NaCl (software)

From Wikipedia, the free encyclopedia
Original author(s)Daniel J. Bernstein, Tanja Lange, Peter Schwabe
Initial release2008; 15 years ago (2008)
Stable release
20110221 / February 21, 2011; 12 years ago (2011-02-21)
Operating systemUNIX-like
Licensepublic domain[1]

NaCl (pronounced "salt") is an abbreviation for Networking and Cryptography Library, a public domain, high-speed software library for network communication, encryption, decryption, signatures, etc.[2]

NaCl was created by the mathematician and programmer Daniel J. Bernstein, who is best known for the creation of qmail and Curve25519. The core team also includes Tanja Lange and Peter Schwabe.[3][4] The main goal while creating NaCl, according to the paper, was to "avoid various types of cryptographic disasters suffered by previous cryptographic libraries".[1]

Basic functions[edit]

Public-key cryptography[edit]

Secret-key cryptography[edit]

Low-level functions[edit]

  • String comparison.[7]

Key derivation function (only libsodium)[edit]


Reference implementation is written in C, often with several inline assembler. C++ and Python are handled as wrappers.[8]

NaCl has a variety of programming language bindings such as PHP,[9] and forms the basis for Libsodium, a cross-platform cryptography library created in 2013 which is API compatible with NaCl.

Alternative implementations[edit]

  • Libsodium — a portable, cross-compilable, installable, packageable, API-compatible version of NaCl.[10]
  • dryoc — a pure-Rust implementation of libsodium/NaCl, with support for protected memory.[11]
  • NaCl Pharo — a Pharo Smalltalk Extension.[12]
  • TweetNaCl — a tiny C library, which fits in just 100 tweets (140 symbols each), but supports all NaCl functions.[13]
  • NaCl for Tcl — a port to the Tcl language.[14][third-party source needed]
  • NaCl for JavaScript — a port of TweetNaCl/NaCl cryptographic library to the JavaScript language.[15]
  • TweetNaCl for Java — a port of TweetNaCl/NaCl cryptographic library to the Java language.[16]
  • SPARKNaCl — A re-write of TweetNaCl in the SPARK Ada subset, with formal and fully automatic proofs of type safety and some correctness properties.[17]
  • Crypt::NaCl::Sodium Perl 5 binding to libsodium[18]
  • Monocypher

See also[edit]


  1. ^ a b Archived 2017-08-09 at the Wayback Machine "The security impact of a new cryptographic library" Daniel J. Bernstein, Tanja Lange, Peter Schwabe
  2. ^ "NaCl: Networking and Cryptography library".
  3. ^ "Tanja Lange's Homepage".
  4. ^ "Peter Schwabe's Homepage".
  5. ^ "Hashing". 2010-08-30. Retrieved 2015-11-14.
  6. ^ "Generic hashing". 2017-12-13. Retrieved 2018-05-19.
  7. ^ Bernstein, Daniel J. (10 March 2009). Cryptography in NaCl (PDF). Archived from the original (PDF) on 25 March 2017. Retrieved 8 February 2016.
  8. ^ "NaCl Internals".
  9. ^ "NaCl PHP Extension". Github. 2019-06-14.
  10. ^ "Libsodium".
  11. ^ "dryoc".
  12. ^ "SmalltalkHub repository".
  13. ^ "TweetNaCl".
  14. ^ "Tclers Wiki - NaCl for Tcl".
  15. ^ "TweetNaCl".
  16. ^ "TweetNaCl-Java".
  17. ^ "SPARKNaCl".
  18. ^ "Crypt::NaCl::Sodium".

External links[edit]