Sodium: A Modern and Easy-to-Use Crypto Library
October 19, 2015
This week a new package called sodium was released on CRAN. This package implements bindings to libsodium: a modern, easy-to-use software library for encryption, decryption, signatures, password hashing and more.
Libsodium is actually a portable fork of Daniel Bernstein’s famous NaCL crypto library, which provides core operations needed to build higher-level cryptographic tools. It is not intended for implementing standardized protocols such as TLS, SSH or GPG, you still need something like OpenSSL for that. Sodium only supports a limited set of state-of-the-art elliptic curve methods, resulting in a simple but very powerful tool-kit for building secure applications.
Getting started with Sodium
The package includes two nice vignettes to get you started:
- Introduction to Sodium for R: basic hands-on introduction to the sodium R package. Gives an overview of the available encryption methods and examples of how to use them
- How does cryptography work: a conceptual intro on cryptographic methods with examples from Sodium
If you always wanted to understand how encryption works without getting a degree in computer science, check out the latter. The basic techniques are easy to understand because cryptographers have done a great job at abstracting the mathematical details into simple hash functions and Diffie-Hellman functions.
Installing Sodium
On Windows on OSX simply install the binary packages from CRAN:
On Linux you need sodium shared library which is called libsodium-dev
on Debian/Ubuntu and libsodium-devel
on Fedora/EPEL. Because this library is relatively young, it is only available for recent versions of these distributions. For Ubuntu 12.04 and 14.04 there are backports available from Launchpad:
On CentOS/RHEL you need to activate EPEL before installing libsodium-devel
.