minisign
noise_spec
minisign | noise_spec | |
---|---|---|
12 | 6 | |
1,967 | 450 | |
- | 0.0% | |
4.8 | 10.0 | |
about 1 month ago | over 5 years ago | |
C | HTML | |
GNU General Public License v3.0 or later | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
minisign
- Ask HN: What are your favorite tiny, single purpose tools?
- Minisign A dead simple tool to sign files and verify signatures
-
PGP signatures on PyPI: worse than useless
There are alternatives, minisign and signify.
-
Can a program be the only thing able to have access to a private key?
You don't have to attach identities to public and private keys. If all you need it for is signing, then check out minisign.
-
How should I encrypt files for sharing over the internet?
If you need signatures, minisign is a similar hard-to-misuse program.
-
Beginner: how to do basic cryptography for a blog
In your case, use a tool such as https://jedisct1.github.io/minisign/ to do signing/verification. GPG is another choice which is very common. It will produce a "signature" which can be embedded alongside your posts verifying that the text of the post was endorsed by someone bearing the given public key.
-
Is it worth it to make the move to ProtonMail & VPN?
Claiming it's not ancient because Linux desktop distributions still use it for signing packages is a very odd argument. Most Cryptography experts (note: I'm not talking about programmers, IT professionals or people who know a thing or two about cryptography, I mean actual cryptographers) would agree that we should start using something like signify or minisign instead of the bloated mess that is GPG for signing package repositories.
-
Hacker News top posts: Dec 23, 2021
minisign\ (5 comments)
- minisign
- Show HN: Pagesign – A Python Wrapper for Age and Minisign
noise_spec
-
I worked at LastPass as an engineer. My 2 cents on the situation
Because I always want to identify the solution when we point to the problem:
https://doc.libsodium.org/
http://noiseprotocol.org/
-
How should I encrypt files for sharing over the internet?
If you're not looking to share files but instead need a full communications protocol, the question gets more complex. TLS is the most commonly used encryption layer, and lots of other protocols use TLS to encrypt their traffic. In the rare cases where it's not suitable, the Noise Protocol Framework works to design a secure protocol for the necessary uses.
-
help with Monocypher on an embedded system
TLS Client Authentication formalizes this, as do several patterns in the Noise protocol framework.
-
When To Roll Your Own X
As you now know, I have implemented a whole cryptographic library with a similar API to Libsodium’s. In addition I’ve worked on authenticated key exchange (similar to Noise), as well as PAKE (symmetric and augmented). And I’ve realised that the whole NaCl family of libraries, including NaCl, Libsodium, TweetNaCl, and Monocypher, are all too low-level for regular people to use safely.
-
Tim Cook revealed the real reason Apple won’t add RCS to the iPhone
Many other messaging apps use a separate client/server encryption protocol for this purpose. Several use TLS. The WhatsApp Security Whitepaper notes they use the Noise protocol when the client is a mobile device.
-
Mega: Malleable Encryption Goes Awry
What are real world implementations of the Noise Protocol? https://github.com/noiseprotocol/noise_spec/blob/v34/noise.m...
Quick search shows WireGuard protocol, but I am not sure if how much of the WireGuard protocol is the same as the Noise Protocol.
https://www.wireguard.com/formal-verification/
What are some alternatives?
signify - OpenBSD tool to sign and verify signatures on files. Portable version.
Monocypher - An easy to use, easy to deploy crypto library
age - A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
wycheproof - Project Wycheproof tests crypto libraries against known attacks.
age-plugin-yubikey - YubiKey plugin for age
magic-wormhole - get things from one computer to another, safely
ed25519 - Minimal ed25519 Haskell package, binding to the ref10 SUPERCOP implementation.
wireguard-vyatta-ubnt - WireGuard for Ubiquiti Devices
kyber
Monokex - A simpler alternative to the Noise protocol framework.
mkp224o - vanity address generator for tor onion v3 (ed25519) hidden services