Paper Info
Title
Tweetnacl: A Crypto Library In 100 Tweets
Abstract
This paper introduces TweetNaCl, a compact reimplementation of the NaCl library, including all 25 of the NaCl functions used by applications. TweetNaCl is published on Twitter and fits into just 100 tweets; the tweets are available from anywhere, any time, in an unsuspicious way. Distribution via other social media, or even printed on a sheet of A4 paper, is also easily possible.TweetNaCl is human-readable C code; it is the smallest readable implementation of a high-security cryptographic library. TweetNaCl is the first cryptographic library that allows correct functionality to be verified by auditors with reasonable effort, making it suitable for inclusion into the trusted code base of a secure computer system. This paper uses two examples of formally verified correctness properties to illustrate the impact of TweetNaCl's conciseness upon auditability.TweetNaCl consists of a single C source file, accompanied by a single header file generated by a short Python script (1811 bytes). The library can be trivially integrated into a wide range of software build processes.Portability and small code size come at a loss in efficiency, but TweetNaCl is sufficiently fast for most applications. TweetNaCl's cryptographic implementations meet the same security and reliability standards as NaCl: for example, complete protection against cache-timing attacks.
Year
DOI
Venue
2014
10.1007/978-3-319-16295-9_4
PROGRESS IN CRYPTOLOGY - LATINCRYPT 2014
Keywords
Field
DocType
Trusted code base, Source-code size, Auditability, Software implementation, Timing-attack protection, NaCl, Twitter
World Wide Web,Social media,Computer science,Software implementation
Conference
Volume
ISSN
Citations 
8895
0302-9743
11
PageRank 
References 
Authors
0.58
5
6
Name
Order
Citations
PageRank
Daniel J. Bernstein11734110.56
Bernard van Gastel2110.58
Wesley Janssen3110.58
Tanja Lange4117071.41
Peter Schwabe575944.16
sjaak smetsers629929.88