SC4 is a secure communications system specifically designed for (relatively) easy auditability by way of a ruthless commitment to simplicity. SC4 provides the functional equivalent of PGP from the end-user's point of view, but implements it in two order of magnitude less code. The cryptographic core of SC4 is Daniel J. Bernstein's TweetNaCl library (<800 LOC). On top of this we have a variety of UI implementations ranging from 1000 to 5000 LOC. One of these has completed a formal audit to date.
This repository documents how to implement custom FIDO2 extensions. It contains supplementary material to our paper at ETAA 2021. We describe how to implement extensions on all parts of the FIDO2 stack: On the relying party (website), on the client (browser), and on the authenticator (hardware token).
Need to encode, transmit, or store encrypted or signed data? saltpack is a streamlined, modern solution, designed with simplicity in mind. It is easy to implement & integrate. We've made few crypto decisions and instead leave almost all of the heavy lifting to the NaCl library.
saltpack is a binary message format, encoded using the MessagePack format. Messages are broken up into reasonable (1MB) chunks, over which regular NaCl operations are performed. We have taken pains to address many of the shortcomings of current message formats: (1) only authenticated data is output; (2) repudiable authentication is used wherever possible; (3) chunks cannot be reordered or combined with other transmissions; (4) the public keys of senders and recipients can be hidden; and (5) message truncation is detectable.
Small. Sloccount counts under 2000 lines of code, small enough to allow audits. The binaries can be under 50KB, small enough for many embedded targets.
Easy to deploy. Just add monocypher.c and monocypher.h to your project. They compile as C99 or C++ and are dedicated to the public domain (CC0-1.0, alternatively 2-clause BSD).
Portable. There are no dependencies, not even on libc.
Honest. The API is small, consistent, and cannot fail on correct input.
Direct. The abstractions are minimal. A developer with experience in applied cryptography can be productive in minutes.
Fast. The primitives are fast to begin with, and performance wasn't needlessly sacrificed. Monocypher holds up pretty well against Libsodium, despite being closer in size to TweetNaCl. (More detailed benchmark)