Presented at
ShmooCon XI (2015),
Jan. 17, 2015, 3 p.m.
(60 minutes).
NaCl (pronounced "salt") is a new easy-to-use high-speed software library for encryption, decryption, signatures, etc. NaCl's goal is to provide all of the core operations needed to build higher-level cryptographic tools. Of course, other libraries already exist for these core operations, but NaCl improves security, improves usability, and improves speed. We'll explain how the design and implementation of NaCl avoid various types of cryptographic disasters suffered by previous cryptographic libraries such as OpenSSL.
This talk also presents TweetNaCl, a self-contained public-domain C library which reimplements the NaCl library in just 100 tweets. See https://twitter.com/tweetnacl.
Presenters:
-
Daniel J. Bernstein
We're researchers in applied cryptography working on making secure crypto more usable and on eliminating bad crypto. This includes us sometimes breaking bad crypto but most of the time our work is constructive. We're the core NaCl development team, along with Peter Schwabe.
-
Tanja Lange
We've designed several cryptosystems, including Salsa20, Poly1305, Curve25519, and Ed25519. These cryptosystems are designed for security, robustness, performance, and ease of implementation without data-dependent branches and without data-dependent array indices. We use these functions in NaCl to make our lives easier and the software better.
Similar Presentations: