인디노트

Comparison of cryptography libraries 본문

인증기술/PKI 기술

Comparison of cryptography libraries

인디개발자 2018. 10. 5. 09:31

Comparison of cryptography libraries

From Wikipedia, the free encyclopedia
Jump to navigationJump to search

The tables below compare cryptography libraries that deal with cryptography algorithms and have API function calls to each of the supported features.

Cryptography libraries[edit]

ImplementationCompanyDevelopment LanguageOpen SourceSoftware LicenseFIPS 140 validated[1]FIPS 140-2 modeLatest Update
ACE[2]Allegro Software Development Corporation[3]CNoCommercial licenseYesYesJuly 12, 2018 (6.31)
BotanJack LloydC++YesSimplified BSDNoNo2.7.0 (July 2, 2018; 2 months ago[4]) [±]
Bouncy CastleLegion of the Bouncy Castle Inc.Java, C#YesMIT LicenseYesYes
Java1.60 / June 30, 2018; 2 months ago[5]
Java FIPSBC-FJA 1.0.1 / March 15, 2018; 6 months ago[6]
C#1.8.3 / August 11, 2018; 49 days ago[7]
C# FIPSBC-FNA 1.0.1 / December 28, 2016; 20 months ago[8]
CryptoComplySafeLogicJava, CNoCommercial licenseYesYesContinuous
cryptlibPeter GutmannCYesSleepycat License or commercial licenseNo[a]Yes3.4.4 (January 10, 2018; 8 months ago [9])[±]
Crypto++The Crypto++ projectC++YesBoost Software License (all individual files are public domain)NoNoApril 8, 2018 (7.0.0)
Moved to FIPS 140 Historical Validation List[b]
GnuTLSNikos Mavrogiannopoulos, Simon JosefssonCYesGNU LGPL v2.1+YesYes
stable3.5.19 / July 16, 2018; 2 months ago[10]
stable-next3.6.3 / July 16, 2018; 2 months ago[10]
LibgcryptGnuPG community and g10codeCYesGNU LGPL v2.1+YesYes1.8.3 (June 13, 2018; 3 months ago[11]) [±]

1.7.10 (June 13, 2018; 3 months ago[12])[±]

libsodiumFrank DenisCYesISC licenseNoNoDecember 13, 2017 (1.0.16)
libtomcryptLibtom ProjectsCYesPublic domain or WTFPLNoYesJanuary 22, 2018 (1.18.1)/Continuous
NaCLDaniel J. Bernstein, Tanja Lange, Peter SchwabeCYesPublic domainNoNoFebruary 21, 2011[13]
NettleCYesGNU GPL v2+ or GNU LGPL v3NoNo3.4 (November 19, 2017; 10 months ago[14]) [±]
Network Security ServicesMozillaCYesMPL 2.0Yes[15]Yes3.38 (June 22, 2018; 3 months ago[16]) [±]
OpenSSLThe OpenSSL ProjectCYesApache Licence 1.0 and 4-Clause BSD LicenceYesYes1.1.1 (LTS) (September 11, 2018; 18 days ago[17]) [±]

1.0.2p (August 14, 2018; 46 days ago[17])[±]

SafeZone FIPS LibInside SecureCNoCommercial licenseYesYes1.1.0[18]
wolfCryptwolfSSL, Inc.CYesGPL v2 or commercial licenseYesYes3.15.3 (June 22, 2018; 3 months ago[19])[±]
  1. Jump up^ The actual cryptlib is not FIPS 140 validated, although a validation exists for an adapted cryptlib as part of a third party, proprietary, commercial product.
  2. Jump up^ Crypto++ received three FIPS 140 validations from 2003 through 2008. In 2016 NIST moved Crypto++ to the Historical Validation List. The move effectively revokes the FIPS validation and federal agencies cannot use the module for validated cryptography.

Key operations[edit]

Key operations include key generation algorithms, key exchange agreements and public key cryptography standards.

Key generation and exchange[edit]

ImplementationECDHDHDSARSAElGamalNTRUDSS
BotanYesYesYesYesYesNoYes
ACEYesYesYesYesNoNoNo
Bouncy CastleYesYesYesYesYesYesYes
CryptoComplyYesYesYesYesYesYesYes
cryptlibYesYesYesYesYesNoYes
Crypto++YesYesYesYesYesNoYes
LibgcryptYes[a]YesYesYesYesNoYes
libsodiumNoYesYesNo
NoNo
NettleNoNoYesYes
NoNo
OpenSSLYesYesYesYesNoNoNo
SafeZone FIPS LibYesYesYesYesNoNoNo
wolfCryptYesYesYesYes
YesYes
libtomcryptYesYesYesYesNoNoNo
  1. Jump up^ By using the lower level interface.

