TweetNaCl : a crypto library in 100 tweets

D.J. Bernstein, B. van Gastel, W. Janssen, T. Lange, P. Schwabe, S. Smetsers

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

27 Citations (Scopus)

Abstract

This paper introduces TweetNaCl, a compact reimplementation of the NaCl library, including all 25 of the NaCl functions used by applications. TweetNaCl is published on Twitter and fits into just 100 tweets; the tweets are available from anywhere, any time, in an unsuspicious way. Distribution via other social media, or even printed on a sheet of A4 paper, is also easily possible. TweetNaCl is human-readable C code; it is the smallest readable implementation of a high-security cryptographic library. TweetNaCl is the first cryptographic library that allows correct functionality to be verified by auditors with reasonable effort, making it suitable for inclusion into the trusted code base of a secure computer system. This paper uses two examples of formally verified correctness properties to illustrate the impact of TweetNaCl’s conciseness upon auditability. TweetNaCl consists of a single C source file, accompanied by a single header file generated by a short Python script (1811 bytes). The library can be trivially integrated into a wide range of software build processes. Portability and small code size come at a loss in efficiency, but TweetNaCl is sufficiently fast for most applications. TweetNaCl’s cryptographic implementations meet the same security and reliability standards as NaCl: for example, complete protection against cache-timing attacks.
Original languageEnglish
Title of host publicationProgress in Cryptology - LATINCRYPT 2014 (Third International Conference on Cryptology and Information Security in Latin America, Florianópolis, Brazil, September 17-19, 2014. Revised Selected Papers)
EditorsD.F. Aranha, A. Menezes
Place of PublicationBerlin
PublisherSpringer
Pages64-83
ISBN (Print)978-3-319-16294-2
DOIs
Publication statusPublished - 2015
Eventconference; 3rd International Conference on Cryptology and Information Security in Latin America; 2014-09-17; 2014-09-19 -
Duration: 17 Sept 201419 Sept 2014

Publication series

NameLecture Notes in Computer Science
Volume8895
ISSN (Print)0302-9743

Conference

Conferenceconference; 3rd International Conference on Cryptology and Information Security in Latin America; 2014-09-17; 2014-09-19
Period17/09/1419/09/14
Other3rd International Conference on Cryptology and Information Security in Latin America

Fingerprint

Dive into the research topics of 'TweetNaCl : a crypto library in 100 tweets'. Together they form a unique fingerprint.

Cite this