tweetnacl vs node-forge vs crypto-js vs openpgp vs jsencrypt
JavaScript Cryptography Libraries Comparison
Search packages..
1 Year
tweetnaclnode-forgecrypto-jsopenpgpjsencryptSimilar Packages:
What's JavaScript Cryptography Libraries?

JavaScript cryptography libraries provide developers with tools to implement encryption, decryption, and secure data handling in web applications. These libraries are essential for ensuring data integrity, confidentiality, and authentication in various applications, from simple data protection to complex secure communications. Each library has its unique features, strengths, and use cases, making them suitable for different scenarios in web development.

Package Weekly Downloads Trend
Github Stars Ranking
Stat Detail
Package
Downloads
Stars
Size
Issues
Publish
License
tweetnacl22,490,0781,825-65 years agoUnlicense
node-forge22,303,6515,1371.66 MB447-(BSD-3-Clause OR GPL-2.0)
crypto-js8,371,18616,014487 kB274a year agoMIT
openpgp485,5915,76916.2 MB23a month agoLGPL-3.0+
jsencrypt190,6316,724862 kB1612 years agoMIT
Feature Comparison: tweetnacl vs node-forge vs crypto-js vs openpgp vs jsencrypt

Encryption Algorithms

  • tweetnacl:

    TweetNaCl focuses on modern cryptographic primitives, providing authenticated encryption (using XSalsa20) and digital signatures (using Ed25519). It is optimized for performance and security.

  • node-forge:

    Node-Forge provides a wide range of encryption algorithms, including symmetric (AES, DES) and asymmetric (RSA, DSA) encryption, along with support for cryptographic protocols like TLS. It is a more comprehensive library for complex cryptographic tasks.

  • crypto-js:

    Crypto-JS supports various encryption algorithms such as AES, DES, and Triple DES, making it versatile for different encryption needs. It is easy to use and integrates well with existing JavaScript applications.

  • openpgp:

    OpenPGP.js implements the OpenPGP standard, offering robust encryption options for secure communications. It supports various algorithms, including RSA and ElGamal, and is designed for secure email and file encryption.

  • jsencrypt:

    JSEncrypt specifically implements RSA encryption, which is suitable for secure key exchange and data encryption. It allows for easy generation of public/private key pairs and is focused on asymmetric encryption.

Ease of Use

  • tweetnacl:

    TweetNaCl is designed for simplicity and performance, providing a minimalistic API that is easy to understand and use, making it suitable for developers looking for straightforward cryptographic solutions.

  • node-forge:

    Node-Forge has a steeper learning curve due to its comprehensive feature set, but it provides extensive documentation and examples, making it manageable for developers familiar with cryptography.

  • crypto-js:

    Crypto-JS is straightforward to use, with a simple API that allows developers to quickly implement encryption and hashing without deep cryptographic knowledge. It's suitable for beginners.

  • openpgp:

    OpenPGP.js is relatively easy to use for developers familiar with the OpenPGP standard. It provides a clear API for implementing secure communications but may require understanding of PGP concepts.

  • jsencrypt:

    JSEncrypt has a user-friendly API for RSA encryption, making it easy to integrate into applications that require public/private key functionality. It's designed for developers who need basic RSA features without complexity.

Performance

  • tweetnacl:

    TweetNaCl is highly optimized for performance, providing fast cryptographic operations suitable for real-time applications, making it ideal for performance-critical environments.

  • node-forge:

    Node-Forge is designed for flexibility and performance but may not be as fast as specialized libraries for specific tasks. It's suitable for applications needing a broad range of cryptographic functions.

  • crypto-js:

    Crypto-JS is lightweight and optimized for performance, making it suitable for client-side applications where speed is crucial. However, it may not be as secure as other libraries for high-stakes applications.

  • openpgp:

    OpenPGP.js is optimized for secure communications but can be slower due to the complexity of the algorithms involved. It's best for applications where security is prioritized over speed.

  • jsencrypt:

    JSEncrypt is efficient for RSA operations but can be slower compared to symmetric encryption methods. It is best used for small data sizes due to RSA's computational overhead.

Security Features

  • tweetnacl:

    TweetNaCl emphasizes security through simplicity, providing modern cryptographic primitives that are resistant to common attacks, making it a secure choice for developers.

  • node-forge:

    Node-Forge offers extensive security features, including support for various standards and protocols, making it suitable for applications requiring high security and compliance.

  • crypto-js:

    Crypto-JS provides basic security features but lacks advanced options like key management and secure key storage, making it less suitable for high-security applications.

