Nettle (cryptographic library)

From Wikipedia, the free encyclopedia
Developer(s)Niels Möller
Stable release
3.9.1[1] Edit this on Wikidata / 1 June 2023; 5 months ago (1 June 2023)
Written inC
TypeCryptographic library
LicenseLGPLv3, GPLv2, GPLv3

Nettle is a cryptographic library designed to fit easily in a wide range of toolkits and applications. It began as a collection of low-level cryptography functions from lsh in 2001.[2] Since June 2009 (version 2.0) Nettle is a GNU package.[3]


Since version 3, nettle provides the AES block cipher (a subset of Rijndael) (with assembly optimizations for x86 and sparc), the ARCFOUR (also known as RC4) stream cipher (with x86 and sparc assembly), the ARCTWO (also known as RC2) stream cipher, BLOWFISH, CAMELLIA (with x86 and x86_64 assembly optimizations), CAST-128, DES and 3DES block ciphers, the ChaCha stream cipher (with assembly for x86_64), GOSTHASH94, the MD2, MD4, and MD5 (with x86 assembly) digests, the PBKDF2 key derivation function, the POLY1305 (with assembly for x86_64) and UMAC message authentication codes, RIPEMD160, the Salsa20 stream cipher (with assembly for x86_64 and ARM), the SERPENT block cipher (with assembly for x86_64), SHA-1 (with x86, x86_64 and ARM assembly), the SHA-2 (SHA-224, SHA-256, SHA-384, and SHA-512) digests, SHA-3 (a subset of the Keccak digest family), the TWOFISH block cipher, RSA, DSA and ECDSA public-key algorithms, the Yarrow pRNG. Version 3.1 introduced support for Curve25519 and EdDSA operations.[4] The public-key algorithms use GMP.[5]

Nettle is used by GnuTLS.

Licence and motivation[edit]

An API which fits one application well may not work well in a different context resulting in a proliferation of cryptographic libraries designed for particular applications. Nettle is an attempt to avoid this problem by doing one thing (the low-level cryptography) and providing a simple and general interface to it. In particular, Nettle doesn't do algorithm selection, memory allocation or any I/O. Thus Nettle is intended to provide a core cryptography library upon which numerous application and context specific interfaces can be built. The code, test cases, benchmarks, documentation, etc. of these interfaces can then be shared without having to replicate Nettle's cryptographic code.[6]

Nettle is primarily licensed under a dual licence scheme comprising The GNU General Public License version 2 or later and The GNU Lesser General Public License version 3 or later. A few individual files are licensed under more permissive licences or in the public domain. The copyright notices at the top of the library's source files precisely define the licence status of particular files.[7]

The Nettle manual "is in the public domain" and may be used and reproduced freely.[8]

See also[edit]


  1. ^ Niels Möller (1 June 2023). "Nettle-3.9.1". Retrieved 1 June 2023.
  2. ^ Niels Möller (25 Sep 2001). "ANNOUNCE: Nettle-1.0". Retrieved 29 November 2010.
  3. ^ Niels Möller (30 Jun 2009). "GNU Nettle cryptographic library". Retrieved 29 November 2010.
  4. ^ "Nettle NEWS file @ git tag nettle3.5_rc1". Retrieved 25 June 2019.
  5. ^ Niels Möller. "Nettle Library Copyright Notice". Retrieved 5 June 2014.
  6. ^ Niels Möller. "Nettle Library: Introduction". Retrieved 5 June 2014.
  7. ^ Niels Möller. "Nettle Library Copyright Notice". Retrieved 5 June 2014.
  8. ^ Niels Möller. "Nettle Library Copyright Notice". Retrieved 5 June 2014.