has an approachable API that's hard to
> mess up (from a security point of view, I mean).
>
> I'm sure there are probably others, but there are some Lua bindings to
> a subset of the libsodium API in NodeMCU which might be useful, if only
> as an example:
>
> https://github.com/nodemcu/nodemcu-firmware/blob/dev-esp32/components/modules/sodium.c
> https://nodemcu.readthedocs.io/en/dev-esp32/modules/sodium/
>
> As a general rule, doing cryptography right is _extremely_ difficult
> and I would be cautious of any implementation written in Lua (or
> Javascript, or Python, etc). There's a reason OpenSSL, libsodium,
> GnuPG/libcrypto etc are all written in C. Examples of things you might
> not realise compromise your security are things like timing attacks,
> the C implementation of libsodium (to take one example) takes care to
> avoid falling foul of CPU branch prediction by avoiding conditional
> branches on critical code paths. The odds of that kind of thing
> surviving being translated into another language are extremely low. For
> example, in JavaScript your code may get JITted at runtime which could
> utterly destroy timing attack defences.
>
> So whatever solution you go with, I'd recommend one written in C with
> Lua bindings. Under no circumstances should you be tempted to "roll
> your own" cryptography. You will get it wrong.
>
> As others have said however, picking the "right" crypto for a
> particular situation is a bit of a minefield, it's a very complex
> subject, many solutions have tradeoffs that aren't always obvious or
> well documented, and very few people truly understand every nuance.
> Myself included! Given all that, I'm hesitant to provide any specific
> recommendations.
>
> Regards,
>
> Tom
>
> > On 4 Feb 2021, at 6:07 am, Vishnu exer <[hidden email]> wrote:
> >
> > Hello everyone,
> >
> > My requirement is to do encryption in Lua for a production system.
> >
> > For doing this i'm exploring below 2 ways.
> >
> > 1) Use encryption library already implemented in Lua
> > 2) Use C/C++/C#/Java (or any other language) encryption library which can be called from Lua
> >
> > Can you please help me with your inputs on some encryption libraries which can be used in a Lua production system ?
> >
> > Thanks
> > Vishnu
>
Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Paul Ducklin
In reply to this post by Vishnu exer
Take a look at luaossl if you want to be able to call encryption primitives directly, such as using any and all hash functions you might ever need, generating public/private keypairs, creating and signing X509 certificates, validating TLS certificates at runtime, and encrypting and decrypting data buffers directly with a wide range of symmetric algorithms.

It even exposes the OpenSSL bignum functions if you want to write RSA, DHM or elliptic curve number-crunching code of your own (or just to play around with big prime numbers).

There are a few things you can’t do (e.g. you can’t use authenticated encryption algorithms such as AES-GCM directly, because you can’t call the OpenSSL functions needed to get the authentication data out), but I have been able to work around those missing parts with just a few extra lines of code.

The documentation is good but quite a few things are missing so be prepared to look at the source (which is one massive C file that is actually very easy to read and understand).

If you just want TLS session support, look at LuaSec. It’s very easy to use. You basically just set up a TLS connection, do the handshake and then wrap an existing LuaSocket socket to run over the encrypted channel you just created.

The only thing that doesn’t work is LuaSec’s claimed integration with luaossl, which is not only undocumented but also unusably broken (though fairly easily patched to work reliably). However, most people will never need it anyway.

Both packages are available via LuaRocks.

These days I tend to use luaossl mainly from a Lua prompt (or in simple scripts) as an alternative to the OpenSSL command line tool, because it’s so much easier to use and more self-documenting than the openssl command itself, with all its crazy subcommand variants and absurd option switches...

On 4 Feb 2021, at 06:08, Vishnu exer <[hidden email]> wrote:

Hello everyone,


My requirement is to do encryption in Lua for a production system.


For doing this i'm exploring below 2 ways.


1) Use encryption library already implemented in Lua 

2) Use C/C++/C#/Java (or any other language) encryption library which can be called from Lua


Can you please help me with your inputs on some encryption libraries which can be used in a Lua production system ?


