Monocypher is an easy to use crypto library. It is:
- Small. Sloccount counts about 1800 lines of code, small enough to allow audits. The binaries can be under 50KB, small enough for many embedded targets.
- Easy to deploy. Just add
monocypher.hto your project. They compile as C99 or C++, have no dependency, and are dedicated to the public domain.
- Easy to use. The API is small, consistent, and cannot fail on correct input.
- Fast. The primitives are fast to begin with, and performance wasn't needlessly sacrificed. Monocypher holds up pretty well against Libsodium, despite being closer in size to TweetNaCl. (More detailed benchmark)
Download the latest Monocypher, and run the test suite:
$ tar -xzf monocypher-2.0.6.tar.gz $ cd monocypher-2.0.6 $ make test
Optionally, you can generate and install binaries on your system:
$ make $ sudo make install
Or you can just integrate Monocypher source files into your project:
$ cp src/monocypher.c path/to/your/source/folder $ cp src/monocypher.h path/to/your/include/folder
- Authenticated encryption implements RFC 8439 with XChacha20 and Poly1305. XChacha20 nonces are big enough to be random.
- Hashing uses Blake2b, which is as secure as SHA-3, and as fast as MD5.
- Password key derivation is done with Argon2i, which won the Password Hashing competition.
- Key exchange uses X25519.
- Signatures use EdDSA (RFC 8032) with Blake2b and edwards25519. Optionally, Blake2b can be replaced by SHA-512 for Ed25519 compatibility.
Monocypher enabled me to develop Joulescope's small microcontroller bootloader with secure firmware updates using modern cryptography. Monocypher is small, fast, easy to use, has no dependencies, and is excellent on microcontrollers.
Principal Engineer and creator of Joulescope