NaCl, but heavier.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
box
scalarmult
secretbox
sign
stream
utils
.gitignore
LICENSE
README.md
doc.go

README.md

KCl - NaCl, but heavier.

Yawning Angel (yawning at schwanenlied dot me)

KCl is a NaCl inspired grab bag of cryptography. People probably should use NaCl instead of KCl, unless you need things that only KCl can provide.

Why:

  • This library should be easier to use correctly than the other random grab bags of cryptography.
  • The NaCl box constructs really should be defined in terms of XChaCha20 rather than XSalsa20, since ChaCha20 can be faster, and has better diffusion.
  • GCM-AES makes me really sad, because it's a NIST standard, and those people are in league with the NSA, who keep hacking my air-gapped boxes with directed piezoelectric ultrasound attacks from their top secret satellites.

Provided:

  • kcl/sign: crypto_sign_edwards25519sha512batch
  • kcl/scalarmult: crypto_scalarmult_curve25519
  • kcl/box: crypto_box_curve25519_xchacha20poly1305
  • kcl/secretbox: crypto_secretbox_xchacha20poly1305
  • kcl/stream: crypto_stream_chacha20, crypto_stream_xchacha20

Dependencies:

Notes:

  • Performance isnt that great because the ChaCha20 implementation is in pure Go, isn't all that optimized, and implements cipher.Stream. If it needs to be faster, optimize kcl/stream/chacha20.go.

Things you should use instead: