Encryption libraries in Ubuntu¶
This table lists encryption libraries supported in main, along with
instructions on how to find relevant information about algorithms from a
specific library.
Overview of the libraries¶
- Source package
The package that contains the library.
- Algorithm application
- Bulk encryption: Encrypting large amounts of data such as network
traffic or storage.
Digital signature: Authenticating messages or documents.
- Authentication/integrity: Verifying that the data’s integrity is
intact via message authentication codes, hashes, TLS handshake, and so on.
- Name of encryption algorithm/hash function
A command to list all encryption algorithms or hash functions that this library provides.
- Max key length/hash value (in bits)
- Filter: If the command that lists algorithms displays too many
algorithms (including deprecated or experimental ones), you must filter only the relevant ones.
- Interpret: Derive the max key length/hash value from the name of
the displayed algorithm.
- Research: Consult the documentation for that specific algorithm
implementation in the library.
- Notes
Additional instructions on how to find more information about a specific library, for example, changes between releases.
Source package |
Algorithm application |
Name of encryption algorithm/hash function |
Max key length/hash value (in bits) |
Notes |
|---|---|---|---|---|
Bulk encryption |
|
Interpret output/research |
Compare sorted output in diff for changes |
|
Digital signature |
Research (or |
Research |
||
Authentication/integrity |
|
Interpret output/research |
Compare sorted output in diff for changes |
|
gcrypt (for example, gcrypt20) |
Bulk encryption |
|
Compare |
|
gcrypt (for example, gcrypt20) |
Digital signatures |
|
Compare |
|
gcrypt (for example, gcrypt20) |
Authentication/integrity |
|
Compare |
|
gnutls (for example, gnutls28) |
Bulk encryption |
|
Interpret output/research |
Compare sorted output in diff for changes |
gnutls (for example, gnutls28) |
Digital signatures |
|
Interpret output/research |
Compare sorted output in diff for changes |
gnutls (for example, gnutls28) |
Authentication/integrity |
|
Interpret output/research |
Compare sorted output in diff for changes |
Bulk encryption |
|
Interpret output/research |
||
Digital signatures |
|
Interpret output/research |
||
Authentication/integrity |
|
Interpret output/research |
||
Bulk encryption |
|
Interpret output/research |
Compare output between releases |
|
Digital signatures |
|
Interpret output/research |
Compare output between releases |
|
Authentication/integrity |
|
Interpret output/research |
Compare output between releases |
|
Bulk encryption |
|
Filter/interpret output/research |
||
Digital signatures |
|
Filter/interpret output/research |
||
Authentication/integrity |
|
Filter/interpret output/research |
OpenSSL¶
OpenSSL is a library that provides secure communications over computer networks, such as TLS/SSL protocols, and a collection of core cryptographic primitives such as symmetric, asymmetric, hashing, and signing.
gcrypt¶
GNU libgcrypt is a library that provides core primitives such as block ciphers, public-key algorithms, and digests.
gnutls¶
GnuTLS is a library that provides TLS/SSL protocols similar to OpenSSL but with a GNU licensing model.
nettle¶
Nettle is a low-level library designed to be easy to integrate into higher-level libraries and applications.
NSS¶
Network Security Services (NSS) is a set of libraries that provide TLS/SSL, PKI, and cryptographic functions.
Kernel¶
The Linux kernel provides a cryptographic API and implementations of primitives (AES, SHA, RNG, etc.).