curve25519-dalek - A pure-Rust implementation of group operations on Ristretto and Curve25519

  •        521

A pure-Rust implementation of group operations on Ristretto and Curve25519. curve25519-dalek is a library providing group operations on the Edwards and Montgomery forms of Curve25519, and on the prime-order Ristretto group.



Related Projects

elliptic - Fast Elliptic Curve Cryptography in plain javascript

  •    Javascript

Fast elliptic-curve cryptography in a plain javascript implementation.NOTE: Please take a look at before choosing a curve for your cryptography operations.

tweetnacl-js - Port of TweetNaCl cryptographic library to JavaScript

  •    Javascript

Port of TweetNaCl / NaCl to JavaScript for modern browsers and Node.js. Public domain.The primary goal of this project is to produce a translation of TweetNaCl to JavaScript which is as close as possible to the original C implementation, plus a thin layer of idiomatic high-level API on top of it.

ejson - EJSON is a small library to manage encrypted secrets using asymmetric encryption.

  •    Go

ejson is a utility for managing a collection of secrets in source control. The secrets are encrypted using public key, elliptic curve cryptography (NaCl Box: Curve25519 + Salsa20 + Poly1305-AES). Secrets are collected in a JSON file, in which all the string values are encrypted. Public keys are embedded in the file, and the decrypter looks up the corresponding private key from its local filesystem.See the manpages for more technical documentation.

halite - High-level cryptography interface powered by libsodium

  •    PHP

Halite is a high-level cryptography interface that relies on libsodium for all of its underlying cryptography operations. Halite was created by Paragon Initiative Enterprises as a result of our continued efforts to improve the ecosystem and make cryptography in PHP safer and easier to implement.

C++ Elliptic Curve library

  •    Assembly

Libecc is an Elliptic Curve Cryptography C++ library for fixed size keys in order to achieve a maximum speed. The goal of this project is to become the first free Open Source library providing the means to generate safe elliptic curves.

python-ecdsa - pure-python ECDSA signature/verification

  •    Python

This is an easy-to-use implementation of ECDSA cryptography (Elliptic Curve Digital Signature Algorithm), implemented purely in Python, released under the MIT license. With this library, you can quickly create keypairs (signing key and verifying key), sign messages, and verify the signatures. The keys and signatures are very short, making them easy to handle and incorporate into other protocols. This library provides key generation, signing, and verifying, for five popular NIST "Suite B" GF(p) curves, with key lengths of 192, 224, 256, 384, and 521 bits. The "short names" for these curves, as known by the OpenSSL tool (openssl ecparam -list_curves), are: prime192v1, secp224r1, prime256v1, secp384r1, and secp521r1. It also includes the 256-bit curve used by Bitcoin, whose short name is secp256k1. No other curves are included, but it would not be too hard to add more.

MIRACL - MIRACL Cryptographic SDK: Multiprecision Integer and Rational Arithmetic Cryptographic Library is a C software library that is widely regarded by developers as the gold standard open source SDK for elliptic curve cryptography (ECC)

  •    C

What is MIRACL? Multiprecision Integer and Rational Arithmetic Cryptographic Library – the MIRACL Crypto SDK – is a C software library that is widely regarded by developers as the gold standard open source SDK for elliptic curve cryptography (ECC). Why is it different? While many other cryptographic SDKs are focused on PC use, MIRACL also enables developers to build security into highly constrained environments, including embedded, mobile apps and SCADA.

BasicCard Elliptic Curve PKS

  •    Java

A smart card-based public key cryptography system based on elliptic curves, using AES for session key generation and SHA for hashing. This project will include the smart card software, terminal software, and a public key server.

Wireguard - Fast, Modern, Secure, VPN Tunnel

  •    C

WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances.

ring - Safe, fast, small crypto using Rust

  •    Rust

ring is focused on the implementation, testing, and optimization of a core set of cryptographic operations exposed via an easy-to-use (and hard-to-misuse) API. ring exposes a Rust API and is written in a hybrid of Rust, C, and assembly language. ring is focused on general-purpose cryptography. WebPKI X.509 certificate validation is done in the webpki project, which is built on top of ring. Also, multiple groups are working on implementations of cryptographic protocols like TLS, SSH, and DNSSEC on top of ring.

