@hackage crypto-sodium0.0.2.0

This is a collection of high-level cryptographic primitives based on Sodium, spiced up with extra type-safety of the Haskell type system.

Note: this package is experimental and WIP.

Why

Cryptography is hard to do right and you should never try to implement it on your own, even if you have access to safe and secure cryptographic primitives. Luckily, D. J. Bernstein created NaCl.

NaCl was designed specifically to make it hard to use it incorrectly and thus save you from a disaster. It exposes high-level cryptographic algorithms with underlying implementations chosen for you, so you do not get flexibility, but you get security, which is more important.

What

Sodium is a reimplementation of NaCl with the goal to make it more portable across different platforms. With time, it started providing more than the same interface as NaCl. Nowadays it implements additional primitives and utility functions.

How

Secret-key cryptography

• Authenticated encryption: Crypto.Secretbox

• Encryption: Crypto.Stream

• Authentication: Crypto.Auth

Thread-safety

Some of the Sodium (and NaCl) functions (those that generate random data) are not thread-safe. All these functions are explicitly marked as such in their Haddock documentation.

Calling sodiumInit before they are used makes them thread-safe, see Crypto.Init.

Performance

Sodium contains multiple implementations of the primitives it provides. There are generic implementations, that are used by default, and multiple alternatives optimised for various platforms.

sodiumInit will quickly benchmark all available implementations and choose the bests ones for each primitive, see Crypto.Init.