This chapter is about a library called Libsodium that is also know with NACL or SODIUM. It's most advantage is that it is available for almost all major frameworks and provides cryptography methods that are "state of the art".
You will find authenticated encryption, private-public-key encryption and private-public-key signatures but none of them is "old fashioned". Below you get an overview of the functionality of this library:
The authenticated encryption has it's basis in the XSalsa20 stream cipher, combined with Poly1305 MAC authentication ("secret box").
The private-public-key encryption uses the X25519 curve for key exchange, the XSalsa20 stream cipher combined with Poly1305 MAC for authenticated encryption ("crypto box").
A special form of the private-public-key encryption is the anonymus encryption (called "sealed cryto box") where just the private-public key pair of the recipient will be used.
For generating a digital signature the Ed25519 curve will be used.
Do you need a hash or "fingerprint" of a string or file? Ok, Libsodium uses the Blake2b hash algorithm for that task.
If want to derive an encryption key from a passphrase it will be generated with Argon2 algorithm.
Giving a summary you may say "I have never heard the names of the algorithms before" and you are right... me too! That's the reason why I did not try to find a "cross platform solution" as there is no AES, RSA or traditional EC curve cryptography available in Libsodium. When viewing the sourcecodes you will notice that all Libsodium programs are short compared to the traditional ones because it is a high developed library that does a lot in the background.
A more detailed overview is available with the original Libsodium documentation that is written in and for the "C" framework but the functionality is equal on all bindings for other languages.
But the good news are: there are bindings available for Java, PHP (built-in since PHP 7.x), C#, NodeJs and for browser usage and I'm providing solutions for all major cryptography tasks like key encryption, private-public encryption and signing. For all starting cryptography with Libsodium I strongly recommend to do this in PHP because Libsodium support is included (PHP version >= 7.3) and all of my examples will run "out of the box".
Here are my articles regarding Libsodium themes:
| Solution | Description | Jav | PHP | C# | CJs | Web | Pyt | Go | Dart |
| ------ | :------: | :--: | :--: | :--: | :--: | :--: | :--: | :--: |
|generate a random key | see the examples in authenticated string encryption with a random key | ✅ | ✅ | ✅ | ✅ | ✅ |
|generate a curve 25519 key pair | generate a curve X25519 private key and public key pair in Base64 encoding | ✅ | ✅ | ✅ | ✅ | ❌ |
|derive the curve X25519 public key from a secret key | generate the X25519 public key from a secret key in Base64 encoding | 🔜 | 🔜 | 🔜 | 🔜 | ✅ |
|generate a curve ED25519 key pair | generate a curve ED25519 private key and public key pair in Base64 encoding | ✅ | ✅ | ✅ | ✅ | ✅ | | | ✅ |
|generate a curve ED25519 public key from a private key | generate an ED25519 public key from a private key in Base64 encoding | ✅ | ✅ | ✅ | ✅ | ✅ | | | ✅ |
| Argon 2 parameter | describes the parameters used in Argon 2 algorithm | | | | | | | |
| Argon 2 password derivation function | derives an encryption key from a passphrase | ✅ | ✅ | ✅ | ✅ | ✅ |
|ChaCha20-Poly1305 authenticated string encryption with a random key | uses ChaCha20-Poly1305 | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|authenticated string encryption with a random key | uses "secret boxes" | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|authenticated string encryption with a passphrase | uses "secret boxes" | 🔜 | 🔜 | 🔜 | 🔜 | 🔜 | 🔜 |
|authenticated hybrid string encryption with a private-public key exchange | uses "crypto boxes" | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|anonymizised authenticated string hybrid encryption with a private-public key | uses "sealed boxes" | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
|sign a string with a private-public key | uses an ED25519 curve signature | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ |
Jav=Java, PHP=PHP, C#=Csharp, CJs=Javascript with Crypto-JS, Ndc=NodeJs with Crypto, Nfo=NodeJs with forge, Web=WebCrypto, Pyt=Python, Go=Golang, Dar=Dart
Below I'm providing the names and download links of all libraries I have used to run the examples. Please note that I did not take a deep care of the license terms of the libraries - please check them before using them in any (commercial or private) context.
Last update: Aug. 17th 2021
Back to the main page: readme.md