Skip to content

V1.0.0 - Production-Ready Proxy Re-Encryption Library

Latest
Latest

Choose a tag to compare

View all tags
@stevenleep stevenleep released this 10 Nov 11:12
· 9 commits to master since this release
v1.0.0
727ba50

Rekrypt 1.0.0 - First Stable Release

We're excited to announce the first stable release of Rekrypt, a professional proxy re-encryption library powered by Curve25519 (ECC) for Rust and WebAssembly!

Highlights

Rekrypt enables zero-trust data sharing by allowing a semi-trusted proxy to transform encrypted data from one key to another without ever seeing the plaintext. Perfect for building secure, privacy-preserving applications.

Core Features

  • Proxy Re-Encryption - Transform ciphertext between keys with zero-knowledge proxy
  • BIP39 Key Management - Industry-standard mnemonic-based keypair generation and recovery
  • Encrypted Keystore - PBKDF2 (600k iterations) password-protected key storage
  • Streaming Encryption - Efficient large file handling with chunked processing
  • Hybrid Encryption - AES-256-GCM authenticated encryption with ECC key exchange
  • Universal - Works in Rust native and WebAssembly (browser/Node.js)
  • Memory Safety - Auto-zeroization of sensitive data
  • Timing Attack Protection - Constant-time cryptographic comparisons
  • Authenticated Encryption - AES-256-GCM with integrity verification
  • Replay Attack Prevention - Timestamp, UUID, and sequence validation
  • Strong Key Derivation - PBKDF2 with 600,000 iterations
  • HMAC Integrity - SHA-256 HMAC for all critical operations

Installation

NPM (WebAssembly):

npm install rekrypt

Cargo (Rust):

cargo add rekrypt

Usage

import init, { EncryptSDK } from 'rekrypt';

await init();
const sdk = new EncryptSDK();

// Generate keypair
const alice = sdk.generateKeypair();

// Encrypt data
const data = new TextEncoder().encode('Secret message');
const encrypted = sdk.encrypt(data, alice.public_key);

// Print capsule
console.log(encrypted.capsule); // { version: 1, nonce: ..., signing_key_pair: ..., encrypted_data: ..., data_hash: ..., sequence: ..., request_id: ..., client_timestamp: ... }

// Decrypt data
const decrypted = sdk.decrypt(
    encrypted.capsule,
    alice.private_key,
    encrypted.c_data
);
console.log(new TextDecoder().decode(decrypted)); // "Secret message"
let keypair = sdk.generate_keypair();

// Encrypt data
let data = "Secret message".as_bytes();
let encrypted = sdk.encrypt(data, &keypair.public_key);

// Decrypt data
let decrypted = sdk.decrypt(encrypted.capsule, &keypair.private_key, encrypted.c_data);
println!("{}", String::from_utf8(decrypted).unwrap());

Documentation

Assets 9
Loading