Pure Lua Crypto
Lua
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
LICENSE
README.md
aead_chacha_poly.lua
base58.lua
base64.lua
bin.lua
chacha20.lua
checksum.lua
ec25519.lua
poly1305.lua
rabbit.lua
rc4.lua
sha2.lua
sha3.lua
test_aead_chacha_poly.lua
test_base58.lua
test_base64.lua
test_bin.lua
test_chacha20.lua
test_checksum.lua
test_ec25519.lua
test_perf.lua
test_poly1305.lua
test_rabbit.lua
test_rc4.lua
test_sha2.lua
test_sha3.lua
test_xtea.lua
xtea.lua

README.md

PLC - Pure Lua Crypto

A small collection of crpytographic functions, and related utilities, implemented in pure Lua (version 5.3 or above)

Recent changes

2015-10-09 — Added Rabbit, a very fast stream encryption algorithm.

Objective

Collect in one place standalone implementation of well-known, and/or useful, and/or interesting cryptographic algorithms.

Users should be able to pickup any file and just drop it in their project:

  • All the files are written in pure Lua, version 5.3 and above (tested on 5.3.1). Lua 5.3 is required since bit operators and string pack/unpack are extensively used.

  • The files should not require any third-party library or C extension beyond the standard Lua 5.3 library.

  • The files should not define any global. When required, they should just return a table with the algorithm's functions and constants.

Contributions, fixes, bug reports and suggestions are welcome.

What this collection is not:

  • a complete, structured cryptographic library - no promise is made about consistent API structure and documentation. This is not a library - just a collection of hopefully useful snippets of crypto source code.

  • high performance, heavy-duty cryptographic implementations -- after all, this is pure Lua... :-)

  • memory-efficient implementations (see above)

  • memory-safe algorithms -- Lua immutable strings are used and garbage-collected as needed. No guarantee is made that information, and in particular key material, is properly erased when no longer needed or do not leak.

Functions

  • RC4 - for lightweight, low strength encryption. Can also be used as a simple pseudo-random number generator.

  • Rabbit, a very fast stream cipher, selected in the eSTREAM portfolio along with Salsa20, and defined in RFC 4503 (see informations and links in rabbit.lua)

  • Chacha20, Poly1305 and authenticated stream encryption, as defined in RFC 7539

  • Elliptic curve cryptography: ec25519 (only low-level functions for the moment - barely enough to implement ECDH key exchange)

  • SHA2 cryptographic hash family (only sha256 for the moment)

  • SHA3 cryptographic hash family (formerly known as Keccak - 256-bit and 512-bit versions)

  • Non-cryptographic checksums (CRC-32, Adler-32), ...

Some (un)related utilities:

  • Base64, Base58 and Hex encoding/decoding

Implementations to come:

  • Salsa20 stream encryption (should be close to the Chacha20 implementation)

  • NaCl - Dan Bernstein et al' Salsa20-Poly1305 authenticated stream encryption plus public key encryption based on elliptic curve ec25519, including ECDH key exchange, with a high level API (box(), secretbox())

  • SHA2-512

What may come someday:

  • better documentation in each file :-)

  • AES, MD5, SHA1, RIPEMD-160, maybe DES/3DES (for old stuff)

What is not in the cards (except if some nice implementation is graciously contributed!):

  • Arbitrary length integer arithmetic

  • RSA (-- rather focusing on ec25519 for public key and key exchange)

  • All the NIST suite B ECC algorithms

Test vectors, tests, and disclaimer

Some simplistic tests are provided in the 'test' directory.

The implementations should pass the tests, but beyond that, there is no guarantee that these implementations conform to anything :-) -- Use at your own risk!

License

Except for some third-party implementations distributed under their specific terms, all the files included here are distributed under the MIT License (see file LICENSE)

Copyright (c) 2015 Phil Leblanc