Cryptography

A curated list of cryptography papers, articles, tutorials and howtos.

A curated list of homomorphic encryption libraries, software and resources.

safely store secrets in Git/Mercurial/Subversion.

Previously the Let's Encrypt Client, is EFF's tool to obtain certs from Let's Encrypt, and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.

Cryptographic server for modern web apps.

Multi-platform transparent client-side encryption of your files in the cloud.

Nipe is a script to make Tor Network your default gateway.

sops is an editor of encrypted files that supports YAML, JSON and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault and PGP.

End-to-end encrypt transferred files using sftp/scp and selectively share with others. Automatic key management works with any SSH server. Encrypted files are gpg compatible.

Transparent file encryption in git.

Basic implementations of standard cryptography algorithms, like AES and SHA-1.

Linux Kernel Crypto API User Space Interface Library.

Modern and easy-to-use crypto library.

Fairly comprehensive, modular and portable cryptographic toolkit.

End-to-end encrypted sharing via cloud repository, secure recovery through a viral network of friends in case of key loss.

Small, self-contained and fast open source crypto library. It supports RSA, ECDH, ECIES, ECDSA, AES-GCM, SHA2, SHA3 and Pairing-Based Cryptography.

is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages (C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel space.

TLS/SSL and crypto library.

Great utility for computing hash sums.

Small portable AES128 in C.

Small, fast, portable implementation of TLS/SSL for embedded devices to the cloud.

is a repository that gathers different free and open-source implementations of the cryptographic schemes defined by the Keccak team.

Extremely fast hash algorithm.

Swift wrapper on Themis for iOS and macOS. High level crypto library for storing data (AES), secure messaging (ECC + ECDSA / RSA + PSS + PKCS#7) and session-oriented, forward secrecy data exchange (ECDH key agreement, ECC & AES encryption).

Crypto related functions and helpers for Swift implemented in Swift programming language.

Wrapper for Apple's CommonCrypto library written in Swift.

Swift OpenSSL for macOS and Linux.

Tiny and easy to use Swift class to encrypt strings using HMAC algorithms.

Swift interface to the Sodium library for common crypto operations for iOS and macOS.

Elegant crypto toolkit in Swift.

Modern Cryptography Suite in C++17 (complete applied cryptography suite starting with block ciphers and ending with threshold cryptography, zk proof systems, etc).

Crypto++ Library is a free C++ class library of cryptographic schemes.

Software library that implements homomorphic encryption (HE).

Implementation of the TLS/SSL protocols.

Secure cryptographic library, port of libsodium for .NET.

.NET crypto done right.

Stream encryption & decryption with libsodium and protobuf.

Wrapper for Bouncy Castle.

Fast and easy-to-use Message Digest, Checksum and HMAC library for Clojure.

A Clojure library designed to generate cryptographically strong random numbers suitable for managing data such as passwords, account authentication, security tokens, and related secrets.

Collection of common cryptography functions.

SSH client library for Common Lisp (Built on libssh2).

Cryptographic library for Delphi.

Fast cryptographic routines (hashing and cypher), implementing AES, XOR, RC4, ADLER32, MD5, SHA1, SHA256 algorithms, optimized for speed.

TForge is open-source crypto library written in Delphi, compatible with FPC.

Elixir crypto library to encrypt/decrypt arbitrary binaries.

Cloak makes it easy to use encryption with Ecto.

Password authorization (bcrypt) library for Elixir.

:public_key cryptography wrapper for Elixir.

TEA implementation in Elixir.

Elixir wrapper for Erlang :crypto and :public_key modules. Provides sensible defaults for many crypto functions to make them easier to use.

Use gpg from Elixir.

Erlang library for generating one time passwords compatible with Google Authenticator.

Elixir implementation of the SipHash hash family.

Port of Google's Keyczar cryptography library to Go.

Example source code for the Practical Crypto with Go book.

Advanced crypto library for the Go language.

The Language of Cryptography.

OpenSSL binding for Haskel.

Haskell bindings to Colin Percival's scrypt implementation.

JavaScript implementation of popular cryptographic utilities with performance in mind.

Native implementation of bcrypt for Node.js.

Fast crypto toolkit for modern client-side JavaScript.

Google's common JavaScript library.

Easy-to-use encryption system utilizing RSA and AES for JavaScript.

JavaScript library of crypto standards.

Provide standard and secure cryptographic algorithms for Node.js.

Native implementation of TLS in JavaScript and tools to write crypto-based and network-heavy webapps.

JavaScript Crypto Library provides web developers with an extensive and efficient set of cryptographic functions.

Pure-JavaScript High-level API to Emscripten-compiled libsodium routines.

JavaScript library to perform OpenSSL RSA Encryption, Decryption, and Key Generation.

Fast and dependency-free cryptographic hashing library for Node.js and browsers (supports MD5, SHA1, SHA256, SHA512, RIPEMD, HMAC).

The 'jsrsasign' (RSA-Sign JavaScript Library) is an opensource free cryptography library supporting RSA/RSAPSS/ECDSA/DSA signing/validation.

libsodium compiled to pure JavaScript, with convenient wrappers.

End-to-end encrypted sharing via cloud repository, secure recovery through a viral network of friends in case of key loss.

Minimal implementation of older cryptography algorithms: RSA, DSA, DH, ElGamal.

