taoensso.nippy.crypto documentation

Alpha - subject to change.
Simple no-nonsense crypto with reasonable defaults. Because your Clojure data
deserves some privacy.

aes128-cached

USE CASE: You want only a small, finite number of passwords (e.g. a limited
           number of staff/admins, or you'll be using a single password to
           encrypt many items).

IMPLEMENTATION: Uses a _very_ expensive (but cached) key hash, and no salt.

PROS: Great amortized encryption/decryption speed. Expensive key hash makes
      attacking any particular key very difficult.
CONS: Using a small number of keys for many encrypted items means that if any
      key _is_ somehow compromised, _all_ items encrypted with that key are
      compromised.

Faster than `aes128-salted`, and harder to attack any particular key - but
increased danger if a key is somehow compromised.

aes128-salted

USE CASE: You want more than a small, finite number of passwords (e.g. each
           item encrypted will use a unique user-provided password).

IMPLEMENTATION: Uses a relatively cheap key hash, but automatically salts
                every key.

PROS: Each key is independent so would need to be attacked independently.
CONS: Key caching impossible, so there's an inherent trade-off between
      encryption/decryption speed and the difficulty of attacking any
      particular key.

Slower than `aes128-cached`, and easier to attack any particular key.

Generated by Codox

Nippy 1.3.0-alpha2 API documentation

Namespaces

Public Vars

taoensso.nippy.crypto documentation

aes128-cached

aes128-salted