Zinc: The New Crypto Library Being Worked On As Part Of WireGuard
Written by Michael Larabel in Linux Kernel on 2 August 2018 at 12:06 AM EDT. 5 Comments
LINUX KERNEL --
As part of this week's volleying of WireGuard onto the Linux kernel mailing list included as part of that is Zinc, a new cryptography API for the Linux kernel.

Zinc offers up a variety of cryptography primitives and is lower-level than the current kernel crypto code. For now Zinc is complementary to the kernel crypto interfaces but WireGuard lead developer Jason Donenfeld acknowledges that someday Zinc could replace the current Linux kernel crypto API.

Design principles of Zinc were driven by "API misuse problems" of crypto programmers from prior decades, programmers often being afraid of crypto code and preferring high-level abstractions, and that abstracted/flexible crypto APIs can lead to various problems. The design Zinc does take is "gives you simple functions, which implement some primitive, or some particular and specific construction of primitives...It also organizes the implementations in a simple, straight-forward, and direct manner, making it enjoyable and intuitive to work on. Rather than moving optimized assembly implementations into arch/, it keeps them all together in lib/zinc/, making it simple and obvious to compare and contrast what's happening."

Zinc continues to be fuzzed and tested for performance as well as verification for trustworthiness. Zinc is also tuned for SIMD, among other performance optimizations.

Those wishing to learn more about the Zinc crypto library that is immediately used by WireGuard but may be picked up by other areas of the kernel can find the introductory details via this patch set.

About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Linux Kernel News
Popular News This Week