HOME

TheInfoList



Click Here for Items Related To - Nettle (cryptographic Library)
OR:
Nettle (cryptographic Library) on:   [Wikipedia]   [Google]   [Amazon]

Nettle is a cryptographic library designed to fit easily in a wide range of toolkits and applications. It began as a collection of low-level cryptography functions from
lsh lsh is a free software implementation of the Secure Shell (SSH) protocol version 2, by the GNU Project including both server and client programs. Featuring Secure Remote Password protocol (SRP) as specified in secsh-srp besides, public-key au ...
in 2001. Since June 2009 (version 2.0) Nettle is a GNU package.


Features

Since version 3, nettle provides the AES
block cipher In cryptography, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called ''blocks''. Block ciphers are specified cryptographic primitive, elementary components in the design of many cryptographic protocols and ...
(a subset of Rijndael) (with assembly optimizations for x86 and sparc), the ARCFOUR (also known as RC4)
stream cipher stream cipher is a symmetric key cipher where plaintext digits are combined with a pseudorandom cipher digit stream (keystream). In a stream cipher, each plaintext digit is encrypted one at a time with the corresponding digit of the keystream ...
(with x86 and sparc assembly), the ARCTWO (also known as RC2) stream cipher,
BLOWFISH Tetraodontidae is a family of primarily marine and estuarine fish of the order Tetraodontiformes. The family includes many familiar species variously called pufferfish, puffers, balloonfish, blowfish, blowies, bubblefish, globefish, swellfis ...
,
CAMELLIA ''Camellia'' (pronounced or ) is a genus of flowering plants in the family Theaceae. They are found in eastern and southern Asia, from the Himalayas east to Japan and Indonesia. There are more than 220 described species, with some controversy ...
(with x86 and x86_64 assembly optimizations),
CAST-128 In cryptography, CAST-128 (alternatively CAST5) is a symmetric-key block cipher used in a number of products, notably as the default cipher in some versions of GPG and PGP. It has also been approved for Government of Canada use by the Communic ...
,
DES Des is a masculine given name, mostly a short form (hypocorism) of Desmond. People named Des include: People * Des Buckingham, English football manager * Des Corcoran, (1928–2004), Australian politician * Des Dillon (disambiguation), sever ...
and 3DES block ciphers, the
ChaCha Cha-Cha, Cha Cha, ChaCha or Chacha may refer to: Music * Cha-cha-cha (dance), a dance of Cuban origin * Cha-cha-cha (music), a genre of Cuban music * ''Cha Cha'' (album), a 1978 album by Herman Brood & His Wild Romance * ''Cha Cha'' (soundtrack), ...
stream cipher (with assembly for x86_64), GOSTHASH94, the MD2,
MD4 The MD4 Message-Digest Algorithm is a cryptographic hash function developed by Ronald Rivest in 1990. The digest length is 128 bits. The algorithm has influenced later designs, such as the MD5, SHA-1 and RIPEMD algorithms. The initialism "MD" s ...
, and MD5 (with x86 assembly)
digests Digest may refer to: Biology *Digestion of food *Restriction digest Literature and publications *'' The Digest'', formerly the English and Empire Digest *Digest size magazine format * ''Digest'' (Roman law), also known as ''Pandects'', a digest ...
, the
PBKDF2 In cryptography, PBKDF1 and PBKDF2 (Password-Based Key Derivation Function 1 and 2) are key derivation functions with a sliding computational cost, used to reduce vulnerabilities of brute-force attacks. PBKDF2 is part of RSA Laboratories' Publ ...
key derivation function In cryptography, a key derivation function (KDF) is a cryptographic algorithm that derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudorandom function (which typically uses a crypto ...
, the
POLY1305 Poly1305 is a universal hash family designed by Daniel J. Bernstein for use in cryptography. As with any universal hash family, Poly1305 can be used as a one-time message authentication code to authenticate a single message using a key shared ...
(with assembly for x86_64) and
UMAC In cryptography, a message authentication code based on universal hashing, or UMAC, is a type of message authentication code (MAC) calculated choosing a hash function from a class of hash functions according to some secret (random) process and ap ...
message authentication code In cryptography, a message authentication code (MAC), sometimes known as a ''tag'', is a short piece of information used for authenticating a message. In other words, to confirm that the message came from the stated sender (its authenticity) and ...
s, RIPEMD160, the
Salsa20 Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. Cha ...
stream cipher (with assembly for x86_64 and ARM), the
SERPENT Serpent or The Serpent may refer to: * Snake, a carnivorous reptile of the suborder Serpentes Mythology and religion * Sea serpent, a monstrous ocean creature * Serpent (symbolism), the snake in religious rites and mythological contexts * Serp ...
block cipher (with assembly for x86_64),
SHA-1 In cryptography, SHA-1 (Secure Hash Algorithm 1) is a cryptographically broken but still widely used hash function which takes an input and produces a 160-bit (20-byte) hash value known as a message digest – typically rendered as 40 hexadecima ...
(with x86, x86_64 and ARM assembly), the
SHA-2 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression ...
(SHA-224, SHA-256, SHA-384, and SHA-512) digests,
SHA-3 SHA-3 (Secure Hash Algorithm 3) is the latest member of the Secure Hash Algorithm family of standards, released by NIST on August 5, 2015. Although part of the same series of standards, SHA-3 is internally different from the MD5-like struct ...
(a subset of the Keccak digest family), the
TWOFISH In cryptography, Twofish is a symmetric key block cipher with a block size of 128 bits and key sizes up to 256 bits. It was one of the five finalists of the Advanced Encryption Standard contest, but it was not selected for standardization. Twof ...
block cipher, RSA, DSA and
ECDSA In cryptography, the Elliptic Curve Digital Signature Algorithm (ECDSA) offers a variant of the Digital Signature Algorithm (DSA) which uses elliptic-curve cryptography. Key and signature-size As with elliptic-curve cryptography in general, the b ...
public-key algorithms, the
Yarrow ''Achillea millefolium'', commonly known as yarrow () or common yarrow, is a flowering plant in the family Asteraceae. Other common names include old man's pepper, devil's nettle, sanguinary, milfoil, soldier's woundwort, and thousand seal. The ...
pRNG. Version 3.1 introduced support for
Curve25519 In cryptography, Curve25519 is an elliptic curve used in elliptic-curve cryptography (ECC) offering 128 bits of security (256-bit key size) and designed for use with the elliptic curve Diffie–Hellman (ECDH) key agreement scheme. It is one of th ...
and
EdDSA In public-key cryptography, Edwards-curve Digital Signature Algorithm (EdDSA) is a digital signature scheme using a variant of Schnorr signature based on twisted Edwards curves. It is designed to be faster than existing digital signature scheme ...
operations. The public-key algorithms use
GMP GMP may refer to: Finance and economics * Gross metropolitan product * Guaranteed maximum price * Guaranteed Minimum Pension Science and technology * GNU Multiple Precision Arithmetic Library, a software library * Granulocyte-macrophage progenito ...
. Nettle is used by
GnuTLS GnuTLS (, the GNU Transport Layer Security Library) is a free software implementation of the TLS, SSL and DTLS protocols. It offers an application programming interface (API) for applications to enable secure communication over the network trans ...
.


