Go 1.11 to be Released

According to the developers, the most significant changes in the release concern the support of WebAssembly and the new concept of modules
27 August 2018   410

The Go team announced a stable release of the version of the language under the number 1.11. According to the developers, the most significant changes in the release concern the support of WebAssembly and the new concept of modules. Go 1.11 requires versions of the OS no older than OpenBSD 6.2, macOS 10.10 Yosemite or Windows 7.

Go 1.11 New Features

  • Go 1.11 adds preliminary support for a new concept called “modules', an alternative to GOPATH with integrated support for versioning and package distribution. Using modules, developers are no longer confined to working inside GOPATH, version dependency information is explicit yet lightweight, and builds are more reliable and reproducible.
  • Go 1.11 adds an experimental port to WebAssembly (js/wasm).
  • A new package is presented that provides a simple API for searching and downloading packages with the original Go-code.
  • Improved presentation of information during debugging, including information on line numbers and placement of breakpoints.
  • Added support for more functions for embedding by default, including those that cause panic.
  • A new format for exporting these packages is presented. It is assumed that for end users it will be more transparent and understandable, besides, it speeds up the assembly of large projects. In case of problems, you can turn it off at compile time.

Learn more at Release Notes. Previous Go version was released in February.

Google to Introduce Tink Cryptographic Library

Google already uses Tink in projects like AdMob, Google Pay, Google Assistant, Firebase and the Android Search App
31 August 2018   686

Google introduced the open cryptographic library called Tink with support for Java, C ++ and Objective-C, as well as experimental support for Go and JavaScript. Product primitives use the BoringSSL and the Java Cryptography Architecture framework.

Even small errors in the use of cryptographic methods can have serious consequences, and they are carefully study for decades. Many developers do not have so much time, so when creating a new tool, the company tried to reduce the number of potential errors with cryptographic APIs. Google already uses Tink in projects like AdMob, Google Pay, Google Assistant, Firebase and the Android Search App.

These primitives are used in the core of the library:

  • AEAD (Authenticated Encryption with Associated Data) for symmetric encryption of blocks and data streams over a fixed key. The tool does not require the definition of specific algorithms and their parameters. With it, you can quickly perform encryption and decryption operations:
    import com.google.crypto.tink.Aead;
     import com.google.crypto.tink.KeysetHandle;
     import com.google.crypto.tink.aead.AeadFactory;
     import com.google.crypto.tink.aead.AeadKeyTemplates;
     // 1. Generate the key material.
     KeysetHandle keysetHandle = KeysetHandle.generateNew(
     AeadKeyTemplates.AES256_EAX);
     // 2. Get the primitive.
     Aead aead = AeadFactory.getPrimitive(keysetHandle);
     // 3. Use the primitive.
     byte[] plaintext = ...;
     byte[] additionalData = ...;
     byte[] ciphertext = aead.(plaintext, additionalData);
  • The MAC (Message Authentication Codes) provides message authentication codes.

In Tink, there are functions for creating a digital signature and its verification, as well as the functions of fast hybrid encryption.

Features of work
Each primitive supports stateless mode operation, secure copy operations and the use of keys with a length of 128 bits. The library automatically blocks potentially unsafe operations, for example, downloading keys from unencrypted files on the disk. Tink provides an API for rotating keys and interacting with external key management systems: Google Cloud KMS, Amazon KMS, Android Keystore and Apple iOS KeyChain.

The library has a modular architecture, allows you to connect custom primitives and replace them with existing code files without changing the final applications. From Tink, you can exclude part of the tools. For example, if the program only uses digital signature verification, you can remove symmetric encryption components to reduce the application code size.

In August 2018, the creators of the VPN protocol, WireGuard, announced the creation of the Zinc cryptographic library, which, upon introduction into the core Linux kernel, will accelerate the process of data encryption through a simplified set of crypto algorithms.