Cryptography tools (Sergey Matveev’s homepage)

Next: gw.stargrave.org, Previous: CPU tuning, Up: My hardware and software details

Cryptography tools ¶

I used to use GnuPG LibrePGP implementation much. For signing and encryption of files and mail. But nowadays I tend to use much much more simpler tools like:

age for file encryption. It is very simple, uses efficient ChaCha20-Poly1305 AEAD encryption and good enough scrypt passphrase strengthening algorithms. Although GnuPG’s OCB mode is also very fast too, if AES is hardware accelerated.
OpenSSH’s ssh-keygen for signing files and sometimes Git’s tags.

GnuTLS is a TLS library of choice. I am convinced that OpenSSL is one of the worst software we have got, that should not exist (as the whole SSL/TLS actually). Go has its own TLS implementation. I use Go GOST TLS 1.3 fork with GOST cryptography support and ChaCha20-Poly1305 ciphersuite as a preference.