Galois Releases the Swanky Suite of Rust Libraries for Secure Computation

Galois this week announced the latest release of Swanky, our open-source suite of libraries for secure computation. This new, all-in-one toolkit contains cryptographic components that academic, industry, or government users may need for a wide array of privacy-preserving tasks. Whether you are building a protocol using garbled circuits, experimenting with zero-knowledge proofs, or looking to use private set intersection to protect sensitive data, Swanky provides necessary primitives, eliminating the need to build everything from scratch. “Swanky came together organically,” said Galois Principal Researcher Alex Malozemoff. “First we had Fancy Garbling, which was the first library we built in Rust for doing garbled circuits. Then we had a project that needed private set intersection (PSI), and it turned out that there were components in garbled circuits that were also needed in PSI, so we spun off a primitives library for that. Initially we had separate libraries for each project, but after we did this two or three times we noticed that we were re-using components across them all. We realized it would be way easier if we combined the libraries into a single framework.” Swanky combines existing Galois Zero Trust Computing technologies into one convenient package. It also aims to offer a higher standard of quality than existing frameworks, which are often academic in nature and not practical for adoption. Swanky aims to change the status quo from these other frameworks by focusing on software quality assurance, usability,and security hygiene. “We wanted a library for secure computation developed to professional software engineering standards, well documented and well defined, with consistent interfaces, and offering some important forms of assurance like memory safety,” said Galois Principal Scientist Dave Archer. “We decided to write Swanky in Rust because we get benefits like memory safety and static analysis. Written the right way, Rust programs completely eliminate classes of vulnerabilities common in a lot of programs written in languages like C or C++. We love those safety features. With Rust, Swanky has a framework that we believe is supportable, maintainable, and usable by both researchers and industry professionals.” “Let’s say a researcher or a company wants to build a prototype or experiment with privacy-preserving computation,” Malozemoff added. “Right now, without Swanky, they essentially have to build everything from scratch—and that requires a ton of expertise, a lot of time, and a lot of money. Swanky gives them an opportunity to experiment with or use privacy-preserving computation without having to build it all themselves. Having a library that they can just pick up and use is extremely valuable.” How Can YOU Use Swanky? While this first official version of Swanky is open source and freely available, it's important to note that it is complex enough that it requires expert knowledge to use to its full potential. Researchers and academics are, of course, welcome to experiment with this open source collection of libraries. However, businesses with secure computation needs but without expertise in secure multi-party techniques may benefit from working with us for ongoing support or to develop custom applications tailored to their needs. Importantly, Swanky is not a one-off build. Galois is actively adding new capabilities, and will continue to provide updates and support well into the future, along with roadmaps of upcoming capabilities. Current Capabilities Include:

  • Four zero knowledge (ZK) proof systems based on two ZK paradigms: VOLE and MPC-in-the-head.
  • Garbled circuits.
  • Oblivious transfer (OT) and vector oblivious linear evaluation (VOLE).
  • Private set intersection, including the ability to compute arbitrary functions on the intersection.
  • Core primitives, including finite fields, efficient random number generators, cross-platform SIMD support, etc.

Capabilities in the Pipeline Include:

  • Garbled circuits secure against malicious adversaries.
  • Non-interactive ZK based on VOLE-in-the-head.

Swanky aims to set itself apart from the competition with consistent, user-friendly APIs, industry-grade software engineering practices, and comprehensive documentation. While Swanky has not yet reached this end-state, we continue to improve the suite to meet this high standard. Explore the Swanky library suite on GitHub here. Or, to learn more about how Swanky could serve your business needs or research goals, feel free to contact us at swanky@galois.com.