  • openpgp:

    OpenPGP.js adheres to the OpenPGP standard, ensuring robust security for encrypted communications. It includes features like key signing and verification, making it ideal for secure messaging.

  • jsencrypt:

    JSEncrypt focuses on RSA encryption, providing secure key generation and management. However, it does not cover other cryptographic needs, which may require additional libraries.

Community and Support

  • tweetnacl:

    TweetNaCl has a smaller community but is well-regarded for its performance and security. Documentation is available, though it may not be as extensive as larger libraries.

  • node-forge:

    Node-Forge has a strong community and extensive documentation, offering support for a wide range of cryptographic tasks, making it suitable for developers needing comprehensive help.

  • crypto-js:

    Crypto-JS has a large user base and community support, with many resources available for troubleshooting and implementation guidance, making it accessible for developers.

  • openpgp:

    OpenPGP.js benefits from a dedicated community focused on secure communications, providing ample resources and support for implementing the OpenPGP standard.

  • jsencrypt:

    JSEncrypt has a smaller community but is well-documented, providing enough resources for developers to implement RSA encryption effectively.

How to Choose: tweetnacl vs node-forge vs crypto-js vs openpgp vs jsencrypt
  • tweetnacl:

    Choose TweetNaCl for high-performance cryptographic operations with a focus on simplicity and security, particularly for applications requiring authenticated encryption and digital signatures.

  • node-forge:

    Opt for Node-Forge when you need a comprehensive solution that includes support for various cryptographic standards, including TLS, PKI, and more complex cryptographic tasks.

  • crypto-js:

    Choose Crypto-JS for lightweight cryptographic operations and when you need a simple solution for hashing and encryption without the overhead of additional features.

  • openpgp:

    Use OpenPGP.js if you need to implement OpenPGP standard encryption, which is ideal for secure email communications and file encryption, ensuring compliance with widely accepted encryption standards.

  • jsencrypt:

    Select JSEncrypt if you require RSA encryption and decryption specifically, especially for scenarios involving public/private key pairs, such as secure data transmission over the web.

Similar Npm Packages to tweetnacl

tweetnacl is a cryptographic library that provides a simple and efficient implementation of modern cryptographic algorithms. It is designed to be lightweight and easy to use, making it a popular choice for developers looking to incorporate cryptography into their applications. While tweetnacl is a robust option, there are several alternatives available that offer similar functionalities. Here are a few noteworthy alternatives:

  • crypto-js is a widely-used library that provides a comprehensive set of cryptographic algorithms for JavaScript. It includes support for hashing, encryption, and decryption, making it suitable for a variety of cryptographic tasks. crypto-js is particularly popular for web applications that require secure data handling, as it offers a range of algorithms like AES, SHA, and HMAC. If you need a well-established library with extensive documentation and community support, crypto-js is a solid choice.
  • libsodium is a modern, easy-to-use, and secure cryptographic library that focuses on providing high-level cryptographic primitives. It is designed to be secure against various types of attacks and is suitable for both web and server-side applications. libsodium is known for its strong emphasis on usability and security, making it a great option for developers who want to implement cryptographic operations without delving into the complexities of lower-level cryptography.
  • sjcl (Stanford Javascript Crypto Library) is another cryptographic library that provides a range of cryptographic functions, including encryption, decryption, and hashing. It is designed to be lightweight and efficient, making it suitable for use in web applications. sjcl is particularly known for its focus on performance and security, offering a good balance between usability and cryptographic rigor.
  • tweetnacl-ts is a TypeScript port of the original tweetnacl library. It retains the same functionality and performance characteristics as tweetnacl while providing TypeScript support for developers who prefer to work in a typed environment. If you are using TypeScript and want to leverage the capabilities of tweetnacl with type safety, tweetnacl-ts is an excellent option.

To see how tweetnacl compares with crypto-js, libsodium, sjcl, and tweetnacl-ts, check out the comparison: Comparing crypto-js vs libsodium vs sjcl vs tweetnacl vs tweetnacl-ts.

Similar Npm Packages to node-forge

node-forge is a powerful JavaScript library that provides a variety of cryptographic functionalities, including encryption, decryption, hashing, and certificate generation. It is designed to be used in both Node.js and browser environments, making it a versatile choice for developers looking to implement cryptography in their applications. With its comprehensive set of features, node-forge is particularly useful for projects that require secure data transmission and storage.

