Cryptography can be termed as the practice and study of techniques in order to establish secure communication in the presence of third parties called adversaries. This definition especially pertains to the era of World War when deciphering enemy codes was crucial.
Cryptography is more about creating and analyzing protocols which can prevent third parties or the public from reading private messages and other important aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation are central to modern cryptography.
Today, we see modern cryptography at the intersection of the disciplines of mathematics, computer science, electrical engineering, communication science, and physics.
What is Swift Crypto?
It is a new Swift package which has been designed to bring sophisticated APIs of Apple CryptoKit to the border Swift community. It is designed to let Swift developers access those APIs for a common set of cryptographic operations, regardless of the platform on which they deploy their applications.
We can say that this is one huge step forward for server-side Swift. We did have open-source Swift cryptography libraries in the past, but this one is the first officially supported by Apple. Apple also states that the ‘vast majority of the SwiftCrypto code is intended to remain in lockstep with the current version of Apple CryptoKit’.
As a company or an entrepreneur when you hire Swift developers, this will make it easy for them to share code between Apple’s own platforms and Linux.
When you use SwiftCrypto on Apple platforms, it becomes entirely transparent, passing all your calls directly on to CryptoKit. What this means is that you can write your code just once using import Crypto and then you can share it everywhere. What SwiftCrypto does is that it delegates all work to the core implementation of CryptoKit.
Another great feature is that there is a Swift Package Manager to distribute Swift Crypto to make it even more easy for developers to update Swift Crypto when they are using it on non-Apple platforms.
An important aspect to consider here is that users should trust that the results they get from Swift Crypto are the same as those they get from Apple CryptoKit. It is not acceptable for the same inputs to the same API to produce semantically different results when using Swift Crypto and when using Apple CryptoKit. In order for that, as for now, the Swift community has arranged a shared test suite ensuring that both Swift Crypto and Apple CryptoKit are required to meet this criteria.
The Swift community says that during the development of Swift Crypto, it required extra work to bridge mismatches between the validation required by Apple CryptoKit and the validation done by BoringSSL. Even completely new implementations of some algorithms were also done during the development phase. Majority of the work on this ongoing project will be pertaining to this.
The core goal of Swift Crypto is to enable a cross-platform solution for using Apple CryptoKit’s APIs on a wider range of platforms.Hence, the API will follow the evolution of Apple CryptoKit itself. However, Swift Crypto is an open source project, therefore there is scope for proposing API directly to Swift Crypto. Based on the scope of these APIs, core development team may also consider parallel implementation in Apple CryptoKit.
One of the most important design principles of Swift Crypto is that supporting all cryptographic primitives is a clear non-goal. There exists a risk with supporting many primitives. It is that it becomes tough for users to make choices, especially the safe choices.