Comparison of cryptography libraries

The tables below compare cryptography libraries that deal with cryptography algorithms and have api function calls to each of the supported features.

Cryptography libraries and their origin

Implementation Company Development Language Open Source Software License FIPS 140 validated[1] FIPS 140-2 mode Latest Update Origin
Botan Jack Lloyd C++ Yes Simplified BSD No No 1.11.32 (September 28, 2016 (2016-09-28)[2]) [±]

1.10.13 (April 23, 2016 (2016-04-23)[3]) [±]

USA
Bouncy Castle Legion of the Bouncy Castle Java Yes MIT License No No 1.55 (Java) (August 19, 2016 (2016-08-19) [4]) [±]

1.8.1 (C#) (December 28, 2015 (2015-12-28) [5]) [±]

Australia
cryptlib cryptlib C Yes Sleepycat License and commercial license No[lower-alpha 1] Yes 3.4.3 (March 25, 2016 (2016-03-25) [6]) [±] NZ
Crypto++ Crypto++ C++ Yes Boost Software License 1.0, while the individual files in the compilation are all public domain Yes Yes October 11, 2016 (5.6.5)
Libgcrypt GnuPG community and g10code C Yes GNU LGPL v2.1+ Yes Yes 1.7.3 (August 17, 2016 (2016-08-17)[7]) [±]

1.6.6 (August 17, 2016 (2016-08-17)[8]) [±]
1.5.6 (August 17, 2016 (2016-08-17)[9]) [±]

Germany
libtomcrypt LibTom Projects C Yes Public Domain or WTFPL No Yes Continuous
libsodium Frank Denis C Yes ISC license No No July 31, 2016 (1.0.11) France
Nettle C Yes GNU GPL v2, GNU LGPL v3 No No 3.3 (October 1, 2016 (2016-10-01)[10]) [±] Sweden
OpenSSL The OpenSSL Project C Yes Apache Licence 1.0 or 4-Clause BSD Licence No No 1.1.0c (November 10, 2016 (2016-11-10)[11]) [±]

1.0.2j (September 26, 2016 (2016-09-26)[11]) [±]
1.0.1u (September 22, 2016 (2016-09-22)[11]) [±]

wolfCrypt wolfSSL, Inc. C Yes GPL v2 and commercial license Yes Yes 3.9.10 (September 23, 2016 (2016-09-23)[12]) [±] USA
  1. The actual cryptlib is not FIPS 140 validated, although a validation exists for an adapted cryptlib as part of a third party, proprietary, commercial product.

Key operations

Key operations include key generation algorithms, key exchange agreements and public key cryptography standards.

Key generation and exchange

Implementation EDH DH DSA RSA NTRU DSS ECC
Bouncy Castle No Yes Yes Yes Yes No Yes
cryptlib Yes Yes Yes Yes No Yes Yes
Crypto++ Yes Yes Yes Yes No No Yes
Libgcrypt Yes[lower-alpha 1] Yes Yes Yes No Yes Yes
libsodium No No Yes No No No Yes
Nettle No No Yes Yes No No Yes
wolfCrypt Yes Yes Yes Yes Yes Yes Yes
  1. By using the lower level interface.

Public key cryptography standards

Implementation PKCS#1 PKCS#5 PKCS#8 PKCS#12 IEEE P1363 ASN.1
Bouncy Castle Yes Yes No Yes Yes Yes
cryptlib Yes Yes Yes Yes No Yes
Crypto++ Yes Yes No No Yes Yes
Libgcrypt Yes Yes[lower-alpha 1] Yes[lower-alpha 1] Yes[lower-alpha 1] Yes[lower-alpha 1] Yes[lower-alpha 1]
libsodium No No No No No No
Nettle Yes Yes No No No No
wolfCrypt Yes Yes Yes Yes No Yes
  1. 1 2 3 4 5 These Public Key Cryptographic Standards (PKCS) are supported by accompanying libraries and tools, which are also part of the GnuPG framework, although not by the actual libgcrypt library.

Hash functions

Comparison of supported cryptographic hash functions. At the moment this section also includes ciphers that are used for producing a MAC tag for a message. Here hash functions are defined as taking an arbitrary length message and producing a fixed size output that is virtually impossible to use for recreating the original message.

