NaCl - Networking and Cryptography library (pronounced "salt")


    nacl::randombytes names
    nacl::randombytes source ?random|urandom|secrandomcopybytes|cryptgenrandom|default?
    nacl::randombytes lengthValue
    nacl::randombytes box ?-nonce?
    nacl::randombytes scalarmult ?-scalar|-group?
    nacl::randombytes secretbox ?-nonce|-key?
    nacl::randombytes stream ?-nonce|-key?
    nacl::randombytes auth ?-key?
    nacl::randombytes onetimeauth ?-key?

Public-key cryptography

    nacl::box info
    nacl::box keypair publicKeyVariable secretKeyVariable
    nacl::box cipherVariable messageValue nonceValue publicKeyValue secretKeyValue
    nacl::box open messageVariable cipherValue nonceValue publicKeyValue secretKeyValue
    nacl::scalarmult info
    nacl::scalarmult resultVariable scalarValue groupValue
    nacl::scalarmult base resultVariable scalarValue
    nacl::sign info
    nacl::sign keypair publicKeyVariable secretKeyVariable
    nacl::sign signedVariable messageValue secretKeyValue
    nacl::sign verify messageVariable signedValue publicKeyValue

Secret-key cryptography

    nacl::secretbox info
    nacl::secretbox cipherVariable messageValue nonceValue keyValue
    nacl::secretbox open messageVariable cipherValue nonceValue keyValue
    nacl::stream info
    nacl::stream generate cipherVariable nonceValue keyValue
    nacl::stream cipherVariable messageValue nonceValue keyValue
    nacl::auth info
    nacl::auth ?-hmac256|-hmac512256? authVariable messageValue keyValue
    nacl::auth verify -hmac256|-hmac512256 authValue messageValue keyValue
    nacl::onetimeauth info
    nacl::onetimeauth authVariable messageValue keyValue
    nacl::onetimeauth verify authValue messageValue keyValue

Low-level functions

    nacl::hash info
    nacl::hash ?-sha256|-sha512? hashVariable messageValue


NaCl (pronounced "salt") is a new easy-to-use high-speed software library for network communication, encryption, decryption, signatures, etc. NaCl's goal is to provide all of the core operations needed to build higher-level cryptographic tools. Of course, other libraries already exist for these core operations. NaCl advances the state of the art by improving security, by improving usability, and by improving speed.

Key features

No data flow from secrets to load addresses. No data flow from secrets to branch conditions. No padding oracles. Centralizing randomness. Avoiding unnecessary randomness. Extremely high speed.

Functions supported

Simple NaCl applications need only six high-level NaCl functions: crypto_box for public-key authenticated encryption; crypto_box_open for verification and decryption; crypto_box_keypair to create a public key in the first place; and similarly for signatures crypto_sign, crypto_sign_open, and crypto_sign_keypair.

A minimalist implementation of the NaCl API would provide just these six functions. TweetNaCl is more ambitious, supporting all 25 of the NaCl functions listed below, which as mentioned earlier are all of the C NaCl functions used by applications. This list includes all of NaCl's "default" primitives except for crypto_auth_hmacsha512256, which was included in NaCl only for compatibility with standards and is superseded by crypto_onetimeauth.

The Ed25519 signature system has not yet been integrated into NaCl, since the Ed25519 software has not yet been fully audited; NaCl currently provides an older signature system. However, NaCl has announced that it will transition to Ed25519, so TweetNaCl provides Ed25519.

Public-key cryptography

Secret-key cryptography

Low-level functions

Wiki Pages

See Also

WEB: 20110221
PDF: The security impact of a new cryptographic library

WEB: 20140427
PDF: TweetNaCl: A crypto library in 100 tweets


WEB: BAWT Build Automation With Tcl / Batteries included

Legal Notice

Copyright (C) 2016-2020 Alexander Schoepe, Bochum, DE

NaCl and TweetNaCl crypto library are public domain and the Tcl package BSD-3 license

Contributors (alphabetical order)

Daniel J. Bernstein, University of Illinois at Chicago and Technische Universiteit Eindhoven
Bernard van Gastel, Radboud Universiteit Nijmegen
Wesley Janssen, Radboud Universiteit Nijmegen
Tanja Lange, Technische Universiteit Eindhoven
Peter Schwabe, Radboud Universiteit Nijmegen
Sjaak Smetsers, Radboud Universiteit Nijmegen