Me and Golang … For Cybersecurity, The Gopher is Nearly Perfect!

At my core, I am a C coder. It is ingrained in me. I suppose the first programming language that you learn is always like that. Here, in…

Me and Golang … For Cybersecurity, The Gopher is Nearly Perfect!

At my core, I am a C coder. It is ingrained in me. I suppose the first programming language that you learn is always like that. Here, in fact, is the first book I published:

I loved C because it didn’t force me to stick to a strict usage. I could twiddle bits if I wanted, and could use pointers to reference things in memory. But, of course, these things contribute to the major weaknesses of C. Many of the bugs we see in programs are often code by the flaws of C (especially for buffer overflows).

And so after a little detour around Pascal, C++, Java, FORTRAN 77 (!!!), Assembly Language, Delphi (remember that amazing language?), Flash, and a few others, I settle on C#, as it felt natural to me, and especially with .NET. And then ASP.NET MVC came along, and I was hooked. But, it has been slipping, and I just can’t get the latest cybersecurity libraries in .NET. I also found that Cybersecurity students just loved Python, so I move to run Python as a back-end, and ASP.NET as a front-end.

And so I love the power of Python, but the syntax has never seemed natural for me, and I still have to Google for loop() statements. But, I have finally found a modern language that fits all my uses … and it’s Golang. It’s as if the language had me in mind, with its C-like syntax, and GitHub integration. It’s a perfect little language which avoids much of the baggage of C and C++.

After breaking my Python setup on several occasions, and in trying to compile Python libraries, I just love the easy of coding with Go. In terms of performance, it wipes the floor with Python and Nodejs, and it is “probably” the best language for Blockchain/DLT work. I know that many will say that Rust is the best, but Go just fits for me.

For next semester, I am even going to introduce it for our teaching -alongside Python and Node.js, so fingers crossed. In cybersecurity, you just can’t lock into a single language, as the latest code is likely to be in Python, Node,js, Rust to Go.

And so, here’s a few of my demos:

  • Hashing with Go. Hashing. Hashes with Go.
  • GP Hashing with Go. GP Hashing. GP Hashes with Go.
  • Schnorr with Go. Schnorr. Schnorr signatures with Go.
  • RSA with Go. RSA. RSA encryption with Go.
  • Hash to password with Go. Hash to password. Hash to password with Go.
  • ECDH with Go. ECDH. ECDH with Go.
  • Box with Go. Box. Box with Go.
  • ECC with Go. ECC. ECC with Go.
  • Curve 25519 with Go. ECC. Curve 25519 is one of the most widely used elliptic curve methods, including with Tor, WhatsApp and Signal.
  • ECDH with Curve 25519 using Go. ECC. Curve 25519 is one of the most widely used elliptic curve methods, including with Tor, WhatsApp and Signal. This page uses the curve to implement ECDH.
  • ECDH with Curve 25519 using Go (Cloudfare). ECC. Curve 25519 is one of the most widely used elliptic curve methods, including with Tor, WhatsApp and Signal. This page uses the curve to implement ECDH.
  • Curve 25519 with Go for test vectors. ECC. This does a test on some private keys to test the public key generation.
  • Ed25519 with Go. ECC. This creates a signature for a message given a private and a public key.
  • ElGamal encryption with Go. ElGamal. This implements ElGamal encryption.
  • BNS-256 Crypto pairing (Triparty key exchange). BNS. Implementation of BNS-256 for triparty key exchange.
  • PGP (Symmetric) with Go. PGP (Symmetric). This implements PGP Symmetric encryption.
  • libDisco with Go. libDisco. This implements libDisco.
  • SHAKE with Go. SHAKE. This implements SHAKE in Go.
  • Extended Triple Diffie Hellman (X3DH) with Go. X3DH. This generates pre-shared public keys for X3DH.
  • Ethereum address with Go. Addresses. This generates an Ethereum address.
  • Viewing Balance of account in Etheruem with Go. Balance. This views the balance of an account
  • Viewing Block in Etheruem with Go. Block. This views a block.
  • Viewing Transactions in Block in Etheruem with Go. Transactions. This views transactions.
  • Shamir Secret Shares with Go. SSS. Creating Secret Shares.
  • SIDH Go. SIDH. Post-quantum key exchange.
  • SIKE Secret Shares with Go. SIKE. Post-quantum key exchange with key encapsulation.
  • NTP. NTP. An overview of NTP.
  • BiBa. BiBa. An overview of BiBa One Time Signature.
  • DNSSEC. DNSSEC. An overview of DNSSEC.
  • ElGamal with ECC. ElGamal with ECC. ElGamal using ECC.
  • (t,n)-threshold Boneh-Lynn-Shacham (BLS) signature scheme. TBLS. Create n shares and where we need to get t back to verify the signature.
  • Non-interactive zero-knowledge (NIZK) proofs for the equality (EQ) of discrete logarithms (DL). DLEQ. Create a non-interactive ZKP for discrete logs.
  • ECIES. ECIES. Create encryption with elliptic curve to generate a key pair and AES to encrypt.
  • Collective signing (CoSi) algorithm. CoSi. This involves collective signing and witnessing.
  • Ring signatures. Ring. This involves creating a ring signature, and where the signer gathers a number of public keys, and then adds their own private key, but no-one can tell who has signed the message.
  • Linkable Ring signatures. Ring. This involves creating a linkage ring signature, and where the signer gathers a number of public keys, and then adds their own private key, but no-one can tell who has signed the message.
  • ChaCha20. ChaCha20. This involves creating the ChaCha20 key stream cipher.
  • Proof of Knowledge. Knowledge. This involves proving predicates.
  • Proof of Knowledge (Logical). Knowledge. This involves proving predicates.
  • Calculating abab with Square and Multiply method. SQM. Calculates abab.
  • Calculating ab(modN)ab(modN) and a×b(modN)a×b(modN) with using Montgomery Reduction. Mont. Calculates ab(modN)ab(modN) and a×b(modN)a×b(modN) using Montgomery reduction.
  • Socialist Millionaire Problem (SMP). SMP. We use zero-knowledge proof to show the Bob and Alice have the same value.
  • Commutative encryption with Go. Comm. With commutative encryption, we can encrypt and decrypt in any order.
  • FPE with Go. FPE. An implementation of Format Preserving Encryption (FPE) for FFX1 and FFX3.

Conclusions

If you are into Cybersecurity, go learn Go! Code less, compile quicker, execute faster