libsodium (Sodium)

Sodium (libsodium) is free cryptographic library, it is intended for creation of program tools of enciphering decoding of content, hashing of passwords, work with digital signatures, etc. The source code of library extends according to the license ISC.

On September 25, 2014 the first stable release of cryptographic library libsodium 1.0.0 (Sodium) was issued.

The Sodium project was announced by OpenDNS company in 2013 in a type a forka of the created earlier cryptographic library NaCl (Networking and Cryptography library). NaCl was not widely adopted in connection with transfer problems on other platforms.

Sodium is provided as the universal cross-platform library providing compatibility with NaCl at the level of API and support of a number of platforms. The library joins in packets and installers for many OS, its functions are available to users through API.

Sodium provided with assembly in the form of separated (shared) of library.

• A standard set of heading files is delivered,
• means for installation and integration into third-party projects are added;
• basic API is focused on the Si language,
• in addition the packet joins bindings for the Ruby and Python languages.

Among platforms which support Sodium developers mention: Bitrig, OpenBSD, Dragonfly BSD, NetBSD, FreeBSD, SmartOS, OSX, Linux, Windows, iOS and Android.

libsodium provides the simplified API with the limited, but checked set of safe cryptographic options and methods that simplifies mastering by users, in comparison with analogs, like OpenSSL, etc., having excess functionality (contain a set of cryptographic primitives, modes and processors from whom it is difficult for user to select safe set) that involves difficulties during the work with them and where vulnerabilities periodically are detected.

Sodium and NaCl solve a problem of the optimal choice, making available to the user the compact and clear feature set, ready to use, containing only safe methods.

Sodium provides by means of API:

• the enciphering using authentication with open (public-key) and the general (shared-key) keys providing reliability of transfer of the ciphered message, guaranteeing its invariance;
• creation and verification of digital signatures on public and general keys. Allows the receiver to check that the message is sent by that from whom it was expected to receive, and it was not changed by the third party;
• the hashing transactions allowing to create the mold from the message having fixed length, giving the chance to check compliance to a hash of the initial message, but not allowing to recover elements of messages from a hash;
• the means for formation for a hash tables of unpredictable keys from short messages allowing to exclude carrying out the DoS-attacks through manipulations with collisions of hashes. As function of hashing method SipHash-2-4 differing in the high performance and unpredictable result of transaction is used;
• the safe pseudorandom number generator for use in cryptographic transactions.

The source code Sodium and documentation are published on Gitbook.