From: Vinnie Falco (vinnie.falco_at_[hidden])
Date: 2020-02-26 23:23:41
Let me give you a perfect use-case. Beast Lounge is a massively
multiplayer Blackjack MMO I am working on
(https://github.com/vinniefalco/BeastLounge). No real money, and to
keep things simple , very little information is kept on the server.
Instead the user's character sheet (containing things like their
achievements and game stats) is stored in their browser.
To make this secure, the server serializes the character sheet, adds a
timestamp, and then emits a digital signature using an asymmetric
encryption algorithm. To avoid a replay attack (i.e. rolling back the
character sheet) the server remembers the highest timestamp for each
Anyway since this thing is designed for teaching and for forking and
building your own things, it would be ideal if it could use
cryptographic aglorithms which have modern C++ interfaces. libsodium
is of course out of the question since it is in C. The wrappers for it
aren't great either. Cryptopp is wonderfully broad in functionality,
but its C++ interfaces leave something to be desired. For example
there is no way to specify the allocator for a BufferedTransformation.
To reiterate my position, I believe there is room for a "cryptography
framework" library in Boost which does not try to reimplement any
algorithms but instead provides a robust set of named requirements,
and a set of utility types and algorithms. Then we can pick and choose
the already-existing implementations (perhaps from Cryptopp and
libsodium), and adapt their interface to our clean named requirements
to bring it up to the level of interface quality users expect from
The details of how these external implementations are integrated into
Boost, updated in response to security reports, or replaced can be
worked out later.
Beast already has SHA, Cha-Cha, and base64 conversions as
implementation details in order to implement the WebSocket protocol.
Base64 is also needed for implementing Basic Authentication, which
users have to do themselves since Beast is low-level.
The SHA algorithm is both a compression function and a message
authentication code. ChaCha (and the related Salsa20) are stream
ciphers. While base64 is a codec. We would be doing C++ a solid by
creating well defined named requirements for these interfaces:
With a good set of concepts / named requirements, and the
corresponding wrappers around well-tested already existing algorithms
from other libraries (I'll use libsodium and Cryptopp as the examples
again), we can offer a Boost library that "does cryptography", but
without reinventing any algorithms, using mostly upstream code, and
with clean well-thought interfaces that appeal to the sensibilities of
modern C++ users.
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk