Monocypher is an easy to use crypto library. It is:
- Small. Sloccount counts less than 1500 lines of code, small enough to allow audits. The binaries are under 65KB.
- Easy to deploy. Just add
monocypher.candmonocypher.hto your project. They compile as C99, C11, or C++, and have no dependency. - Easy to use. The API is small, consistent, and cannot fail on correct input.
- Fast. The primitives are fast to begin with, and performance wasn't needlessly sacrificed. Monocypher holds up pretty well against Libsodium, despite being closer in size to TweetNaCl. (More detailed benchmark)
Getting started
Download the latest Monocypher, and run the test suite:
$ tar -xzf monocypher-2.0.2.tar.gz
$ cd monocypher-2.0.2
$ make test
Optionally, you can generate and install binaries on your system:
$ make
$ sudo make install
Or you can just integrate Monocypher source files into your project:
$ cp src/monocypher.c path/to/your/source/folder
$ cp src/monocypher.h path/to/your/include/folder
Monocypher's API is documented in the user manual. If you are not yet familiar with cryptography, please follow an introductory course. We currently recommend Crypto101.
Primitives
- Authenticated encryption implements RFC 7539 with XChacha20 and Poly1305. XChacha20 nonces are big enough to be random.
- Hashing uses Blake2b, which is as secure as SHA-3, and as fast as MD5.
- Password key derivation is done with Argon2i, which won the Password Hashing competition.
- Key exchange uses X25519.
- Signatures use EdDSA with Blake2b and curve25519. Strict Ed25519 conformity (with SHA-512 instead of Blake2b) is provided as an option.