Elliptic curve cryptography (ECC) support[edit]

ImplementationNISTSECGECC BrainpoolECDSAECDHCurve25519EdDSAGOST R 34.10
BotanYesYesYesYesYesYesYesYes
ACEYesNoNoYesYesNoNoNo
Bouncy CastleYesYesYesYesYesYes
Yes
CryptoComplyYesYesYesYesYesYesYesYes
cryptlibYesYesYesYesYes
Crypto++YesYesYesYesYesYesNoNo
LibgcryptYesYesYesYesYesYesYesYes
libsodiumYes
YesYes
NettleYes
NoNo
OpenSSLYesYesYesYesYesYesYesYes
SafeZone FIPS LibYes
YesYes
wolfCryptYes
YesYes

Public key cryptography standards[edit]

ImplementationPKCS#1PKCS#5PKCS#8PKCS#12IEEE P1363ASN.1
ACEYesYesYesNoNoYes
BotanYesYesYesNoYesYes
Bouncy CastleYesYesYesYesYesYes
CryptoComplyYesYesYesYesYesYes
cryptlibYesYesYesYesNoYes
Crypto++YesYesYes[a]NoYesYes
LibgcryptYesYes[b]Yes[b]Yes[b]Yes[b]Yes[b]
libsodiumNoNoNoNoNoNo
NettleYesYesNoNoNoNo
OpenSSLYesYesYesYesNoYes
wolfCryptYesYesYesYesNoYes
libtomcryptYesYesYesNoNoYes
  1. Jump up^ The library offers X.509 and PKCS #8 encoding without PEM by default. For PEM encoding of public and private keys the PEM Pack is needed.
  2. Jump up to:a b c d e These Public Key Cryptographic Standards (PKCS) are supported by accompanying libraries and tools, which are also part of the GnuPG framework, although not by the actual libgcrypt library.

Hash functions[edit]

Comparison of supported cryptographic hash functions. At the moment this section also includes ciphers that are used for producing a MAC tag for a message. Here hash functions are defined as taking an arbitrary length message and producing a fixed size output that is virtually impossible to use for recreating the original message.

ImplementationMD5SHA-1SHA-2SHA-3RIPEMD-160TigerWhirlpoolGOSTStribogBLAKE2
ACEYesYesYesYesNoNoNoNoNoNo
BotanYesYesYesYesYesYesYesYesYesYes
Bouncy CastleYesYesYesYesYesYesYesYesYesYes
CryptoComplyYesYesYesYesYesYesYesYesYesYes
cryptlibYesYesYesYesYesNoYesNoNoNo
Crypto++YesYesYesYesYesYesYesYesNoYes
LibgcryptYesYesYesYesYesYesYesYesYesYes
libsodiumNoNoYesNoNoNoNoNoNoYes
NettleYesYesYesYesYesNoNoYes
No
OpenSSLYesYesYesYesYesYesYesYes
Yes
wolfCryptYesYesYesYesYesNoNoNo
Yes
libtomcryptYesYesYesYesYesYesYesNoNoYes

MAC algorithms[edit]

Comparison of implementations of message authentication code (MAC) algorithms. A MAC is a short piece of information used to authenticate a message—in other words, to confirm that the message came from the stated sender (its authenticity) and has not been changed in transit (its integrity).

ImplementationHMAC-MD5HMAC-SHA1HMAC-SHA2Poly1305-AESBLAKE2-MAC
ACEYesYesYesNoNo
BotanYesYesYesYesYes
Bouncy CastleYesYesYesYesYes
CryptoComplyYesYesYesYesYes
cryptlibYesYesYesNoNo
Crypto++YesYesYesYesYes
LibgcryptYesYesYesYesYes
libsodiumNoNoYesYesYes
NettleYesYesYesYesNo
OpenSSLYesYesYesYesYes
wolfCryptYesYesYesYesYes
libtomcryptYesYesYesYesYes

Block ciphers[edit]

Table compares implementations of block ciphers. Block ciphers are defined as being deterministic and operating on a set number of bits (termed a block) using a symmetric key. Each block cipher can be broken up into the possible key sizes and block cipher modes it can be run with.

