#authenticated-encryption #key-derivation #chacha20 #secure-password #encryption-key #cha-cha20-poly1305 #secure-random

bin+lib noxs

A library for authenticated encryption (ChaCha20-Poly1305) with password-based key derivation (Argon2id)

1 stable release

1.2.0 Aug 9, 2024

#1920 in Cryptography

MIT license

135KB
696 lines

NoXS

  • Command line tool & library for authenticated encryption with password-based key derivation

Key derivation: Argon2id

  • Parameters: iterations = 2, memory = 1024*256, parallelism = 2
  • Input: password, secure random salt (16 bytes)
  • Output: key (32 bytes)

Authenticated encryption: ChaCha20-Poly1305

  • Input: key (32 bytes), nonce (last 12 bytes from salt), plaintext (n bytes)
  • Output: version 0x01 (1 byte) || salt (16 bytes) || ciphertext (n bytes) || authentication tag (16 bytes) image

Usage

With interaction (password prompt)

  • noxs <command> <in_file> <out_file>

Without interaction (password from file)

  • noxs <command> <in_file> <out_file> <password_file>

Commands

  • e = encrypt
  • ea = encrypt & base64-encode
  • d = decrypt
  • da = base64-decode & decrypt

Build with Rust and install to /usr/local/bin

  • rust_build_install

OR build with Swift and install to /usr/local/bin

  • swift_build_install_macos
  • swift_build_install_linux

Dependencies

~4–16MB
~146K SLoC