NaCl (software)

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Original author(s)Daniel J. Bernstein, Tanja Lange, Peter Schwabe
Initial release2008; 14 years ago (2008)
Stable release
20110221 / February 21, 2011; 11 years ago (2011-02-21)
Operating systemUNIX-like
Licensepublic domain[1]

NaCl (pronounced "salt") is an abbreviation for "Networking and Cryptography library", a public domain "...high-speed software library for network communication, encryption, decryption, signatures, etc".[2]

NaCl was created by the mathematician and programmer Daniel J. Bernstein who is best known for the creation of qmail and Curve25519. The core team also includes Tanja Lange[3] and Peter Schwabe.[4] The main goal while creating NaCl, according to the paper, was to "avoid various types of cryptographic disasters suffered by previous cryptographic libraries".[1]

Basic functions[edit]

Public-key cryptography[edit]

Secret-key cryptography[edit]

Low-level functions[edit]

  • String comparison.[7]

Key derivation function (only libsodium)[edit]


Reference implementation is written in C, often with several inline assembler. C++ and Python are handled as wrappers.[8]

NaCl has a variety of programming language bindings such as PHP,[9] and forms the basis for Libsodium, a cross-platform cryptography library created in 2013 which is API compatible with NaCl.

Alternative implementations[edit]

  • Libsodium — a portable, cross-compilable, installable, packageable, API-compatible version of NaCl.[10]
  • dryoc — a pure-Rust implementation of libsodium/NaCl, with support for protected memory.[11]
  • NaCl Pharo — a Pharo Smalltalk Extension.[12]
  • TweetNaCl — a tiny C library, which fits in just 100 tweets (140 symbols each), but supports all NaCl functions.[13]
  • NaCl for Tcl — a port to the Tcl language.[14][third-party source needed]
  • NaCl for JavaScript — a port of TweetNaCl/NaCl cryptographic library to the JavaScript language.[15]
  • TweetNaCl for Java — a port of TweetNaCl/NaCl cryptographic library to the Java language.[16]
  • SPARKNaCl — A re-write of TweetNaCl in the SPARK Ada subset, with formal and fully automatic proofs of type safety and some correctness properties.[17]
  • Crypt::NaCl::Sodium Perl 5 binding to libsodium[18]

See also[edit]


  1. ^ a b Archived 2017-08-09 at the Wayback Machine "The security impact of a new cryptographic library" Daniel J. Bernstein, Tanja Lange, Peter Schwabe
  2. ^ "NaCl: Networking and Cryptography library".
  3. ^ "Tanja Lange's Homepage".
  4. ^ "Peter Schwabe's Homepage".
  5. ^ "Hashing". 2010-08-30. Retrieved 2015-11-14.
  6. ^ "Generic hashing". 2017-12-13. Retrieved 2018-05-19.
  7. ^ Bernstein, Daniel J. (10 March 2009). Cryptography in NaCl (PDF). Archived from the original (PDF) on 25 March 2017. Retrieved 8 February 2016.
  8. ^ "NaCl Internals".
  9. ^ "NaCl PHP Extension". Github. 2019-06-14.
  10. ^ "Libsodium".
  11. ^ "dryoc".
  12. ^ "SmalltalkHub repository".
  13. ^ "TweetNaCl".
  14. ^ "Tclers Wiki - NaCl for Tcl".
  15. ^ "TweetNaCl".
  16. ^ "TweetNaCl-Java".
  17. ^ "SPARKNaCl".
  18. ^ "Crypt::NaCl::Sodium".

External links[edit]