GopherCon 2025: The Go Cryptography State of the Union - Filippo Valsorda

Gopher Academy
17 Nov 202529:08

Summary

TLDRFilippo shares insights from the past year in the Go cryptography space, highlighting key achievements such as the integration of post-quantum key exchanges, FIPS 140 compliance, and the successful security audit of the Go cryptography library. He discusses the importance of post-quantum cryptography, updates to TLS and SSH security, and the launch of Geomys as a company. Filippo also delves into FIPS 140 challenges, testing strategies, and improvements in crypto libraries. The session reflects the collaborative effort of the Go team and community to ensure the security and evolution of Go cryptography.

Takeaways

  • 😀 Post-quantum cryptography is essential for securing future communications against quantum computer threats, with Go implementing ML-KEM for key exchanges to safeguard data today for the future.
  • 😀 The Go cryptography team has maintained an excellent security track record, with fewer vulnerabilities being reported and a professional audit confirming the reliability of the Go cryptography libraries.
  • 😀 The introduction of FIPS 140-3 compliant Go Cryptographic Module provides a native, more secure alternative to BoringSSL, ensuring that Go can meet US government regulations without compromising on performance or security.
  • 😀 The Go cryptography library now supports both post-quantum and traditional key exchange algorithms in a hybrid approach, prioritizing security while maintaining compatibility with existing systems.
  • 😀 FIPS 140-3 compliance is not just about algorithm selection but ensuring proper testing and validation across platforms, which was achieved with extensive testing by Geomys on various operating systems.
  • 😀 The Go team has actively restructured and optimized cryptographic operations, including making AES-CTR up to 9 times faster and eliminating outdated assembly code for better performance.
  • 😀 The Go cryptography team is committed to evolving cryptographic standards while maintaining backward compatibility, making security decisions that best serve the community without sacrificing flexibility.
  • 😀 FIPS 140-3 compliance has led to significant improvements in Go's cryptographic library, including new packages (e.g., crypto/hkdf, crypto/sha3) and performance optimizations, ensuring robust security without additional complexity.
  • 😀 The team uses mutation testing to prevent subtle bugs in assembly code, ensuring that all edge cases, like carry bits, are correctly handled and thoroughly tested.
  • 😀 Going forward, the Go team is focusing on simplifying TLS configuration for users by introducing TLS profiles to handle complex settings automatically, and exploring the integration of passkeys into the standard library.

Q & A

  • What is the focus of the Go cryptography team’s work?

    -The Go cryptography team's work focuses on providing secure cryptographic packages to build applications, covering encryption, hashing, and protocols like TLS and SSH, with an emphasis on maintaining security and improving functionality over time.

  • What significant cryptographic development did the Go team ship in the past year?

    -The Go team shipped post-quantum key exchanges, introducing ML-KEM, a post-quantum key exchange algorithm selected by the NIST competition, which helps protect against the future risks posed by quantum computers.

  • How did the Go team address the risks of quantum computers to cryptographic systems?

    -The Go team focused on post-quantum key exchanges to safeguard against the risk of future quantum computers breaking traditional cryptographic systems. By integrating ML-KEM, they ensure that communication is protected against future quantum attacks while maintaining compatibility with existing systems through hybrid solutions.

  • What is FIPS 140, and why was it important for the Go cryptography library?

    -FIPS 140 is a U.S. government standard for cryptographic modules used in regulated markets. The Go cryptography team worked on making their cryptographic library FIPS 140-3 compliant, allowing users to safely use Go for cryptographic operations in industries requiring such compliance.

  • How did the Go team address the challenges of FIPS 140 compliance?

    -To achieve FIPS 140 compliance, the Go team created a native Go FIPS 140-3 cryptographic module, ensuring that cryptographic operations were properly tested and validated across platforms. They also added runtime mode for compliance testing without affecting standard functionality.

  • What was the major issue with using the BoringCrypto module for FIPS 140 compliance?

    -The BoringCrypto module, while useful for FIPS 140 compliance, required using Cgo, which introduced memory safety issues and made cross-compilation difficult. The Go team moved away from it in favor of a native Go solution to address these problems.

  • Why is post-quantum digital signature support being rolled out slowly in Go?

    -Post-quantum digital signatures are not as urgent as post-quantum key exchanges since current digital signatures are not vulnerable to quantum attacks in the near term. Additionally, signatures are more complex and harder to deploy at scale, so the Go team is taking a slow and careful approach.

  • How does the Go cryptography library maintain its security track record?

    -The Go cryptography team uses a combination of thorough testing, including mutation testing and accumulated test vectors, as well as real-world testing through professional audits and the integration of contributions from the community to maintain a strong security track record.

  • What is the 'Filippo's unhappiness score' used for?

    -The 'Filippo's unhappiness score' is a humorous internal grading system used by the Go cryptography team to classify vulnerabilities based on their severity. The levels are 'shrug,' 'oof,' and 'ouch,' with 'shrug' indicating less critical issues.

  • What are TLS profiles, and how do they aim to simplify cryptographic configurations in Go?

    -TLS profiles are an initiative to simplify TLS configuration by providing predefined profiles such as 'broadly compatible,' 'FIPS compliant,' or 'modern.' These profiles aim to make it easier for users to choose the right settings for their needs without manually tweaking multiple TLS parameters.

Outlines

plate

هذا القسم متوفر فقط للمشتركين. يرجى الترقية للوصول إلى هذه الميزة.

قم بالترقية الآن

Mindmap

plate

هذا القسم متوفر فقط للمشتركين. يرجى الترقية للوصول إلى هذه الميزة.

قم بالترقية الآن

Keywords

plate

هذا القسم متوفر فقط للمشتركين. يرجى الترقية للوصول إلى هذه الميزة.

قم بالترقية الآن

Highlights

plate

هذا القسم متوفر فقط للمشتركين. يرجى الترقية للوصول إلى هذه الميزة.

قم بالترقية الآن

Transcripts

plate

هذا القسم متوفر فقط للمشتركين. يرجى الترقية للوصول إلى هذه الميزة.

قم بالترقية الآن

تصفح المزيد من مقاطع الفيديو ذات الصلة

3 FIPS Cryptography Compliance Properties That You Can't Check Statically

Cryptography

Can We Make Encryption That's "Unbreakable?" | John Prisco | TEDxMidAtlantic

Post-quantum cryptography: Security after Shor’s algorithm

Key 2025 Network Trends Every IT Leader Needs to Know

Kriptografi - Seni Menyembunyikan Informasi

Rate This

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
الوسوم ذات الصلة
Go CryptographyPost-QuantumFIPS ComplianceGopherCon 2025Security Track RecordGo CommunityTLS UpdatesSSH SecurityGeomysSoftware DevelopmentCryptography Libraries
هل تحتاج إلى تلخيص باللغة الإنجليزية؟