One notable alternative to node-forge is crypto-js. This library is also focused on cryptographic operations and provides a range of algorithms for hashing and encryption. crypto-js is lightweight and easy to use, making it a popular choice for developers who need basic cryptographic functions without the overhead of a more extensive library. It is particularly well-suited for applications that require simple encryption and hashing, such as securing user passwords or data in transit.

While both libraries serve similar purposes, they cater to different needs. node-forge offers a more extensive set of features, including support for various cryptographic protocols and formats, which makes it ideal for complex applications requiring robust security measures. On the other hand, crypto-js is perfect for simpler use cases where ease of use and lightweight functionality are prioritized.

For a detailed comparison of these two packages, check out the link: Comparing crypto-js vs node-forge.

Similar Npm Packages to crypto-js

crypto-js is a widely used JavaScript library designed for cryptographic operations. It provides a variety of cryptographic algorithms, including hashing, encryption, and decryption, making it a versatile tool for developers looking to implement security features in their applications. While crypto-js is a robust solution for cryptographic needs, there are several alternatives available in the JavaScript ecosystem. Here are a few notable ones:

  • bcrypt is a popular library specifically designed for hashing passwords. It implements the bcrypt hashing algorithm, which is known for its strength and resistance to brute-force attacks. bcrypt is an excellent choice for developers who need to securely store user passwords, as it provides built-in salting and hashing mechanisms that enhance security. If your primary focus is on password hashing and user authentication, bcrypt is a reliable option.
  • node-forge is a comprehensive library that provides a wide range of cryptographic functionalities, including encryption, decryption, signing, and verification. It is designed to work in both Node.js and browser environments, making it a versatile choice for developers. node-forge supports various cryptographic standards and protocols, making it suitable for applications that require more than just basic cryptographic operations. If you need a full-featured cryptographic library that can handle complex tasks, node-forge is a strong candidate.
  • sjcl (Stanford Javascript Crypto Library) is another lightweight library that focuses on providing secure cryptographic functions. It includes various algorithms for encryption, decryption, hashing, and key derivation. sjcl is designed to be easy to use and integrate into web applications, making it a good choice for developers who need a straightforward cryptographic solution. If you are looking for a simple yet effective library for basic cryptographic tasks, sjcl is worth considering.

To explore how crypto-js compares with bcrypt, node-forge, and sjcl, check out the comparison: Comparing bcrypt vs crypto-js vs node-forge vs sjcl.

Similar Npm Packages to openpgp

openpgp is a JavaScript library that implements the OpenPGP standard for encrypting and signing data. It provides developers with the tools to create secure applications that require encryption, decryption, and digital signatures. OpenPGP is widely used for secure communication and data protection, making it a popular choice for applications that prioritize security.

While OpenPGP is a robust solution for encryption and signing, there are several alternatives available in the JavaScript ecosystem that cater to different needs and use cases:

  • crypto-js is a widely-used library for cryptographic algorithms in JavaScript. It provides a variety of cryptographic functions, including hashing, encryption, and decryption. Crypto-js is lightweight and easy to use, making it suitable for applications that require basic cryptographic operations without the overhead of a full-fledged encryption standard like OpenPGP. If you need simple encryption and hashing capabilities, crypto-js is a solid choice.
  • jsencrypt is a lightweight library specifically designed for RSA encryption in JavaScript. It allows developers to easily encrypt and decrypt data using RSA public and private keys. JSEncrypt is particularly useful for applications that require secure key exchange and data protection using RSA, making it a good alternative for those who need a straightforward solution for public-key cryptography without the complexity of OpenPGP.
  • node-forge is a comprehensive library that provides a wide range of cryptographic functionalities, including support for TLS, PKI, and various encryption algorithms. It is designed to work in both Node.js and browser environments, making it versatile for different applications. Node-forge is a great choice if you need a more extensive set of cryptographic features beyond what OpenPGP offers, including support for various protocols and formats.
  • tweetnacl is a small and fast library for public-key cryptography, focusing on simplicity and performance. It implements the NaCl (pronounced "salt") cryptographic library, which is known for its high security and efficiency. Tweetnacl is ideal for applications that require secure encryption and signing without the complexity of more extensive libraries like OpenPGP.

To compare these packages and see how they stack up against each other, check out the comparison link: Comparing crypto-js vs jsencrypt vs node-forge vs openpgp vs tweetnacl.

