HOME

TheInfoList



Click Here for Items Related To - NaCl (software)
OR:
NaCl (software) on:   [Wikipedia]   [Google]   [Amazon]

NaCl (pronounced "salt") is an abbreviation for "Networking and Cryptography library", a
public domain The public domain (PD) consists of all the creative work to which no exclusive intellectual property rights apply. Those rights may have expired, been forfeited, expressly waived, or may be inapplicable. Because those rights have expired ...
"...high-speed software library for network communication, encryption, decryption, signatures, etc". NaCl was created by the mathematician and programmer Daniel J. Bernstein who is best known for the creation of
qmail qmail is a mail transfer agent (MTA) that runs on Unix. It was written, starting December 1995, by Daniel J. Bernstein as a more secure replacement for the popular Sendmail program. Originally license-free software, qmail's source cod ...
and
Curve25519 In cryptography, Curve25519 is an elliptic curve used in elliptic-curve cryptography (ECC) offering 128 bits of security (256-bit key size) and designed for use with the elliptic curve Diffie–Hellman (ECDH) key agreement scheme. It is one of t ...
. The core team also includes Tanja Lange and Peter Schwabe. The main goal while creating NaCl, according to the paper, was to "avoid various types of cryptographic disasters suffered by previous cryptographic libraries".https://cr.yp.to/highspeed/coolnacl-20120725.pdf "The security impact of a new cryptographic library" Daniel J. Bernstein, Tanja Lange, Peter Schwabe


Basic functions


Public-key cryptography

*
Signatures A signature (; from la, signare, "to sign") is a handwritten (and often stylized) depiction of someone's name, nickname, or even a simple "X" or other mark that a person writes on documents as a proof of identity and intent. The writer of a ...
using
Ed25519 In public-key cryptography, Edwards-curve Digital Signature Algorithm (EdDSA) is a digital signature scheme using a variant of Schnorr signature based on twisted Edwards curves. It is designed to be faster than existing digital signature schem ...
. * Key agreement using X25519.


Secret-key cryptography

*
Authenticated encryption Authenticated Encryption (AE) and Authenticated Encryption with Associated Data (AEAD) are forms of encryption which simultaneously assure the confidentiality and authenticity of data. Programming interface A typical programming interface for ...
using Salsa20-Poly1305. *
Encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can d ...
using
Salsa20 Salsa20 and the closely related ChaCha are stream ciphers developed by Daniel J. Bernstein. Salsa20, the original cipher, was designed in 2005, then later submitted to the eSTREAM European Union cryptographic validation process by Bernstein. Ch ...
or AES. *
Authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicatin ...
using HMAC-SHA-512-256. * One-time authentication using
Poly1305 Poly1305 is a universal hash family designed by Daniel J. Bernstein for use in cryptography. As with any universal hash family, Poly1305 can be used as a one-time message authentication code to authenticate a single message using a key shared b ...
.


Low-level functions

*
Hashing Hash, hashes, hash mark, or hashing may refer to: Substances * Hash (food), a coarse mixture of ingredients * Hash, a nickname for hashish, a cannabis product Hash mark * Hash mark (sports), a marking on hockey rinks and gridiron football fiel ...
using
SHA-512 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression ...
or
SHA-256 SHA-2 (Secure Hash Algorithm 2) is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compressi ...
or
BLAKE2 BLAKE is a cryptographic hash function based on Daniel J. Bernstein's ChaCha stream cipher, but a permuted copy of the input block, XORed with round constants, is added before each ChaCha round. Like SHA-2, there are two variants differing in t ...
using libsodium * String comparison.


Key derivation function (only libsodium)

* Password hashing using
argon2 Argon2 is a key derivation function that was selected as the winner of the 2015 Password Hashing Competition. It was designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich from the University of Luxembourg. The reference implementation o ...


Implementations

Reference implementation is written in C, often with several
inline assembler In computer programming, an inline assembler is a feature of some compilers that allows low-level code written in assembly language to be embedded within a program, among code that otherwise has been compiled from a higher-level language such as C ...
.
C++ C++ (pronounced "C plus plus") is a high-level general-purpose programming language created by Danish computer scientist Bjarne Stroustrup as an extension of the C programming language, or "C with Classes". The language has expanded significan ...
and
Python Python may refer to: Snakes * Pythonidae, a family of nonvenomous snakes found in Africa, Asia, and Australia ** ''Python'' (genus), a genus of Pythonidae found in Africa and Asia * Python (mythology), a mythical serpent Computing * Python (pro ...
are handled as wrappers. NaCl has a variety of programming language bindings such as PHP, and forms the basis for Libsodium, a cross-platform cryptography library created in 2013 which is API compatible with NaCl.


Alternative implementations


Libsodium
— a portable, cross-compilable, installable, packageable, API-compatible version of NaCl.
dryoc
— a pure-
Rust Rust is an iron oxide, a usually reddish-brown oxide formed by the reaction of iron and oxygen in the catalytic presence of water or air moisture. Rust consists of hydrous iron(III) oxides (Fe2O3·nH2O) and iron(III) oxide-hydroxide (FeO( ...
implementation of libsodium/NaCl, with support for protected memory. * NaCl Pharo — a Pharo Smalltalk Extension. * TweetNaCl — a tiny C library, which fits in just 100 tweets (140 symbols each), but supports all NaCl functions. * NaCl for Tcl — a port to the Tcl language. * NaCl for JavaScript — a port of TweetNaCl/NaCl cryptographic library to the JavaScript language. * TweetNaCl for Java — a port of TweetNaCl/NaCl cryptographic library to the Java language. * SPARKNaCl — A re-write of TweetNaCl in the SPARK Ada subset, with formal and fully automatic proofs of type safety and some correctness properties. * Crypt::NaCl::Sodium Perl 5 binding to libsodium


See also

*
Comparison of cryptography libraries The tables below compare cryptography libraries that deal with cryptography algorithms and have API function calls to each of the supported features. Cryptography libraries FIPS 140 This table denotes, if a cryptography library provides t ...
*
List of free and open-source software packages This is a list of free and open-source software packages, computer software licensed under free software licenses and open-source licenses. Software that fits the Free Software Definition may be more appropriately called free software; the GNU ...


References


External links

* {{Official website, https://nacl.cr.yp.to/ Public-domain software Cryptographic software 2008 software