Secure by default encryption for .NET
Latest commit 8e06ce0 Dec 13, 2015 @adamcaudill Update credits.
Failed to load latest commit information.
SmartEncryption.Tests Update docs and add overload Dec 12, 2015
SmartEncryption Update docs and add overload Dec 12, 2015
.editorconfig Add .editorconfig May 30, 2015
.gitattributes Add .gitattributes May 30, 2015
.gitignore Initial commit Jan 13, 2015
LICENSE Initial commit Jan 13, 2015
SmartEncryption.sln Switch solution to .NET 4, add first unit test, etc May 19, 2015


An opinionated, secure-by-default, does-the-right-thing modern cryptography library.


Experimental. As this library is still in development, it shouldn't be used for production systems. A design and implementation audit is being planned.


Symmetric Encryption -

AES-GCM, 256-bit key, 96-bit nonce, 128-bit tag. Performed via CLR Security, as .NET doesn't currently have a native wrapper for this functionality. Data will be returned in the following format:

version[1] || nonce[12] || tag[16] || data[length - 29]

Asymmetric Encryption - SmartEncryption.Asymmetric.Encrypt()

Curve25519/XSalsa20/Poly1305 based public-key encryption. Random keys can be generated via the SmartEncryption.Asymmetric.GenerateKeyPair() method.

Output format:

version[1] || nonce[24] || data[length - 25]

Fast Hashing - SmartEncryption.Hashing.FastHash()

High-speed hashing via BLAKE2b.

Password Hashing SmartEncryption.Hashing.PasswordHash()

Safe password hashing using scrypt. Hashes are returned as a string that can be safely stored in a database, and can be verified via the SmartEncryption.Hashing.ValidatePasswordHash() function.

Key Derivation - SmartEncryption.KeyDerivation.DeriveKey()

In addition to password hashing, scrypt is exposed for use as a secure key derivation function.


This library depends on:


This project is licensed under the MIT license, see the LICENSE file for more details.