Libcurve - An encryption and authentication library for ZeroMQ applications

  •    C

Curve implements the CurveZMQ elliptic curve security mechanism, for use in ZeroMQ applications. This library is primarily a reference implementation for the CurveZMQ specification but may also be used for end-to-end security. CurveZMQ creates encrypted sessions ("connections") between two peers using short term keys that it securely exchanges using long term keys. When the session is over, both sides discard their short term keys, rendering the encrypted data unreadable, even if the long term keys are captured. It is not designed for long term encryption of data.

chattervox - 📡 An AX

  •    TypeScript

An AX.25 packet radio chat protocol with support for digital signatures and binary compression. Like IRC over radio waves 📡. Chattervox implements a minimal packet radio protocol on top of AX.25 that can be used with a terminal node controller (TNC) like Direwolf to transmit and receive digitally signed messages using audio frequency shift keying modulation (AFSK). In the United States, it's illegal to broadcast encrypted messages on amateur radio frequencies. Chattervox respects this law, while using elliptic curve cryptography and digital signatures to protect against message spoofing.

libsodium.js - libsodium compiled to Webassembly and pure JavaScript, with convenient wrappers

  •    HTML

The sodium crypto library compiled to WebAssembly and pure Javascript using Emscripten, with automatically generated wrappers to make it easy to use in web applications. The complete library weights 188 Kb (minified, gzipped, includes pure js + webassembly versions) and can run in a web browser as well as server-side.

wolfssl - wolfSSL (formerly CyaSSL) is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud

  •    C

The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments - primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments as well because of its royalty-free pricing and excellent cross platform support. wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20, Curve25519, NTRU, and Blake2b. User benchmarking and feedback reports dramatically better performance when using wolfSSL over OpenSSL. There are many reasons to choose wolfSSL as your embedded SSL solution. Some of the top reasons include size (typical footprint sizes range from 20-100 kB), support for the newest standards (SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3, DTLS 1.0, and DTLS 1.2), current and progressive cipher support (including stream ciphers), multi-platform, royalty free, and an OpenSSL compatibility API to ease porting into existing applications which have previously used the OpenSSL package. For a complete feature list, see Section 4.1.

bulletproofs - Bulletproofs are short non-interactive zero-knowledge proofs that require no trusted setup

  •    Haskell

Bulletproofs are short zero-knowledge arguments of knowledge that do not require a trusted setup. Argument systems are proof systems with computational soundness. Bulletproofs are suitable for proving statements on committed values, such as range proofs, verifiable suffles, arithmetic circuits, etc. They rely on the discrete logarithmic assumption and are made non-interactive using the Fiat-Shamir heuristic.


  •    DotNet

Random Number Generators for .Net written in C# Regular use: * MersenneTwister 3 CNG Cryptographically secure RNG: * CTR_DRBG * DSS * DUAL Elliptic Curve Concurrency: * Thread-Safe Non-repetitive RNG Encryption Cipher: * Anubis (successor of Rijndael)

bitauth - Authenticate with web services utilizing the same strategy as Bitcoin.

  •    Javascript

BitAuth is a way to do secure, passwordless authentication using the cryptography in Bitcoin. Instead of using a shared secret, the client signs each request using a private key and the server checks to make sure the signature is valid and matches the public key.BitAuth uses the same technology in Bitcoin. A public private key pair is created using elliptic curve secp256k1. The public SIN (System identification number), like a bitcoin address, is the RIPEMD 160, SHA256 hash of the public key. See for complete details.

BouncyCastle - Lightweight Cryptography API for Java and CSharp

  •    Java

Bouncy Castle Crypto APIs is a lightweight cryptography API for Java and CSharp. It has provider for the Java Cryptography Extension and the Java Cryptography Architecture. It supports TLS, PKCS7, PKCS12, OpenPGP, S/MIME, OCSP, TSP, CMP, Extended Access Control, ASN and lot more.

awesome-cryptography - A curated list of cryptography resources and links.

  •    Javascript

A curated list of cryptography resources and links. Your contributions are always welcome! Please take a look at the contribution guidelines first.

Conscrypt - Java Security Provider that implements parts of the Java Cryptography Extension and Java Secure Socket Extension

  •    Java

Conscrypt is a Java Security Provider (JSP) that implements parts of the Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE). It uses BoringSSL to provide cryptographical primitives and Transport Layer Security (TLS) for Java applications on Android and OpenJDK.The core SSL engine has borrowed liberally from the Netty project and their work on netty-tcnative, giving Conscrypt similar performance.