Encryption libraries in Ubuntu¶
This table contains a list of encryption libraries supported in main as well as instructions on how to find relevant information about algorithms from a specific library:
Overview of the libraries¶
- Source package
the package that contains the library
- Algorithm application
bulk encryption: encrypting large amounts of data such as network traffic or storage digital signature: authenticating messages or documents authentication/integrity: verifying that the data’s integrity is intact via message authentication codes, hashes, TLS handshake, and so on
- Name of encryption algorithm/hash function
a command to list all encryption algorithms/hash functions that this library provides
- Max key length/hash value (in bits)
filter: if the command that lists algorithms displays too many algorithms (including deprecated or experimental ones), you must filter only the relevant ones interpret: derive the max key length/hash value from the name of the displayed algorithm research: consult the documentation for that specific algorithm implementation in the library
- Notes
Additional instructions on how to find more information about a specific library, e.g. changes between releases
Source package |
Algorithm application |
Name of encryption algorithm/hash function |
Max key length/hash value (in bits) |
Notes |
|---|---|---|---|---|
bulk encryption |
|
interpret output/research |
compare sorted output in diff for changes |
|
digital signature |
research (or |
research |
||
authentication/integrity |
|
interpret output/research |
compare sorted output in diff for changes |
|
gcrypt (eg, gcrypt20) |
bulk encryption |
|
compare |
|
gcrypt (eg, gcrypt20) |
digital signatures |
|
compare |
|
gcrypt (eg, gcrypt20) |
authentication/integrity |
|
compare |
|
gnutls (eg, gnutls28) |
bulk encryption |
|
interpret output/research |
compare sorted output in diff for changes |
gnutls (eg, gnutls28) |
digital signatures |
|
interpret output/research |
compare sorted output in diff for changes |
gnutls (eg, gnutls28) |
authentication/integrity |
|
interpret output/research |
compare sorted output in diff for changes |
bulk encryption |
|
interpret output/research |
||
digital signatures |
|
interpret output/research |
||
authentication/integrity |
|
interpret output/research |
||
bulk encryption |
|
interpret output/research |
compare output between releases |
|
digital signatures |
|
interpret output/research |
compare output between releases |
|
authentication/integrity |
|
interpret output/research |
compare output between releases |
|
bulk encryption |
|
filter/interpret output/research |
||
digital signatures |
|
filter/interpret output/research |
||
authentication/integrity |
|
filter/interpret output/research |
OpenSSL¶
OpenSSL is a library that provides secure communications over computer networks such as TLS/SSL protocols and collection of core cryptographic primitives such a symmetric, asymmetric, hashing, signing.
gcrypt¶
GNU libgcrypt is a library that provides the core primitives such as block ciphers, public-key algorithms, digests.
gnutls¶
GnuTLS is library that provides TLS/SSL protocols similar to OpenSSL but with a GNU licensing model.
nettle¶
https://www.lysator.liu.se/~nisse/nettle/ is a low-level library designed to be easy to integrate into higher-level libraries.
NSS¶
Network Security Services (NSS) is a set of libraries that provide TLS/SSL, PKI, and cryptographic functions.
Kernel¶
Linux kernel provides cryptographic API and implementations of primitives (AES, SHA, RNG, etc.).