minisign
kyber
minisign | kyber | |
---|---|---|
12 | 6 | |
1,967 | 689 | |
- | 2.2% | |
4.8 | 5.1 | |
about 1 month ago | 4 months ago | |
C | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
minisign
- Ask HN: What are your favorite tiny, single purpose tools?
- Minisign A dead simple tool to sign files and verify signatures
-
PGP signatures on PyPI: worse than useless
There are alternatives, minisign and signify.
-
Can a program be the only thing able to have access to a private key?
You don't have to attach identities to public and private keys. If all you need it for is signing, then check out minisign.
-
How should I encrypt files for sharing over the internet?
If you need signatures, minisign is a similar hard-to-misuse program.
-
Beginner: how to do basic cryptography for a blog
In your case, use a tool such as https://jedisct1.github.io/minisign/ to do signing/verification. GPG is another choice which is very common. It will produce a "signature" which can be embedded alongside your posts verifying that the text of the post was endorsed by someone bearing the given public key.
-
Is it worth it to make the move to ProtonMail & VPN?
Claiming it's not ancient because Linux desktop distributions still use it for signing packages is a very odd argument. Most Cryptography experts (note: I'm not talking about programmers, IT professionals or people who know a thing or two about cryptography, I mean actual cryptographers) would agree that we should start using something like signify or minisign instead of the bloated mess that is GPG for signing package repositories.
-
Hacker News top posts: Dec 23, 2021
minisign\ (5 comments)
- minisign
- Show HN: Pagesign – A Python Wrapper for Age and Minisign
kyber
-
Quantum Computers Break Encryption in China But Far From Cracking Bitcoin
I wouldn’t even be worried about the banks, any mode of encryption used for data would be at stake, but there’s already some algos that are quantum secure made by Crystal Kyber. Here’s their git repo: https://github.com/pq-crystals/kyber.git
-
NSA, NIST, and post-quantum cryptography
So, question then, isn't one of the differences between this time's selection, compared to previous selections, that some of the algorithms are open source with their code available.
For example, Kyber, one of the finalists, is here: https://github.com/pq-crystals/kyber
And where it's not open source, I believe in the first round submissions, everyone included reference implementations.
Does the code being available make it easy to verify whether there are some shady/shenanigans going on, even without NIST's cooperation?
-
NIST Announces First Four Quantum-Resistant Cryptographic Algorithms
The C reference code is available: https://github.com/pq-crystals/kyber
- NIST announces PQC-algoritms to be standardized
- Kyber key encapsulation mechanism (Post Quantum Cryptography Standardization)
What are some alternatives?
signify - OpenBSD tool to sign and verify signatures on files. Portable version.
openssl - Fork of OpenSSL 1.1.1 that includes prototype quantum-resistant algorithms and ciphersuites based on liboqs [OQS-OpenSSL 1.1.1 is NO LONGER SUPPORTED, please switch to OQS-Provider for OpenSSL 3]
age - A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
mbedTLS - An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
age-plugin-yubikey - YubiKey plugin for age
Selenite - An Experimental Rust Crate for Post-Quantum Code-Signing Certificates.
ed25519 - Minimal ed25519 Haskell package, binding to the ref10 SUPERCOP implementation.
libsodium - A modern, portable, easy to use crypto library.
mkp224o - vanity address generator for tor onion v3 (ed25519) hidden services
s2n - An implementation of the TLS/SSL protocols
sign - Digital file signing and signature verfication utility
falcon