NaCl (software)
NaCl (pronounced "salt") is an abbreviation for "Networking and Cryptography library", a public domain "...high-speed software library for network communication, encryption, decryption, signatures, etc".[2]
Original author(s) | Daniel J. Bernstein, Tanja Lange, Peter Schwabe |
---|---|
Initial release | 2008 |
Stable release | 20110221
/ February 21, 2011 |
Operating system | UNIX-like |
License | public domain[1] |
Website | nacl |
NaCl was created by the mathematician and programmer Daniel J. Bernstein who is best known for the creation of qmail and Curve25519. The core team also includes Tanja Lange[3] and Peter Schwabe.[4] The main goal while creating NaCl, according to the paper, was to "avoid various types of cryptographic disasters suffered by previous cryptographic libraries".[1]
Basic functions
Public-key cryptography
- Signatures using Ed25519.
- Key agreement using Curve25519.
Secret-key cryptography
- Authenticated encryption using Salsa20 and Poly1305.
- Encryption using Salsa20 or AES.
- Authentication using HMAC-SHA-512-256.
- One-time authentication using Poly1305.
Low-level functions
- String comparison.[7]
Key derivation function (only libsodium)
- Password hashing using argon2
Implementations
Reference implementation is written in C, often with several inline assembler. C++ and Python are handled as wrappers.[8]
NaCl has a variety of programming language bindings such as PHP,[9] and forms the basis for Libsodium, a cross-platform cryptography library created in 2013 which is API compatible with NaCl.
Alternative implementations
- Libsodium — a portable, cross-compilable, installable, packageable, API-compatible version of NaCl.[10]
- NaCl Pharo — a Pharo Smalltalk Extension.[11]
- TweetNaCl — a tiny C library, which fits in just 100 tweets (140 symbols each), but supports all NaCl functions.[12]
- NaCl for Tcl — a port to the Tcl language.[13]
- NaCl for JavaScript — a port of TweetNaCl/NaCl cryptographic library to the JavaScript language.[14]
- TweetNaCl for Java — a port of TweetNaCl/NaCl cryptographic library to the Java language.[15]
- SPARKNaCl — A re-write of TweetNaCl in the SPARK Ada subset, with formal and fully automatic proofs of type safety and some correctness properties.[16]
- Crypt::NaCl::Sodium Perl 5 binding to libsodium[17]
References
- https://cr.yp.to/highspeed/coolnacl-20120725.pdf Archived 2017-08-09 at the Wayback Machine "The security impact of a new cryptographic library" Daniel J. Bernstein, Tanja Lange, Peter Schwabe
- "NaCl: Networking and Cryptography library".
- "Tanja Lange's Homepage".
- "Peter Schwabe's Homepage".
- "Hashing". 2010-08-30. Retrieved 2015-11-14.
- "Generic hashing". 2017-12-13. Retrieved 2018-05-19.
- Bernstein, Daniel J. (10 March 2009). Cryptography in NaCl (PDF). Archived from the original (PDF) on 25 March 2017. Retrieved 8 February 2016.
- "NaCl Internals".
- "NaCl PHP Extension". Github. 2019-06-14.
- "Libsodium".
- "SmalltalkHub repository".
- "TweetNaCl".
- "Tclers Wiki - NaCl for Tcl".
- "TweetNaCl".
- "TweetNaCl-Java".
- "SPARKNaCl".
- "Crypt::NaCl::Sodium".