Original author(s) | Daniel J. Bernstein, Tanja Lange, Peter Schwabe |
---|---|
Initial release | 2008 |
Stable release | 20110221
/ February 21, 2011 |
Operating system | UNIX-like |
License | public domain[1] |
Website | nacl |
NaCl (pronounced "salt") is an abbreviation for Networking and Cryptography Library, a public domain, high-speed software library for network communication, encryption, decryption, signatures, etc.[2]
NaCl was created by the mathematician and programmer Daniel J. Bernstein, who is best known for the creation of qmail and Curve25519. The core team also includes Tanja Lange and Peter Schwabe.[3][4] The main goal while creating NaCl, according to the paper, was to "avoid various types of cryptographic disasters suffered by previous cryptographic libraries".[1]
Basic functions
Public-key cryptography
- Signatures using Ed25519.
- Key agreement using X25519.
Secret-key cryptography
- Authenticated encryption using Salsa20-Poly1305.
- Encryption using Salsa20 or AES.
- Authentication using HMAC-SHA-512-256.
- One-time authentication using Poly1305.
Low-level functions
- String comparison.[7]
Key derivation function (only libsodium)
- Password hashing using argon2
Implementations
Reference implementation is written in C, often with several inline assembler. C++ and Python are handled as wrappers.[8]
NaCl has a variety of programming language bindings such as PHP,[9] and forms the basis for Libsodium, a cross-platform cryptography library created in 2013 which is API compatible with NaCl.
Alternative implementations
- Libsodium — a portable, cross-compilable, installable, packageable, API-compatible version of NaCl.[10]
- dryoc — a pure-Rust implementation of libsodium/NaCl, with support for protected memory.[11]
- NaCl Pharo — a Pharo Smalltalk Extension.[12]
- TweetNaCl — a tiny C library, which fits in just 100 tweets (140 symbols each), but supports all NaCl functions.[13]
- NaCl for Tcl — a port to the Tcl language.[14]
- NaCl for JavaScript — a port of TweetNaCl/NaCl cryptographic library to the JavaScript language.[15]
- TweetNaCl for Java — a port of TweetNaCl/NaCl cryptographic library to the Java language.[16]
- SPARKNaCl — A re-write of TweetNaCl in the SPARK Ada subset, with formal and fully automatic proofs of type safety and some correctness properties.[17]
- Crypt::NaCl::Sodium Perl 5 binding to libsodium[18]
- Monocypher
See also
References
- 1 2 https://cr.yp.to/highspeed/coolnacl-20120725.pdf Archived 2017-08-09 at the Wayback Machine "The security impact of a new cryptographic library" Daniel J. Bernstein, Tanja Lange, Peter Schwabe
- ↑ "NaCl: Networking and Cryptography library".
- ↑ "Tanja Lange's Homepage".
- ↑ "Peter Schwabe's Homepage".
- ↑ "Hashing". 2010-08-30. Retrieved 2015-11-14.
- ↑ "Generic hashing". 2017-12-13. Retrieved 2018-05-19.
- ↑ Bernstein, Daniel J. (10 March 2009). Cryptography in NaCl (PDF). Archived from the original (PDF) on 25 March 2017. Retrieved 8 February 2016.
- ↑ "NaCl Internals".
- ↑ "NaCl PHP Extension". Github. 2019-06-14.
- ↑ "Libsodium".
- ↑ "dryoc".
- ↑ "SmalltalkHub repository".
- ↑ "TweetNaCl".
- ↑ "Tclers Wiki - NaCl for Tcl".
- ↑ "TweetNaCl".
- ↑ "TweetNaCl-Java".
- ↑ "SPARKNaCl".
- ↑ "Crypt::NaCl::Sodium".