Crate citadel_crypt

Source
Expand description

§Citadel Cryptographic Core (citadel_crypt)

A comprehensive cryptographic framework providing secure communication primitives for the Citadel Protocol. This crate serves as the cryptographic backbone, implementing various security mechanisms including post-quantum cryptography, perfect forward secrecy, and anti-replay protection.

§Features

  • Post-Quantum Security: Integration with quantum-resistant cryptographic algorithms
  • Perfect Forward Secrecy: Implemented through stacked ratchet mechanisms
  • Secure Memory Management: Zero-copy secure buffer implementations for sensitive data
  • Entropy Management: Sophisticated entropy banking system for secure key derivation
  • Network Security: Packet vectorization and port scrambling for enhanced communication security
  • FCM (Forward Chain Messaging): Cryptographic primitives for secure message forwarding
  • Argon2 Integration: Memory-hard key derivation with auto-tuning capabilities

§Important Notes

  • All cryptographic operations are designed to be thread-safe and memory-efficient
  • The crate implements defense-in-depth with multiple layers of security
  • Zero-copy operations are used where possible to minimize exposure of sensitive data
  • Automatic memory zeroing is implemented for sensitive data structures
  • citadel_pqcrypto: Post-quantum cryptographic primitives
  • citadel_types: Common type definitions used across the Citadel Protocol
  • citadel_wire: Network protocol implementation

Modules§

argon
For argon-related functionality
endpoint_crypto_container
An abstraction binding the entropy_bank and the PQC Peer Session Cryptographic Container
messaging
For secure messaging with concurrent ratcheting operations
misc
Error type Cryptographic Utility Functions and Error Types
ordered_channel
Ordered Channel Implementation
packet_vector
For endowing packets with coordinates Packet Vector: Secure Packet Sequencing and Port Mapping
prelude
Convenient imports for external use
ratchets
Contains the cryptographic primitives for handling FCM interactions on the network
scramble
Contains the subroutines for network-related functionality
secure_buffer
For secure byte handling Secure Buffer Management
sync_toggle
Thread-Safe Toggle State Management
toolset
Provides entropy_bank management, update, and versioning. This is what’s exposed to the citadel_user api. The entropy_banks themselves are abstracted beneath