Licence and motivation

An API which fits one application well may not work well in a different context resulting in a proliferation of cryptographic libraries designed for particular applications. Nettle is an attempt to avoid this problem by doing one thing (the low-level cryptography) and providing a simple and general interface to it. In particular, Nettle doesn't do algorithm selection, memory allocation or any I/O. Thus Nettle is intended to provide a core cryptography library upon which numerous application and context specific interfaces can be built. The code, test cases, benchmarks, documentation, etc. of these interfaces can then be shared without having to replicate Nettle's cryptographic code. Nettle is primarily licensed under a dual licence scheme comprising The
GNU General Public License The GNU General Public License (GNU GPL or simply GPL) is a series of widely used free software licenses that guarantee end users the Four Freedoms (Free software), four freedoms to run, study, share, and modify the software. The license was th ...
version 2 or later and The
GNU Lesser General Public License The GNU Lesser General Public License (LGPL) is a free-software license published by the Free Software Foundation (FSF). The license allows developers and companies to use and integrate a software component released under the LGPL into their own ...
version 3 or later. A few individual files are licensed under more
permissive licence A permissive software license, sometimes also called BSD-like or BSD-style license, is a free-software license which instead of copyleft protections, carries only minimal restrictions on how the software can be used, modified, and redistributed, ...
s or in the
public domain The public domain (PD) consists of all the creative work A creative work is a manifestation of creative effort including fine artwork (sculpture, paintings, drawing, sketching, performance art), dance, writing (literature), filmmaking, ...
. The copyright notices at the top of the library's source files precisely define the licence status of particular files. The Nettle manual "is in the public domain" and may be used and reproduced freely.


See also

* Botan *
Bouncy Castle Bounce or The Bounce may refer to: * Deflection (physics), the event where an object collides with and bounces against a plane surface Books * Mr. Bounce, a character from the Mr. Men series of children's books Broadcasting, film and TV * ''B ...
*
Cryptlib cryptlib is an open-source cross-platform software security toolkit library. It is distributed under the Sleepycat License, a free software license compatible with the GNU General Public License. Alternatively, cryptlib is available under a pr ...
*
Libgcrypt Libgcrypt is a cryptography library developed as a separated module of GnuPG. It can also be used independently of GnuPG, but depends on its error-reporting library Libgpg-error. It provides functions for all fundamental cryptographic building blo ...
*
Crypto++ Crypto++ (also known as CryptoPP, libcrypto++, and libcryptopp) is a free and open-source C++ class library of cryptographic algorithms and schemes written by Wei Dai. Crypto++ has been widely used in academia, student projects, open-source, and no ...
*
Comparison of cryptography libraries The tables below compare cryptography libraries that deal with cryptography algorithms and have API function calls to each of the supported features. Cryptography libraries FIPS 140 This table denotes, if a cryptography library provides t ...


References

{{GNU Cryptographic software GNU Project software Free security software Free computer libraries Assembly language software Software using the LGPL license Software using the GPL license 2020 software