Block cipher algorithms[edit]

ImplementationAESCamellia3DESBlowfishTwofishCAST5IDEAGOST 28147-89ARIA
ACEYesNoYesNoNoNoNoNoNo
BotanYesYesYesYesYesYesYesYesYes
Bouncy Castle[25]YesYesYesYesYesYesYesYesYes
CryptoComplyYesYesYesYesYesYesYesYes
cryptlib[26]YesNoYesYes
YesYes
Crypto++YesYesYesYesYesYesYesYes[a]Yes
LibgcryptYesYesYesYesYesYesYesYes
libsodiumYes[b]NoNoNo
NettleYesYesYesYes
OpenSSLYesYesYesYesNoYesYesYesYes
wolfCryptYesYesYesNo
Yes
libtomcryptYesYesYesYesYesYesNoNo
  1. Jump up^ Crypto++ provides the 64-bit version of GOST from the 1990s. The library does not provide the 128-bit version of GOST from 2015.
  2. Jump up^ libsodium provides AES-256 only. It does not offer AES-128 or AES-192.

Cipher modes[edit]

ImplementationECBCBCOFBCFBCTRCCMGCMOCBXTSAES-WrapStream
ACEYesYesYesYesYesYesYesYesYesYesYes
BotanNoYesYesYesYesYesYesYesYesYesYes
Bouncy CastleYesYesYesYesYesYesYesYes
YesYes
CryptoComplyYesYesYesYesYesYesYesYesYesYesYes
cryptlibYesYesYesYes
NoYes
Crypto++YesYesYesYesYesYesYesNoNoNoYes
LibgcryptYesYesYesYesYesYesYesYesYesYesYes
libsodiumNoNo
YesNoYes
NettleYesYes
YesYesYes
OpenSSLYesYesYesYesYesYesYesYesYesYesYes
wolfCryptYesYes
YesYesYes
libtomcryptYesYesYesYesYesYesYesYesYesNoYes

Stream ciphers[edit]

Table compares implementations of the various stream ciphers. Stream ciphers are defined as using plain text digits that are combined with a pseudorandom cipher digit stream. Stream ciphers are typically faster than block ciphers and may have lower hardware complexity, but may be more susceptible to attacks.

ImplementationRC4HC-256RabbitSalsa20ChaChaSEALPanamaWAKEGrainVMPCISAAC
ACEYesNoNoNoNoNoNoNoNoNoNo
BotanYesNoNoYesYesNoNoNoNoNoNo
Bouncy CastleYesYesNoYesYesNoNoNoYesYesYes
CryptoComplyYesYesNoYesYesNoNoNoYesYesYes
cryptlibYesNoNoNoNoNoNoNoNoNoNo
Crypto++YesYesYesYesYesYesYesYesNoNoNo
LibgcryptYesNoNoYesYesNoNoNoNoNoNo
libsodiumNoNoNoYesYesNoNoNoNoNoNo
NettleYesNoNoYesYesNoNoNoNoNoNo
OpenSSLYesNoNoNoYesNoNoNoNoNoNo
wolfCryptYesYesYesYesYesNoNoNoNoNoNo
libtomcryptYesNoNoNoYesNoNoNoNoNoNo

Hardware-assisted support[edit]

Table compares the ability to utilize hardware enhanced cryptography. With using the assistance of specific hardware the library can achieve faster speeds and / or improved security than otherwise.

SmartcardSIM and HSM protocol support[edit]

ImplementationPKCS #11PC/SCCCID
ACENoNoNo
BotanYesNoNo
Bouncy CastleYes [a]
CryptoComplyYes
cryptlibYes
Crypto++No
LibgcryptYes [29]Yes [30]Yes [31]
libsodiumNo
OpenSSL
wolfCryptYes
libtomcryptNo
  1. Jump up^ In conjunction with the PKCS#11 provider, or through the implementation of operator interfaces providing access to basic operations.

General purpose CPU / platform acceleration support[edit]

ImplementationAES-NISSSE3 / SSE4.1AVX / AVX2RdRandVIA PadLockIntel QuickAssistAltiVec[a]ARMv7-A NEONARMv8-A
ACEYesNoNoNoNoNo
NoNo
BotanYesYesYesYesNoNoYesYesYes
CryptoComplyYesYesYesYesYesNo
YesYes
cryptlibYesYesYesYesYesNo
No
Crypto++YesYesYesYesYes[b]NoYesYesYes
Libgcrypt[33]YesYesYesYesYesNoNoYesYes
libsodiumYesYesYes
NoNo
No
OpenSSLYesYesYesYes[c]YesNoYesYesYes
wolfCryptYes
YesYesNoYes[34]
Yes[35]
  1. Jump up^ AltiVec includes POWER4 through POWER8 SIMD processing. POWER8 added in-core crypto, which provides accelerated AES, SHA and PMUL similar to SSE and ARMv8.1.
  2. Jump up^ Crypto++ provides access to the Padlock random number generator. Other functions, like AES acceleration, is not provided.
  3. Jump up^ OpenSSL RDRAND support is provided through the ENGINE interface. The RDRAND generator is not used by default.

