[Cryptography] NIST announced Round 1 candidates for lightweight crypto competition

Patrick Chkoreff pc at fexl.com
Wed May 8 17:54:18 EDT 2019

jamesd at echeque.com wrote on 5/8/19 2:02 AM:
> On 2019-05-07 09:05, Patrick Chkoreff wrote:
>> I've been using TweetNaCl http://tweetnacl.cr.yp.to/ quite a bit.  I
>> often wonder if that library would be sufficient for all crypto
>> purposes, assuming one was starting an application from scratch and
>> didn't need things like RSA just for legacy purposes.  If not
>> sufficient, what is missing?
> Libsodium stable seems to have everything one would ordinarily need if
> starting from scratch and you don't need to talk to old NIST code.  And
> it is all NIST free.

I started with TweetNaCL because it had a lot of basic functions in one
C source file.  However, the first thing I did was eliminate the ghastly
macros in the .h file, which included horrors such as forward
definitions.  I ended up with something flat and obvious, no cruft:


I also eliminated the external call to the unspecified "randombytes"
function for generating a key pair.  Instead I implemented a
deterministic function which maps an arbitrary secret key to the
corresponding public key, in the "crypto_box_public" function here:


That way the random bytes are gathered outside the library and passed in.

> Libsodium master has everything one would ordinarily need, plus
> Ristretto255

I'm not yet familiar with Ristretto255 or why I'd need it, but thanks.

-- Patrick

P.S. By the way, I linked the TweetNaCl functions into my Fexl language,
and put together a test suite:


The relevant reference output is here:


More information about the cryptography mailing list