Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
| Artifact ID: | 4694804a6200283faf0e4bfc4a070c50797331c089d0ce6087953047d538e57e |
|---|---|
| Page Name: | nacl |
| Date: | 2018-07-16 21:00:56 |
| Original User: | alex |
| Next | 2289f5e27b90278f6a93ba76c71d38f63f9fe16be755c4eaa04fae6a10f0c14c |
NaCl - Networking and Cryptography library (pronounced "salt")
NaCl (pronounced "salt") is a new easy-to-use high-speed software library for network communication, encryption, decryption, signatures, etc. NaCl's goal is to provide all of the core operations needed to build higher-level cryptographic tools. Of course, other libraries already exist for these core operations. NaCl advances the state of the art by improving security, by improving usability, and by improving speed.
Key features
No data flow from secrets to load addresses. No data flow from secrets to branch conditions. No padding oracles. Centralizing randomness. Avoiding unnecessary randomness. Extremely high speed.
Functions supported
Simple NaCl applications need only six high-level NaCl functions: crypto_box for public-key authenticated encryption; crypto_box_open for verification and decryption; crypto_box_keypair to create a public key in the first place; and similarly for signatures crypto_sign, crypto_sign_open, and crypto_sign_keypair.
A minimalist implementation of the NaCl API would provide just these six functions. TweetNaCl is more ambitious, supporting all 25 of the NaCl functions listed below, which as mentioned earlier are all of the C NaCl functions used by applications. This list includes all of NaCl's "default" primitives except for crypto_auth_hmacsha512256, which was included in NaCl only for compatibility with standards and is superseded by crypto_onetimeauth.
The Ed25519 signature system has not yet been integrated into NaCl, since the Ed25519 software has not yet been fully audited; NaCl currently provides an older signature system. However, NaCl has announced that it will transition to Ed25519, so TweetNaCl provides Ed25519.
Public-key cryptography
Authenticated encryption using Curve25519, Salsa20, and Poly1305
- crypto_box = crypto_box_curve25519xsalsa20poly1305
- Not implemented: crypto_box_beforenm + crypto_box_afternm
- crypto_scalarmult = crypto_scalarmult_curve25519
Signatures using Ed25519
- crypto_sign = crypto_sign_ed25519
Secret-key cryptography
Authenticated encryption using Salsa20 and Poly1305
- crypto_secretbox = crypto_secretbox_xsalsa20poly1305
Encryption using Salsa20
- crypto_stream = crypto_stream_xsalsa20
Authentication using HMAC-SHA-512-256
- crypto_auth_hmacsha256_ref, crypto_auth_hmacsha512256_ref
One-time authentication using Poly1305
- crypto_onetimeauth = crypto_onetimeauth_poly1305
Low-level functions
Hashing using SHA-512 or SHA-256
- crypto_hash_sha256_ref, crypto_hash = crypto_hash_sha512
See Also
WEB: nacl.cr.yp.to 20110221
PDF: The security impact of a new cryptographic library
WEB: tweetnacl.cr.yp.to 20140427
PDF: TweetNaCl: A crypto library in 100 tweets
WEB: en.wikipedia.org/wiki/NaCl_(software)
WEB: en.wikipedia.org/wiki/Elliptic_curve_cryptography
WEB: en.wikipedia.org/wiki/Curve25519
Legal Notice
Copyright (C) 2016 Alexander Schoepe, Bochum, DE
NaCl and TweetNaCl crypto library are public domain and the Tcl package BSD-3 license
Contributors (alphabetical order)
Daniel J. Bernstein, University of Illinois at Chicago and Technische Universiteit Eindhoven
Bernard van Gastel, Radboud Universiteit Nijmegen
Wesley Janssen, Radboud Universiteit Nijmegen
Tanja Lange, Technische Universiteit Eindhoven
Peter Schwabe, Radboud Universiteit Nijmegen
Sjaak Smetsers, Radboud Universiteit Nijmegen