Implementation MD5 SHA-1 SHA-2 SHA-3 RIPEMD-160 Tiger Whirlpool GOST BLAKE2
Botan Yes Yes Yes Yes Yes Yes Yes Yes Yes
Bouncy Castle Yes Yes Yes Yes Yes Yes Yes Yes Yes
cryptlib Yes Yes Yes Yes Yes No Yes No No
Crypto++ Yes Yes Yes Yes Yes Yes Yes Yes Yes
Libgcrypt Yes Yes Yes Yes Yes Yes Yes Yes No
libsodium No No Yes No No No No No Yes
Nettle Yes Yes Yes Yes Yes No No Yes No
OpenSSL Yes Yes Yes Yes Yes Yes Yes Yes Yes
wolfCrypt Yes Yes Yes Yes Yes No No No Yes

MAC algorithms

Comparison of implementations of message authentication code (MAC) algorithms. A MAC is a short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed in transit (its integrity).

Implementation HMAC-MD5 HMAC-SHA1 HMAC-SHA2 Poly1305-AES BLAKE2-MAC
Botan Yes Yes Yes Yes Yes
Bouncy Castle Yes Yes Yes Yes Yes
cryptlib Yes Yes Yes No No
Crypto++ Yes Yes Yes No Yes
Libgcrypt Yes Yes Yes Yes No
libsodium No No Yes Yes Yes
Nettle Yes Yes Yes Yes No
wolfCrypt Yes Yes Yes Yes Yes

Block ciphers

Table compares implementations of block ciphers. Block ciphers are defined as being deterministic and operating on a set number of bits (termed a block) using a symmetric key. Each block cipher where applicable is broken up into the possible key size and what mode it can be run with, i.e. CBC, CTR.

Implementation AES-128 AES-192 AES-256 AES-CBC AES-ECB AES-GCM AES-CCM AES-CTR Camellia-128, -192 and -256 Camellia GCM and CBC 3DES CBC Blowfish
Bouncy Castle[13] Yes Yes Yes Yes No Yes Yes Yes Yes Yes Yes Yes
cryptlib[14] Yes Yes Yes Yes Yes No No Yes No No Yes Yes
Crypto++[15] Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Libgcrypt Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
libsodium Yes No Yes No No Yes No Yes No No No No
Nettle Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
wolfCrypt Yes Yes Yes Yes Yes Yes Yes Yes Yes No Yes No

Stream ciphers

Table compares implementations of the various stream ciphers. Stream ciphers are defined as using plain text digits that are combined with a pseudorandom cipher digit stream. Stream ciphers are typically faster than block ciphers and may have lower hardware complexity, but may be more susceptible to attacks.

Implementation RC4 HC-128 / HC-256 Rabbit Salsa20 ChaCha SEAL Panama WAKE Grain VMPC ISAAC
Bouncy Castle Yes Yes No Yes Yes No No No Yes Yes Yes
cryptlib Yes No No No No No No No No No No
Crypto++ Yes No No Yes No Yes Yes Yes No No No
Libgcrypt Yes No No Yes Yes No No No No No No
libsodium No No No Yes Yes No No No No No No
Nettle Yes No No Yes Yes No No No No No No
wolfCrypt Yes Yes Yes Yes Yes No No No No No No

Hardware-assisted support

Table compares the ability to utilize hardware enhanced cryptography. With using the assistance of specific hardware the library can achieve faster speeds than otherwise. This is done through hardware that has been designed in such a way as to handle cryptography better.

Implementation PKCS #11 device Intel AES-NI VIA PadLock STM32F2 Cavium NITROX Freescale CAU/mmCAU ARMv8-A Crypto Extension Microchip PIC32MZ
cryptlib Yes No Yes No No No No No
Crypto++ No Yes No No No No No No
Libgcrypt No Yes Yes No No No No No
libsodium No Yes No No No No No No
wolfCrypt No Yes No Yes Yes Yes No Yes

Code size

Implementation Source Code Size

(kSLOC = 1000 lines of source code)