Thanks

Vishnu

Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Daurnimator
On Tue, 9 Feb 2021 at 22:52, Paul Ducklin <[hidden email]> wrote:
> There are a few things you can’t do (e.g. you can’t use authenticated encryption algorithms such as AES-GCM directly, because you can’t call the OpenSSL functions needed to get the authentication data out), but I have been able to work around those missing parts with just a few extra lines of code.

Why not send patches upstream?

> The only thing that doesn’t work is LuaSec’s claimed integration with luaossl, which is not only undocumented but also unusably broken (though fairly easily patched to work reliably).

Which integration is that? (how can it both be claimed *and* undocumented?)
Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Paul Ducklin
> >Why not send patches upstream?
>
Do you or William accept suggested patches by email? (I’m not a GitHub user.)

Bodges I made to my own build include:

* Change to allow a digest of NULL without which Ed25519 signatures cannot [?] be specified

* That Y2K bug you guys already fixed.

* Code to make # work with X509 chains due to no more ipairs() metamethod, so you can use a loop to  go through the chain.

* Very basic (incomplete) code to call AEAD gettag and settag functions. (No support for additional data or IVs other than 12 bytes.)

Er, that’s it.

> Which integration is that? (how can it both be claimed *and* undocumented?)

If you say “this code has X” but then you don’t tell anyone how to use X (and, indeed, X is broken anyway), that is claimed, undocumented and broken :-)

You can
LuaSec’s changelig mentioned somewhere (and included code, might
Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Paul Ducklin
Phone sent before I was ready :-) At end of text below I meant to say ‘LuaSec says in its changelog “added integration with luaossl” at release 0.7.’

The code is there (use a precreated luaossl context for the session instead of a LuaSec initialised one) but it doesn’t work.

I wanted that feature so I could use LuaSec with certificates expressed as data already loaded into memory, whereas LuaSec’s own context-creation API only allows you to specify certificates via the name of an already existing file.

I can dig out those fixes too if anyone would like them.

(I also added a keylog callback function to LuaSec that can be used to emulate Firefox’s and Chrome’s behaviour when used with the SSLKEYLOGFILE environment variable. Dangerous but useful for research purposes: dumps all TLS key material for every TLS connection, even TLS 1.3, so you can decrypt sniffed traffic later on like Wireshark does.)

 

On 17 Feb 2021, at 01:28, Paul Ducklin <[hidden email]> wrote:

>>> Why not send patches upstream?
>>
> Do you or William accept suggested patches by email? (I’m not a GitHub user.)
>
> Bodges I made to my own build include:
>
> * Change to allow a digest of NULL without which Ed25519 signatures cannot [?] be specified
>
> * That Y2K bug you guys already fixed.
>
> * Code to make # work with X509 chains due to no more ipairs() metamethod, so you can use a loop to  go through the chain.
>
> * Very basic (incomplete) code to call AEAD gettag and settag functions. (No support for additional data or IVs other than 12 bytes.)
>
> Er, that’s it.
>
>> Which integration is that? (how can it both be claimed *and* undocumented?)
>
> If you say “this code has X” but then you don’t tell anyone how to use X (and, indeed, X is broken anyway), that is claimed, undocumented and broken :-)
>
> You can
> LuaSec’s changelig mentioned somewhere (and included code, might
Reply | Threaded
Open this post in threaded view
|

Re: Encryption in Lua ? Lua encryption library OR C/C++/C#/Java library which can be called from Lua ?

Paul Ducklin
In reply to this post by Daurnimator
>Which integration is that? (how can it
>both be claimed *and* undocumented?)

When Pierre de Fermat wrote a marginal note in 1637 that he had proved what we now call “Fermat’s Last Theorem” but that the margin was too small to contain it...

...that was a claim.

When Sir Andrew Wiles published an actual proof in 1995, after an interlude of a mere 350 years...

...that was documentation!