Microcontrollers' cryptographic accelerator support[edit]

ImplementationSTM32F2STM32F4Cavium NITROXFreescale CAU/mmCAUMicrochip PIC32MZAtmel ATECC508ATI TivaC SeriesCubeMXNordic nRF51
wolfCryptYesYesYesYesYesYes[39]Yes[40]YesYes

Code size and code to comment ratio[edit]

ImplementationSource Code Size

(kSLOC = 1000 lines of source code)

Code Lines to Comment Lines Ratio
ACE583.20
Botan133[41]4.55[41]
Bouncy Castle1359[42]5.26[42]
cryptlib2412.66
Crypto++115[43]5.74[43]
Libgcrypt216[44]6.27[44]
libsodium44[45]21.92[45]
libtomcrypt76[46]3.98[46]
Nettle111[47]4.08[47]
OpenSSL472[48]4.41[48]
wolfCrypt395.69

Portability[edit]

ImplementationSupported Operating SystemThread safe
ACEUnix, Windows, and moreYes
BotanLinux, Windows, macOS, Android, iOS, FreeBSD, NetBSD, OpenBSD, DragonflyBSD, AIX, QNX, Haiku, IncludeOSYes
Bouncy CastleGeneral Java API: J2ME, Java Runtime Environment 1.1+, Android. Java FIPS API: Java Runtime 1.5+, Android. C# API (General & FIPS): CLR 4.
CryptoComplyLinux (RHEL, CentOS, Debian, Ubuntu, etc.), Windows, iOS, Android, FreeBSD, macOS, Solaris, Java Runtime EnvironmentYes
cryptlibAMX, ARINC 653, BeOS, ChorusOS, CMSIS-RTOS/mbed-rtos, DOS, DOS32, eCOS, embOS, FreeRTOS/OpenRTOS, uItron, MQX, MVS, Nucleus, OS/2, Palm OS, QNX Neutrino, RTEMS, SMX, Tandem NonStop, Telit, ThreadX, uC/OS II, Unix (AIX, FreeBSD, HP-UX, Linux, macOS, Solaris, etc.), VDK, VM/CMS, VxWorks, Win16, Win32, Win64, WinCE/PocketPC/etc, XMKYes
Crypto++Unix (AIX, OpenBSD, Linux, MacOS, Solaris, etc.), Win32, Win64, Android, iOS, ARMYes[a]
LibgcryptAll 32 and 64 bit Unix Systems (GNU/Linux, FreeBSD, NetBSD, macOS etc.), Win32, Win64, WinCE and moreYes[49]
libsodiummacOS, Linux, OpenBSD, NetBSD, FreeBSD, DragonflyBSD, Android, iOS, 32 and 64-bit Windows (Visual Studio, MinGW, C++ Builder), NativeClient, QNX, JavaScript, AIX, MINIX, SolarisYes
OpenSSLSolaris, IRIX, HP-UX, MPE/iX, Tru64, Linux, Android, BSD (OpenBSD, NetBSD, FreeBSD, DragonflyBSD), NextSTEP, QNX, UnixWare, SCO, AIX, 32 and 64-bit Windows (Visual Studio, MinGW, UWIN, CygWin), UEFI, macOS (Darwin), iOS, HURD, VxWorks, uClinux, VMS, DJGPP (DOS), HaikuYes
wolfCryptWin32/64, Linux, macOS, Solaris, ThreadX, VxWorks, FreeBSD, NetBSD, OpenBSD, embedded Linux, WinCE, Haiku, OpenWRT, iPhone (iOS), Android, Nintendo Wii and Gamecube through DevKitPro, QNX, MontaVista, NonStop, TRON/ITRON/µITRON, Micrium's µC/OS, FreeRTOS, SafeRTOS, Freescale MQX, Nucleus, TinyOS, HP-UXYes
libtomcryptMost 32 and 64 bit Systems (GNU/Linux, FreeBSD, macOS, Windows and more)Yes
  1. Jump up^ Crypto++ is thread safe at the object level, meaing there is no shared data among instances. If two different threads access the same object then the user is responsible for locking.

