DEV Community

Discussion on: How's modern encryption like?

Collapse
louy2 profile image
Yufan Lou

PGP as a personal key manager has alternatives like KeePass, 1Password, LastPass, etc.

PGP as Web Of Trust has no alternative, but it has competitors in the Public Key Infrastructure (PKI) space. There is the much more widely used X.509, underlying TLS between web browsers and servers and most other systems.

PGP is one level higher than the cryptography primitives like NaCl. The likes of NaCl are AES-GCM, RSA, Elliptic Curve, etc. The encrypting and signing part of PGP have alternatives like age and signify.

NaCl is not abandoned; it is finished. It is thoroughly tested and validated, and published as an academic paper. But it only works on UNIX, and you have to build it from source yourself. libsodium is a community effort to port NaCl to more operating systems and to package it for package managers.

saltpack is a message format using NaCl. Its alternatives are PGP (yeah the message format part) and S/MIME.

For usage of libsodium, you are really supposed to use only five functions:

  • crypto_secretbox_easy for secret key encryption
  • crypto_secretbox_open_easy for secret key decryption
  • crypto_box_keypair for generating a pair of public and private keys
  • crypto_box_easy for public key encryption
  • crypto_box_open_easy for public key decryption