aescrypt
secp521r1 and AES-256-CTR with HMAC-SHA-384
ISC License
cryptobox
Cryptobox aims to provide similar functionality to NaCL[1], while using FIPS ciphers. It provides the following packages:
-
box: secure and authenticate small messages with 20-year security using public key cryptography.
-
stoutbox: secure and authenticate small messages with 50-year security using public key cryptography.
-
secretbox: secure and authenticate small messages with 20-year security.
-
strongbox: secure and authenticate small messages with 50-year security.
Developers should prefer the box and stoutbox packages, as these reduce the possibility of key compromise by using public keys.
cryptobox operates on the concept of "boxes", which are encrypted and authenticated secure messages. Boxes operate under the following threat model:
- Messages should be confidential, but it is not a concern that Eve can
determine the length of the message. - The communicating parties have some means of authenticating keys on
their own; that is, this package provides no authentication outside
of the keys themselves. There is no identity bound to a key.
License:
cryptobox is released under the ISC license. See the include LICENSE file for details.
See also:
The Cryptobox project: http://cryptobox.tyrfingr.is/. This site contains the specification, including test vectors, and a guidebook for building secure systems using Cryptobox.