References[edit]

  1. Jump up^ Validated FIPS 140 Cryptographic Modules, NIST.gov, retrieved 2015-12-22
  2. Jump up^ "Allegro Cryptography Engine – ACE™". Retrieved 2018-06-15.
  3. Jump up^ "Allegro Software Development Corporation". Retrieved 2018-05-23.
  4. Jump up^ "Botan: Newslog". Retrieved 6 July 2018.
  5. Jump up^ "Latest Java Releases - bouncycastle.org". 2018-06-30. Retrieved 2018-07-28.
  6. Jump up^ "Java FIPS Resources - bouncycastle.org". 2018-03-15. Retrieved 2018-04-10.
  7. Jump up^ "The Legion of the Bouncy Castle C# Cryptography APIs". 2018-08-11. Retrieved 2018-08-11.
  8. Jump up^ "C# .NET FIPS Resources - bouncycastle.org". 2016-11-11. Retrieved 2017-08-28.
  9. Jump up^ "cryptlib 3.4.4 released". 2018-01-10.
  10. Jump up to:a b "GnuTLS". Retrieved 17 July 2018.
  11. Jump up^ "Release 1.8.3"dev.gnupg.org. 2018-06-13. Retrieved 2018-06-13.
  12. Jump up^ "Release 1.7.10"dev.gnupg.org. 2018-06-13. Retrieved 2018-06-13.
  13. Jump up^ Downloading and installing NaCl, Bernstein, Lange, Schwabe, retrieved 2017-05-22
  14. Jump up^ "GNU Nettle"directory.fsf.orgFSF. 24 April 2015.
  15. Jump up^ "FIPS"Mozilla Foundation. 2012-02-01. Archived from the original on 2013-05-02. Retrieved 2013-05-17.
  16. Jump up^ "NSS Releases". Retrieved 27 June 2018.
  17. Jump up to:a b "OpenSSL: Newslog". Retrieved 2018-09-22.
  18. Jump up^ Certificate #2389
  19. Jump up^ "wolfSSL ChangeLog". 2018-06-22. Retrieved 2018-06-22.
  20. Jump up^ Bouncy Castle Specifications, bouncycastle.org, retrieved 2018-04-10
  21. Jump up^ cryptlib Encryption ToolkitPeter Gutmann, retrieved 2015-11-28
  22. Jump up^ With Scute, scute.org
  23. Jump up^ With GnuPG's SCdaemon & gpg-agent, gnupg.org
  24. Jump up^ With GnuPG's SCdaemon & gpg-agent, gnupg.org
  25. Jump up^ hwfeatures.c, git.gnupg.org
  26. Jump up^https://www.wolfssl.com/wolfSSL/Blog/Entries/2017/1/18_wolfSSL_Asynchronous_Intel_QuickAssist_Support.html
  27. Jump up^https://www.wolfssl.com/wolfSSL/Blog/Entries/2016/10/13_wolfSSL_ARMv8_Support.html
  28. Jump up^ https://www.wolfssl.com/wolfSSL/wolfssl-atmel.html
  29. Jump up^http://processors.wiki.ti.com/index.php/Using_wolfSSL_with_TI-RTOS
  30. Jump up to:a b Language Analysis of Botan, OpenHub.net, retrieved 2018-07-18
  31. Jump up to:a b Language Analysis of Bouncy Castle, OpenHub.net, retrieved 2015-12-23
  32. Jump up to:a b Language Analysis of Crypto++, OpenHub.net, retrieved 2018-07-18
  33. Jump up to:a b Language Analysis of Libgcrypt, OpenHub.net, retrieved 2015-12-23
  34. Jump up to:a b Language Analysis of libsodium, OpenHub.net, retrieved 2017-05-07
  35. Jump up to:a b Language Analysis of libtomcrypt, OpenHub.net, retrieved 2018-02-12
  36. Jump up to:a b Language Analysis of Nettle, OpenHub.net, retrieved 2015-12-23
  37. Jump up to:a b Language Analysis of OpenSSL, OpenHub.net, retrieved 2017-05-07
  38. Jump up^ GnuPG documentation: Libgcrypt overview - thread safety, GnuPG.org, retrieved 2016-04-16

External links[edit]


반응형

'인증기술 > PKI 기술' 카테고리의 다른 글

리눅스 환경에서 OpenSSL 설치 및 gcc 컴파일 옵션  (0) 2018.10.05
OpenSSL 컴파일(compile) & 빌드(build)  (0) 2018.10.05
jscep  (0) 2018.09.28
오픈소스 PKI 문서 - 서지  (0) 2018.09.27
오픈소스 PKI 문서 - 어휘  (0) 2018.09.27
'인증기술/PKI 기술' Related Articles more
Comments