Similar Npm Packages to jsencrypt

jsencrypt is a popular JavaScript library used for encrypting and decrypting data using RSA (Rivest-Shamir-Adleman) algorithm. It provides a simple API for developers to implement public-key cryptography in their applications, making it easier to secure sensitive information. While jsencrypt is a solid choice for RSA encryption, there are several alternatives available that cater to different cryptographic needs. Here are a few notable alternatives:

  • asn1.js is a library for encoding and decoding ASN.1 (Abstract Syntax Notation One) data structures. It is often used in conjunction with other cryptographic libraries to handle data formats that require ASN.1 encoding, such as X.509 certificates and PKCS#7 messages. If your application needs to work with ASN.1 encoded data, this library is a valuable tool to consider.
  • crypto is a built-in Node.js module that provides cryptographic functionality, including a set of wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign, and verify functions. While it is not specifically designed for RSA encryption, it offers a wide range of cryptographic operations and is suitable for server-side applications. If you are working in a Node.js environment and require comprehensive cryptographic capabilities, the crypto module is a robust choice.
  • crypto-js is a widely used library for cryptographic algorithms in JavaScript. It provides a variety of hashing and encryption functions, including AES, SHA-1, SHA-256, and more. Unlike jsencrypt, which focuses on RSA, crypto-js offers symmetric encryption and hashing capabilities, making it suitable for applications that require a broader range of cryptographic functions.
  • node-rsa is a library specifically designed for RSA encryption and decryption in Node.js applications. It provides a straightforward API for generating keys, encrypting, and decrypting data using RSA. If you need a dedicated RSA solution for your Node.js application, node-rsa is a great alternative to jsencrypt.
  • openpgp is a comprehensive library for implementing OpenPGP (Pretty Good Privacy) encryption in JavaScript applications. It supports a wide range of cryptographic features, including key generation, encryption, decryption, signing, and verification. If your application requires advanced encryption features and you want to implement OpenPGP standards, this library is an excellent choice.

For a detailed comparison of these packages, check out: Comparing asn1.js vs crypto vs crypto-js vs jsencrypt vs node-rsa vs openpgp.

README for tweetnacl

TweetNaCl.js

Port of TweetNaCl / NaCl to JavaScript for modern browsers and Node.js. Public domain.

Build Status

Demo: https://dchest.github.io/tweetnacl-js/

Documentation

Overview

The primary goal of this project is to produce a translation of TweetNaCl to JavaScript which is as close as possible to the original C implementation, plus a thin layer of idiomatic high-level API on top of it.

There are two versions, you can use either of them:

  • nacl.js is the port of TweetNaCl with minimum differences from the original + high-level API.

  • nacl-fast.js is like nacl.js, but with some functions replaced with faster versions. (Used by default when importing NPM package.)

Audits

TweetNaCl.js has been audited by Cure53 in January-February 2017 (audit was sponsored by Deletype):

The overall outcome of this audit signals a particularly positive assessment for TweetNaCl-js, as the testing team was unable to find any security problems in the library. It has to be noted that this is an exceptionally rare result of a source code audit for any project and must be seen as a true testament to a development proceeding with security at its core.

To reiterate, the TweetNaCl-js project, the source code was found to be bug-free at this point.

[...]

In sum, the testing team is happy to recommend the TweetNaCl-js project as likely one of the safer and more secure cryptographic tools among its competition.

Read full audit report

Installation

You can install TweetNaCl.js via a package manager:

Yarn:

$ yarn add tweetnacl

NPM:

$ npm install tweetnacl

or download source code.

Examples

You can find usage examples in our wiki.

Usage

All API functions accept and return bytes as Uint8Arrays. If you need to encode or decode strings, use functions from https://github.com/dchest/tweetnacl-util-js or one of the more robust codec packages.

In Node.js v4 and later Buffer objects are backed by Uint8Arrays, so you can freely pass them to TweetNaCl.js functions as arguments. The returned objects are still Uint8Arrays, so if you need Buffers, you'll have to convert them manually; make sure to convert using copying: Buffer.from(array) (or new Buffer(array) in Node.js v4 or earlier), instead of sharing: Buffer.from(array.buffer) (or new Buffer(array.buffer) Node 4 or earlier), because some functions return subarrays of their buffers.

Public-key authenticated encryption (box)

Implements x25519-xsalsa20-poly1305.

nacl.box.keyPair()

Generates a new random key pair for box and returns it as an object with publicKey and secretKey members:

{
   publicKey: ...,  // Uint8Array with 32-byte public key
   secretKey: ...   // Uint8Array with 32-byte secret key
}

nacl.box.keyPair.fromSecretKey(secretKey)

Returns a key pair for box with public key corresponding to the given secret key.

nacl.box(message, nonce, theirPublicKey, mySecretKey)

Encrypts and authenticates message using peer's public key, our secret key, and the given nonce, which must be unique for each distinct message for a key pair.