Code Lines to Comment Lines Ratio
Bouncy Castle 1359[16] 5.26[16]
cryptlib 241 2.66
Crypto++ 159[17] 10.1[17]
Libgcrypt 216[18] 6.27[18]
Nettle 111[19] 4.08[19]
libsodium 14 16.0
wolfCrypt 39 5.69

Portability

Implementation Supported Operating System Thread safe
cryptlib AMX, BeOS, ChorusOS, DOS, eCOS, FreeRTOS/OpenRTOS, uItron, MVS, OS/2, Palm OS, QNX Neutrino, RTEMS, Tandem NonStop, ThreadX, uC/OS II, Unix (AIX, FreeBSD, HPUX, Linux, OS X, Solaris, etc.), VDK, VM/CMS, VxWorks, Win16, Win32, Win64, WinCE/PocketPC/etc, XMK Yes
Crypto++ Unix (OpenBSD, Linux, OS X, etc.), Win32, Win64, Android, iOS, ARM
Libgcrypt All 32 and 64 bit Unix Systems (GNU/Linux, FreeBSD, NetBSD, MacOS X etc.), Win32, Win64, WinCE and more Yes[20]
libsodium OS X, Linux, OpenBSD, NetBSD, FreeBSD, DragonflyBSD, Android, iOS, 32 and 64-bit Windows (Visual Studio, MinGW, C++ Builder), NativeClient, QNX, Javascript, AIX, Minix, Solaris Yes
wolfCrypt Win32/64, Linux, Mac OS X, Solaris, ThreadX, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, WinCE, Haiku, OpenWRT, iPhone (iOS), Android, Nintendo Wii and Gamecube through DevKitPro, QNX, MontaVista, NonStop, TRON/ITRON/µITRON, Micrium's µC/OS, FreeRTOS, SafeRTOS, Freescale MQX, Nucleus, TinyOS, HP/UX Yes

References

  1. Validated FIPS 140 Cryptographic Modules, NIST.gov, retrieved 2015-12-22
  2. "Version 1.11.32, 2016-09-28". 2016-09-28. Retrieved 2016-09-02.
  3. "Version 1.10.13, 2016-04-23". 2016-04-23. Retrieved 2016-08-09.
  4. "Latest Java Releases - bouncycastle.org". 2016-08-19. Retrieved 2016-09-03.
  5. "The Legion of the Bouncy Castle C# Cryptography APIs". 2015-12-28. Retrieved 2015-12-29.
  6. "cryptlib 3.4.3 released". 2016-03-25. Retrieved 2016-04-05.
  7. Koch, Werner (2016-08-17). "[Announce] Security fixes for Libgcrypt and GnuPG 1.4" (Mailing list). gnupg-announce. Retrieved 2016-08-18.
  8. Koch, Werner (2016-08-17). "[Announce] Security fixes for Libgcrypt and GnuPG 1.4" (Mailing list). gnupg-announce. Retrieved 2016-08-18.
  9. Koch, Werner (2016-08-17). "[Announce] Security fixes for Libgcrypt and GnuPG 1.4" (Mailing list). gnupg-announce. Retrieved 2016-08-18.
  10. "GNU Nettle". directory.fsf.org. FSF. 24 April 2015.
  11. 1 2 3 "OpenSSL: Newslog". Retrieved 2016-11-10.
  12. "wolfSSL ChangeLog". 2016-09-23. Retrieved 2016-09-23.
  13. Bouncy Castle Specifications, bouncycastle.org, retrieved 2015-11-28
  14. cryptlib Encryption Toolkit, Peter Gutmann, retrieved 2015-11-28
  15. Crypto++ Library, Cryptopp.com, retrieved 2015-11-28
  16. 1 2 Language Analysis of Bouncy Castle, OpenHub.net, retrieved 2015-12-23
  17. 1 2 Language Analysis of Crypto++, OpenHub.net, retrieved 2015-12-23
  18. 1 2 Language Analysis of Libgcrypt, OpenHub.net, retrieved 2015-12-23
  19. 1 2 Language Analysis of Nettle, OpenHub.net, retrieved 2015-12-23
  20. GnuPG documentation: Libgcrypt overview - thread safety, GnuPG.org, retrieved 2016-04-16

External links

This article is issued from Wikipedia - version of the 11/29/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.