NaCl (software)

NaCl
Original author(s)	Daniel J. Bernstein, Tanja Lange, Peter Schwabe
Initial release	2008; 16 years ago
Operating system	UNIX-like
License	public domain
Website	nacl.cr.yp.to

Not to be confused with Google Native Client.

NaCl (pronounced "salt") is an abbreviation for "Networking and Cryptography library", a public domain "...high-speed software library for network communication, encryption, decryption, signatures, etc".^[1]

NaCl was created by the mathematician and programmer Daniel J. Bernstein who is best known for the creation of qmail and Curve25519. The core team also includes Tanja Lange^[2] and Peter Schwabe.^[3] The main goal while creating NaCl, according to the paper, was to "avoid various types of cryptographic disasters suffered by previous cryptographic libraries".^[4]

Basic functions

Public-key cryptography

Authenticated encryption using Curve25519, Salsa20, and Poly1305.
Signatures using Ed25519.
Key agreement using Curve25519.

Secret-key cryptography

Authenticated encryption using Salsa20 and Poly1305.
Encryption using Salsa20 or AES.
Authentication using HMAC-SHA-512-256.
One-time authentication using Poly1305.

Low-level functions

Hashing using SHA-512 or SHA-256.^[5]
String comparison.^[6]

Key features

No data flow from secrets to load addresses.
No data flow from secrets to branch conditions.
No padding oracles.
Centralizing randomness.
Avoiding unnecessary randomness.
Extremely high speed.

Implementations

Reference implementation is written in C, often with several inline assembler. C++ and Python are handled as wrappers.^[7]

NaCl has a variety of programming language bindings such as PHP,^[8] and forms the basis for Libsodium, a cross-platform cryptography library created in 2013 which is API compatible with NaCl.

Alternative implementation

Libsodium — a portable, cross-compilable, installable, packageable, API-compatible version of NaCl.^[9]^{[third-party source needed]}
TweetNaCl — a tiny C library, which fits in just 100 tweets (140 symbols each), but supports all NaCl functions.^[10]^{[third-party source needed]}
NaCl for Tcl — a port to the Tcl language.^[11]^{[third-party source needed]}

References

^ "NaCl: Networking and Cryptography library".
^ "Tanja Lange's Homepage".
^ "Peter Schwabe's Homepage".
^ https://cr.yp.to/highspeed/coolnacl-20120725.pdf
^ "Hashing". 2010-08-30. Retrieved 2015-11-14.
^ Bernstein, Daniel J. (10 March 2009). Cryptography in NaCl (PDF).
^ "NaCl Internals".
^ "NaCl PHP Extension". Github.
^ "Libsodium".
^ "TweetNaCl".
^ "Tclers Wiki - NaCl for Tcl".

External links

Official website

This software article is a stub. You can help Wikipedia by expanding it.

[1] "NaCl: Networking and Cryptography library".

[2] "Tanja Lange's Homepage".

[3] "Peter Schwabe's Homepage".

[4] ttps://cr.yp.to/highspeed/coolnacl-20120725.pdf

[5] "Hashing". 2010-08-30. Retrieved 2015-11-14.

[6] Bernstein, Daniel J. (10 March 2009). Cryptography in NaCl (PDF).

[7] "NaCl Internals".

[8] "NaCl PHP Extension". Github.

[9] "Libsodium".

[10] "TweetNaCl".

[11] "Tclers Wiki - NaCl for Tcl".

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]