Returns an encrypted and authenticated message, which is nacl.box.overheadLength longer than the original message.

nacl.box.open(box, nonce, theirPublicKey, mySecretKey)

Authenticates and decrypts the given box with peer's public key, our secret key, and the given nonce.

Returns the original message, or null if authentication fails.

nacl.box.before(theirPublicKey, mySecretKey)

Returns a precomputed shared key which can be used in nacl.box.after and nacl.box.open.after.

nacl.box.after(message, nonce, sharedKey)

Same as nacl.box, but uses a shared key precomputed with nacl.box.before.

nacl.box.open.after(box, nonce, sharedKey)

Same as nacl.box.open, but uses a shared key precomputed with nacl.box.before.

Constants

nacl.box.publicKeyLength = 32

Length of public key in bytes.

nacl.box.secretKeyLength = 32

Length of secret key in bytes.

nacl.box.sharedKeyLength = 32

Length of precomputed shared key in bytes.

nacl.box.nonceLength = 24

Length of nonce in bytes.

nacl.box.overheadLength = 16

Length of overhead added to box compared to original message.

Secret-key authenticated encryption (secretbox)

Implements xsalsa20-poly1305.

nacl.secretbox(message, nonce, key)

Encrypts and authenticates message using the key and the nonce. The nonce must be unique for each distinct message for this key.

Returns an encrypted and authenticated message, which is nacl.secretbox.overheadLength longer than the original message.

nacl.secretbox.open(box, nonce, key)

Authenticates and decrypts the given secret box using the key and the nonce.

Returns the original message, or null if authentication fails.

Constants

nacl.secretbox.keyLength = 32

Length of key in bytes.

nacl.secretbox.nonceLength = 24

Length of nonce in bytes.

nacl.secretbox.overheadLength = 16

Length of overhead added to secret box compared to original message.

Scalar multiplication

Implements x25519.

nacl.scalarMult(n, p)

Multiplies an integer n by a group element p and returns the resulting group element.

nacl.scalarMult.base(n)

Multiplies an integer n by a standard group element and returns the resulting group element.

Constants

nacl.scalarMult.scalarLength = 32

Length of scalar in bytes.

nacl.scalarMult.groupElementLength = 32

Length of group element in bytes.

Signatures

Implements ed25519.

nacl.sign.keyPair()

Generates new random key pair for signing and returns it as an object with publicKey and secretKey members:

{
   publicKey: ...,  // Uint8Array with 32-byte public key
   secretKey: ...   // Uint8Array with 64-byte secret key
}

nacl.sign.keyPair.fromSecretKey(secretKey)

Returns a signing key pair with public key corresponding to the given 64-byte secret key. The secret key must have been generated by nacl.sign.keyPair or nacl.sign.keyPair.fromSeed.

nacl.sign.keyPair.fromSeed(seed)

Returns a new signing key pair generated deterministically from a 32-byte seed. The seed must contain enough entropy to be secure. This method is not recommended for general use: instead, use nacl.sign.keyPair to generate a new key pair from a random seed.

nacl.sign(message, secretKey)

Signs the message using the secret key and returns a signed message.

nacl.sign.open(signedMessage, publicKey)

Verifies the signed message and returns the message without signature.

Returns null if verification failed.

nacl.sign.detached(message, secretKey)

Signs the message using the secret key and returns a signature.

nacl.sign.detached.verify(message, signature, publicKey)

Verifies the signature for the message and returns true if verification succeeded or false if it failed.

Constants

nacl.sign.publicKeyLength = 32

Length of signing public key in bytes.

nacl.sign.secretKeyLength = 64

Length of signing secret key in bytes.

nacl.sign.seedLength = 32

Length of seed for nacl.sign.keyPair.fromSeed in bytes.

nacl.sign.signatureLength = 64

Length of signature in bytes.

Hashing

Implements SHA-512.

nacl.hash(message)

Returns SHA-512 hash of the message.

Constants

nacl.hash.hashLength = 64

Length of hash in bytes.

Random bytes generation

nacl.randomBytes(length)

Returns a Uint8Array of the given length containing random bytes of cryptographic quality.

