Skip to content
An encryption driver/stack to create a multi-layer encrypted workflow in Node.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Version License Author


A nice multi-stack encryption module. Supports several levels of encryption, not that it's really neccessary. By default, the stack size is 3, utilising Blowfish with a 442-bit IV for each layer.


It's simple, just install it from npm. No external dependencies, should automatically install any additional npm packages.

npm i encrypt-stack

How to use

The module exports a class you can use for you key exchange, encryption and decryption. You can also specify your own encryption method to use, or a different key exchange protocol. By default, it's set to 'bf-cbc' and 'secp521r1'. Preferably, the key exchange would be Curve25519 (X25519), however 'secp521r1' is still not bad by any means. The encryption and key exchange method must be a string, referring to any supported NodeJS Crypto method respectively.

new EncryptionStack([stack size], [encryption method], [key exchange method])

Below is a simple alice and bob example of how the stack is used. Stack can be set to 1 to use just a single, simple encryption driver. However, it could also be set as high as 100 for some insane reason if you think that's a good idea.

const EncryptionStack = require("encrypt-stack");

const alice = new EncryptionStack();
const bob = new EncryptionStack();


const e = alice.encrypt("hello world"); // hex encrypted data of "hello world"
const d = bob.decrypt(e); // returns the original "hello world" string, if everything went well

const h = alice.hash("some data"); // returns a sha512 hash of "some data"


I ran some super simple benchmarks, there's probably a better way of doing it, but it still produced some reasonable results. The number inside the brackets is the stack size, the first timing is the total stack time (for both clients), the second is the estimated time experienced by a single client (on key generation and single element encryption).

[1] 30ms : 15ms
[2] 50ms : 25ms
[3] 79ms : 39.5ms
[4] 106ms : 53ms
[5] 126ms : 63ms
[6] 154ms : 77ms
[7] 179ms : 89.5ms
[8] 202ms : 101ms
[9] 226ms : 113ms
[10] 254ms : 127ms
[11] 276ms : 138ms
[12] 316ms : 158ms
[13] 345ms : 172.5ms
[14] 410ms : 205ms
[15] 487ms : 243.5ms
[16] 627ms : 313.5ms
[17] 875ms : 437.5ms
[18] 1391ms : 695.5ms
[19] 2342ms : 1171ms
[20] 4236ms : 2118ms
You can’t perform that action at this time.