DEV Community


Discussion on: Encrypting Files in a Post-PGP Age

tarialfaro profile image
Tari R. Alfaro

I know this post was made a while back, but I will pitch in here.

Currently my recommendation is Libsodium for developers and anyone implementing cryptography in applications. Which, is actually a fork of NaCL. I am glad you mentioned Saltpack. I never heard of it.

Keybase is great for individuals who don't know much about cryptography or just need an easy to use solution.

OpenSSL, PGP and other hard to use cryptography libraries and tools should be avoided for pretty much everyone. It's just easy to slip up.

On a note, you should be using Ed25519 keys for OpenSSL because it's newer, and RSA can be implemented insecurely, and often is.

Here are some Right Answers about cryptography.

artis3n profile image
Ari Kalfus Author

You're totally right re: EC keys. Libsodium is also a great library and I should have mentioned it here. I do include it in this article on cryptographic randomness.