MCJS is a standards compliant JavaScript cryptographic library with no external dependencies except for the random seed source. Compatible for Node.js and browser. It supports RSA, ECDH, ECIES, ECDSA, AES-GCM, SHA2, SHA3, Pairing-Based Cryptography and New Hope.

cryptographic ciphers, including AES-SIV, Salsa20, ChaCha, Poly1305 and FF1

elliptic curve cryptography, including Weierstrass, Edwards, Montgomery curves, pairings, hash-to-curve, poseidon hash, schnorr, secp256k1, ed25519, ed448, p521, bn254, bls12-381 and others. Also 4kb noble-secp256k1, noble-ed25519

SHA2, SHA3, RIPEMD, BLAKE2/3, HMAC, HKDF, PBKDF2, Scrypt & Argon2id

ML-KEM, ML-DSA, SLH-DSA (CRYSTALS-Kyber, CRYSTALS-Dilithium, Sphincs+) and hybrids

bcrypt for Node.js.

OpenPGP implementation for JavaScript.

Pure JS implementation of the WebCrypto API.

High-performance pure-javascript SHA1 implementation suitable for large binary data, reaching up to half the native speed.

Stanford JavaScript Crypto Library.

A port of TweetNaCl / NaCl for JavaScript for modern browsers and Node.js.

RSA public/private key OpenSSL bindings for Node.

Generalized Diffie-Hellman key exchange Java library for multiple parties built on top of the Vert.x framework.

A small crypto library that provides a safe, simple, agile and fast way to accomplish some common crypto tasks.

Open Source Identity and Access Management For Modern Applications and Services.

Security engine.

A Java user-friendly cryptographic library for hashing and checking passwords with different Key derivation functions (KDFs) and Cryptographic hash functions (CHFs).

Pure Java implementation of the scrypt key derivation function and a JNI interface to the C implementations, including the SSE2 optimized version.

Fluent Builder API for JCA/JSSE objects.

Library that wraps OpenSSL, but also has pure Julia implementations for reference.

Wrapper around the mbed TLS and cryptography C libary.

Julia wrapper around nettle cryptographic hashing/ encryption library providing MD5, SHA1, SHA2 hashing and HMAC functionality, as well as AES encryption/decryption.

Performant, 100% native-julia SHA1, SHA2-{224,256,384,512} implementation.

Collection of cryptographic primitives written in pure Lua.

Lua bindings to OpenSSL.

is a toolbox that implements various cryptographic primitives in C and OCaml.

TLS in pure OCaml.

AES, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, Base64, Hex.

ObjectivePGP is an implementation of OpenPGP protocol for iOS and macOS. OpenPGP is the most widely used email encryption standard.

CCCryptor (AES encryption) wrappers for iOS and Mac.

Laravel Package Abstraction using libsodium.

Library for encrypting data with a key or password in PHP.

TCrypto is a simple and flexible PHP 5.3+ in-memory key-value storage library.

Modern password hashing for your software and your servers.

Framework for rapidly prototyping cryptosystems.

Quantum resistant asymmetric key generation tool for digital signatures.

Easily encrypt data in Django.

An easy-to-use implementation of ECC with support for ECDSA and ECDH.

Implementation of hashids in Python.

An easy, fast lib to correctly password-protect your data.

Self-contained Python package of low-level cryptographic primitives.

Python OpenSSL wrapper. For modern cryptography with ECC, AES, HMAC, Blowfish.

Python binding to the Networking and Cryptography (NaCl) library.

Package for a collection of scrypt cryptographic functions.

Ruby binding for the OpenBSD bcrypt() password hashing algorithm, allowing you to easily store a secure hash of your users' passwords.

Ruby binding to the Networking and Cryptography (NaCl) library.

Authenticated Encryption with Associated Data Algorithms: high-level encryption ciphers.

is official Rust and C implementations of the BLAKE3 cryptographic hash function.

Botan bindings for Rust.

Cryptographically secure online voting.

A pure-Rust, general purpose crypto library that implements libsodium primitives.

Collection of pure Rust elliptic curve implementations: NIST P-224, P-256, P-384, P-521, secp256k1, SM2.

Cryptography-related format encoders/decoders: DER, PEM, PKCS, PKIX.

Collection of cryptographic hash functions written in pure Rust.

is a Rust cryptography library backed by BoringSSL that is difficult to misuse, ergonomic, and performant.

is a Rust library for end-to-end encryption and mutual authentication.

Highly modular & configurable hash & crypto library.

is a cryptography library written in pure Rust. It aims to provide easy and usable crypto while trying to minimize the use of unsafe code.

Collection of password hashing algorithms, otherwise known as password-based key derivation functions, written in pure Rust.

Axolotl protocol implementation, without header keys, in Rust.

is a simple, modern, and secure file encryption tool, using the age format.

A pure-Rust library that implements cryptographic primitives for building a multi-hop Proxy Re-encryption scheme, known as Transform Encryption.

Safe, fast, small crypto using Rust & BoringSSL's cryptography primitives.

Educational, mathematically transparent, well documentated cryptography in rust.

Mostly pure-Rust implementation of various cryptographic algorithms.

OpenSSL bindings for Rust.

Rustls is a new, modern TLS library written in Rust.

Cryptographic signature algorithms: DSA, ECDSA, Ed25519.

Pure Rust implementation of Trevor Perrin’s Noise Protocol.

Sodium Oxide: Fast cryptographic library for Rust (bindings to libsodium).

TLS 1.2 implementation in Rust.

Web PKI TLS X.509 certificate validation in Rust.

Transform encryption library for Scala.

Cryptographic primitives for Scala.

A type-safe, functional, general purpose security and cryptography library.

Bindings to libsodium crypto library for Chicken Scheme.

GnuTLS bindings for GNU Guile.

libssh bindings for GNU Guile.

Motley assortment of cryptographic primitives, OpenSSH, DNS.