Implementation note

TweetNaCl.js uses the following methods to generate random bytes, depending on the platform it runs on:

  • window.crypto.getRandomValues (WebCrypto standard)
  • window.msCrypto.getRandomValues (Internet Explorer 11)
  • crypto.randomBytes (Node.js)

If the platform doesn't provide a suitable PRNG, the following functions, which require random numbers, will throw exception:

  • nacl.randomBytes
  • nacl.box.keyPair
  • nacl.sign.keyPair

Other functions are deterministic and will continue working.

If a platform you are targeting doesn't implement secure random number generator, but you somehow have a cryptographically-strong source of entropy (not Math.random!), and you know what you are doing, you can plug it into TweetNaCl.js like this:

nacl.setPRNG(function(x, n) {
  // ... copy n random bytes into x ...
});

Note that nacl.setPRNG completely replaces internal random byte generator with the one provided.

Constant-time comparison

nacl.verify(x, y)

Compares x and y in constant time and returns true if their lengths are non-zero and equal, and their contents are equal.

Returns false if either of the arguments has zero length, or arguments have different lengths, or their contents differ.

System requirements

TweetNaCl.js supports modern browsers that have a cryptographically secure pseudorandom number generator and typed arrays, including the latest versions of:

  • Chrome
  • Firefox
  • Safari (Mac, iOS)
  • Internet Explorer 11

Other systems:

  • Node.js

Development and testing

Install NPM modules needed for development:

$ npm install

To build minified versions:

$ npm run build

Tests use minified version, so make sure to rebuild it every time you change nacl.js or nacl-fast.js.

Testing

To run tests in Node.js:

$ npm run test-node

By default all tests described here work on nacl.min.js. To test other versions, set environment variable NACL_SRC to the file name you want to test. For example, the following command will test fast minified version:

$ NACL_SRC=nacl-fast.min.js npm run test-node

To run full suite of tests in Node.js, including comparing outputs of JavaScript port to outputs of the original C version:

$ npm run test-node-all

To prepare tests for browsers:

$ npm run build-test-browser

and then open test/browser/test.html (or test/browser/test-fast.html) to run them.

To run tests in both Node and Electron:

$ npm test

Benchmarking

To run benchmarks in Node.js:

$ npm run bench
$ NACL_SRC=nacl-fast.min.js npm run bench

To run benchmarks in a browser, open test/benchmark/bench.html (or test/benchmark/bench-fast.html).

Benchmarks

For reference, here are benchmarks from MacBook Pro (Retina, 13-inch, Mid 2014) laptop with 2.6 GHz Intel Core i5 CPU (Intel) in Chrome 53/OS X and Xiaomi Redmi Note 3 smartphone with 1.8 GHz Qualcomm Snapdragon 650 64-bit CPU (ARM) in Chrome 52/Android:

| | nacl.js Intel | nacl-fast.js Intel | nacl.js ARM | nacl-fast.js ARM | | ------------- |:-------------:|:-------------------:|:-------------:|:-----------------:| | salsa20 | 1.3 MB/s | 128 MB/s | 0.4 MB/s | 43 MB/s | | poly1305 | 13 MB/s | 171 MB/s | 4 MB/s | 52 MB/s | | hash | 4 MB/s | 34 MB/s | 0.9 MB/s | 12 MB/s | | secretbox 1K | 1113 op/s | 57583 op/s | 334 op/s | 14227 op/s | | box 1K | 145 op/s | 718 op/s | 37 op/s | 368 op/s | | scalarMult | 171 op/s | 733 op/s | 56 op/s | 380 op/s | | sign | 77 op/s | 200 op/s | 20 op/s | 61 op/s | | sign.open | 39 op/s | 102 op/s | 11 op/s | 31 op/s |

(You can run benchmarks on your devices by clicking on the links at the bottom of the home page).

In short, with nacl-fast.js and 1024-byte messages you can expect to encrypt and authenticate more than 57000 messages per second on a typical laptop or more than 14000 messages per second on a $170 smartphone, sign about 200 and verify 100 messages per second on a laptop or 60 and 30 messages per second on a smartphone, per CPU core (with Web Workers you can do these operations in parallel), which is good enough for most applications.

Contributors

See AUTHORS.md file.

Third-party libraries based on TweetNaCl.js

Who uses it

Some notable users of TweetNaCl.js:

npm-compare.com is an independent website designed to help developers choose the most suitable npm packages. We are not affiliated with npm, Inc or npmjs.com, the official website for the npm registry. Please note that npm is a registered trademark of npm, Inc. For more details, please refer to our Terms & Privacy.