The cryptography library currently already supports the most basic elliptic curve operation you need: scalar multiplication. Sometimes you need fancier operations. For example, this supports direct point addition and point subtraction, which for example is used in SPAKE2 to achieve blinding.
Right now these are focused on a tight binding between Python and C (specifically, OpenSSL). The function names are direct equivalents of OpenSSL function names. Most of the rest of the library provides an abstraction from OpenSSL -- but it turns out that providing a safe abstraction to cryptographic primitives can be very tricky :-)
(Disclaimer: I'm one of the founders of cryptography.io; I occasionally show up for cryptographic background. This project builds on that project, and is being considered for upstream inclusion.)
Hey there! Glad to see you give this background on this library.
I built this because I was prototyping a split-key proxy re-encryption scheme with cryptography.io and I needed to perform some of this arithmetic. I found that a PR was made to include it but the team seemed hesitant to add it in.
I thought it would be best to build it as a separate module. Everything is working great so far. I think I'll probably add the rest of the arithmetic to it eventually.
Another question: is your PRE scheme published? Which papers should I go read to know what it does? (Admittedly, I haven't read the Python implementation yet, maybe I should just go do that... I'm familiar with BBS98 but not much of the work after that.)
The Python reference implementation is what we have as far as public information on the schema. We're working on getting a paper drafted up and published quickly, though.
I have a question about your use case: using openssl makes sense for prod code, but whenever I want to experiment with fancy cryptosystems I usually reach for Sage. Is your goal to bridge that gap, or are you really just focused on prod code, or something else?
We wanted something that had well used backing and primitives (cryptography.io) and something that could prototype cryptosystems. As it stands, there isn't much in the Python universe here for this unless you're willing to dabble with C as well.
I built this so we could build something for production and prototype rapidly with the same toolset.
Right now these are focused on a tight binding between Python and C (specifically, OpenSSL). The function names are direct equivalents of OpenSSL function names. Most of the rest of the library provides an abstraction from OpenSSL -- but it turns out that providing a safe abstraction to cryptographic primitives can be very tricky :-)
(Disclaimer: I'm one of the founders of cryptography.io; I occasionally show up for cryptographic background. This project builds on that project, and is being considered for upstream inclusion.)