Bit32 Lua library is now available

We have added bit32 library from Lua 5.2 to Roblox Lua.

You can read the documentation in Lua 5.2 manual:
https://www.lua.org/manual/5.2/manual.html#6.7

The library effectively allows you to implement various algorithms that require bit manipulation in an easier way and with better performance compared to trying to emulate the bit operations yourself.

While Lua doesn’t support integers natively, the bit32 library converts input arguments to 32-bit integers and proceeds to do bit operations in 32-bits. Note that the numbers are unsigned - for example bit32.bnot(0) is equal to 0xffffffff, not -1.

In the future we hope to provide optimized implementations of various popular transforms for cryptography, hashing and compression, but we felt that a general bit manipulation utility is also useful.

Note, right now the new Lua VM does not optimize these operations in a special way, but we plan to update it with first-class support for some functions from bit32, math, string libraries in the future to accelerate these.

Please let us know if you find any issues, and feel free to publish implementations of various algorithms in the Community Resources category for others to use.

141 Likes

I took a look at the manual but still don’t understand

what are the use cases/benefits for this?

Wondering if this is something that I should use

8 Likes

Let’s see…

  • Encryption improvements. I guess it’s time for an additional layer of security.
  • Whatever hashing means. – Edited; incorrect link
  • Compressed values, wooh.
4 Likes

This is a long awaited feature for some that has been requested a handful of times on the forum before, with some uses cases available on these posts.
Here are a couple:



7 Likes

Take for example my AES 256-bit implementation in RBXLua. As discussed here it is relatively slow (1 ms per 16 bytes). Most of that time is spent in the xor8 function. This library will speed it up by an order of magnitude or more.

I’m grateful for the change and looking forward to the promised implementations!

7 Likes

Must of worded my post poorly, I don’t mean why it was added but rather the use cases/purpose of Bit32 in general

Edit: Even researched and can’t find anything helpful (maybe I am searching wrong)

3 Likes

I am also wondering about the same thing, maybe it will replace Bitbuffer or make it faster?

I am not entirely sure how this would be utilized or how it’s suppose to be used, hopefully some one makes a Tutorial about it.

Compression sounds really interesting, but I am not sure I can say the same for Cryptography correct me if I am mistaken but, if Exploiters can see our LocalScripts how does this provide Security?

4 Likes

The difference between encrypting something and hashing something is one can go two ways; the text you encrypt can be decrypted. While hashing is a one way function, meaning you cant “unhash” it. This is useful for storing something like passwords. To check a password, you would hash the users input and check it against a stored hash.

1 Like

Cryptography can be used to sign data server side which you want the client to use, and pass along locally, such as through TeleportService and ensure it hasn’t been tampered with. It could also be used as a way of storing small hashes for large data chunks you plan on comparing many times quickly and such.

1 Like

Bit32 is for bitwise operations. The most obvious use case is compression, or converting to base-64 and back, though it can also be used for hashing and encryption.

4 Likes

Honestly I am surprised Roblox is just now receiving this update. I love all the new updates that the platform is receiving and i love how we have a developer community that is able to provide feedback for them. I believe that it is essential to keeping up to date with current competitor platforms . Keep it coming.

3 Likes

Is it possible to make byte versions too? Because the implementation of sha1 that I’m using requires it…I don’t know much about the sha1 algorithm but I needed it and for some reason I also don’t have the original source link :confused: edit wait I remember the source

This is the current bit library I’ve been using

1 Like

I have an implementation of SHA-1 that I made using bit32. You can find it here. It was written for Roblox, so it assumes that eventually first-class support for bit32 functions will render localizing them moot, but in the mean time it’s running ever so slightly slower than it would were they localized. Feel free to localize them if you want.

EDIT: For the sake of clarity, anyone is allowed to take and modify this as they want, not just Acreol.

6 Likes

Note, feel free to localize if you want - based on the, uh, vocal feedback, we’ll try to make sure that future optimizations work with localized versions as well. For our upcoming builtin function optimization this will slightly complicate the design of some internals but it seems like we can make it work.

So basically we aren’t discouraging localization. But yeah it is largely unnecessary for performance now and will become completely unnecessary at some point :slight_smile:

4 Likes

Hashing can be “unhashed” if you know the encryption method.

Same for encryption, it isn’t possible to decrypt such a thing unless you understand it’s mechanics.

They’re sometimes equally hard to decrypt (depending on the complexity) however encryption usually appears to be significantly harder.

1 Like

Hashes are one way trapdoor functions that are infeasible to break when secure algorithms are used. This is the equivalent of saying you could find the private key for an RSA 2048 public key if you had every atom in the universe as a processor and spent the lifetime of the universe finding the key.

4 Likes

May want to move to sha256 considering https://shattered.io ;), obviously depends on whether your use of hashes is security sensitive or not.

2 Likes

RSA is an encryption standard?

Hashing functions like SHA-1 are most definitely incomparable.

1 Like

For example if I take an number (a) between 1-9999 and mod it by (b) 256 to get number ©, you can tell me what number (a) is given © and (b)? With some information lost, it is impossible to know exactly what (a) was and if the range for (a) was large enough and the operation non-linear (don’t simply add 256 each time) and computationally intensive it becomes impossible to recover all the possibilities for (a).

Symmetric key cryptography was slow on Roblox before, but we may be able to implement public key cryptography like RSA with this new update. That would allow signing and certificates. Fun stuff.

3 Likes

My implementation was purely academic. I’m not using it for anything, though I appreciate the tip :slightly_smiling_face:. May want to cc @Acreol though just in case.

…Though for Roblox it’s probably overkill to use SHA-256, considering that if you’re dealing with the sort of people that can create collisions for SHA-1 rapidly enough to be of use for Roblox, there’s undoubtedly other security flaws they can take advantage of.

2 Likes