Talk:Comparison of cryptography libraries

This article has not yet been rated on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Please add the quality rating to the {{WikiProject banner shell}} template instead of this project banner. See WP:PIQA for details. Articles for creation List‑class This article was reviewed by member(s) of WikiProject Articles for creation. The project works to allow users to contribute quality articles and media files to the encyclopedia and track their progress as they are developed. To participate, please visit the project page for more information.Articles for creationWikipedia:WikiProject Articles for creationTemplate:WikiProject Articles for creationAfC List This article has been rated as List-class on Wikipedia's content assessment scale. This article was accepted on 29 September 2014 by reviewer DGG (talk · contribs). Please add the quality rating to the {{WikiProject banner shell}} template instead of this project banner. See WP:PIQA for details. Software: Computing List‑class This article is within the scope of WikiProject Software, a collaborative effort to improve the coverage of software on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.SoftwareWikipedia:WikiProject SoftwareTemplate:WikiProject Softwaresoftware List This article has been rated as List-class on Wikipedia's content assessment scale. ??? This article has not yet received a rating on the project's importance scale. This article is supported by WikiProject Computing. Please add the quality rating to the {{WikiProject banner shell}} template instead of this project banner. See WP:PIQA for details. Cryptography: Computer science List‑class This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography List This article has been rated as List-class on Wikipedia's content assessment scale. ??? This article has not yet received a rating on the importance scale. This article is supported by WikiProject Computer science.

I was trying to update this page to clarify that Bouncy Castle 1.0.0 (latest version is 1.0.1) has been validated to FIPS 140-2 and has been certified. I am not good enough with the markup used on wikipedia to fix this tho. Can someone help? Source: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2016.htm#2768 — Preceding unsigned comment added by Omarkj (talk • contribs) 22:38, 17 June 2017 (UTC)[reply]

Lightweight Block Ciphers with ARX design have become increasingly popular. The ciphers have a lot of interest for resource constrained devices and Internet of Things. The ciphers include CHAM, LEA, Simon and Speck. It might be a good idea to add a new section for modern Lightweight Block Ciphers designs.

I don't have time to add it now, but I think Tink and TinyCrypt should be included on this page: https://github.com/google/tink https://github.com/intel/tinycrypt — Preceding unsigned comment added by 205.209.193.6 (talk) 17:46, 15 February 2019 (UTC)[reply]

It is documented in the Master branch, but not in 1.1.1, and inspection of the change log (and the 1.1.1 source code) confirms this.

Thus it *will* be supported - but isn't yet. 16:56, 6 February 2020 (UTC) — Preceding unsigned comment added by 62.2.246.66 (talk)

The information provided for Crypto Library is inaccurate and misleading. For example, Open SSL is not certified as standalone. It is certified integrated with RedHat, Ubuntu IBM, etc., etc., It is not possible to test a library, you to run it on some OS.

Every Crypto system certified under the NIST CMVP and passers gets a validation certificate number and it is published in https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search. which is publicly accessible and searchable database.

If there is not certificate number, it is not validated. Open SSL search result did not show a certificate. Therefore Open SSL library itself is not certified. Instead,Opel SSL integrated with, for example is the following integrations are certified.

3667 TrendMicro Inc. Deep Discovery Analyzer OpenSSL Cryptographic Module Software 06/04/2020 3657 Metaswitch Networks Ltd OpenSSL Cryptographic Module for Perimeta SBC Software 05/26/2020 3638 Super Micro Computer, Inc. Supermicro FIPS Object Module for OpenSSL Software 03/31/2020 3622 Canonical Ltd. Ubuntu 18.04 OpenSSL Cryptographic Module Software 02/25/2020

Whomevercrted this Wikipedia page need to correct the information, because it misleads lots of people.

In cryptography the devil is in the detail. In cryptographic security you either secure or insecure (1 or 0). There is no such thing as 1/0! — Preceding unsigned comment added by 2600:1700:1C00:2E80:B07C:2EB4:9FB3:3690 (talk) 21:17, 18 June 2020 (UTC)[reply]

I think we should add BoringSSL and LibreSSL, even though they are forks of OpenSSL and don't have their own articles (even wikipedia redirects boringssl to openssl). They are being used for real applications, and have become valid and popular alternatives to OpenSSL. Not having them in the table gives the false impression that they are not comparable to the other libraries. Chibby0ne (talk) 22:45, 7 August 2020 (UTC)[reply]

LibreSSL has an article, but Boring doesn't. We should include Libre and leave off Boring. - MrOllie (talk) 23:20, 7 August 2020 (UTC)[reply]

I would like to peacefully protest the revert One per customer, please done by MrOllie. This page uses the Implementation column to identify an implementation, not a customer or vendor. In fact, the customer or vendor is already identified by the Initiative column. When someone writes an implementation of an algorithm, that implementation can be in C, in Java, in Ruby, etc. Each are different implementations. Hence each implementations should have its own row in my opinion.

Note also that by having removed Crypto-C ME rows, users will miss the fact that Crypto-J (Java implementation) and Crypto-C ME (C implementation) provide different capabilities. Please look back at the older version, in the Public key cryptography standards and Hash function section, and you will see that the different implementations provides different capabilities.

Yes they share the same BSAFE name, but they are two completely different implementations, hence I believe each implementation deserves its own row.

Bouncy Castle should do the same, as they have a C# and Java implementation. - Security in mind (talk) 13:37, 16 July 2021 (UTC)[reply]

The primary value of this article is as a navigational aid to other Wikipedia articles, in particular, we link only to libraries that are independently notable. Since notability is WP:NOTINHERITED, if there are variant libraries under the same product name, only the primary, notable one should be listed here. If both were to be independently notable (which is not the case here), then we would have two different articles to link to. - MrOllie (talk) 15:42, 21 July 2021 (UTC)[reply]

The primary value of this article is as a navigational aid. I disagree. As the title of this article mentions it, the primary value of this article is to compare implementations of different libraries. The fact that there is a Java and a C implementation / library, and that they provide different capabilities, should convince you that those are independently notable. Sharing the same prefix name is not a valid reason to think they are the same. Users reaching this page uses it to compare features and capabilities. How would you address this to maintain the level of details and quality that page provides? - Security in mind (talk) 16:43, 21 July 2021 (UTC)[reply]

Here from 3O. This article is way out of my field of expertise, but since it has been hanging on 30, I 'll jump in. As I understand there is a disagrement on the scope or value of the article. Before providing an opinion, may I ask: is the topic notable? Cinadon36 12:30, 23 July 2021 (UTC)[reply]

Cinadon36, BSAFE is historically notable - it was the main crypto library until 2000 or so. It had a near monopoly because of a now-expired patent. These variants that came about in the wake of the patent expiry are not really notable. Since Security in mind forgot to mention it when opening this section, I'll also note that they have a COI with regard to BSAFE. MrOllie (talk) 12:42, 23 July 2021 (UTC)[reply]

Please rephrase forgot to mention to was unaware of the COI rules in Wikipedia, which is why I had no issues adding that COI tag in my user talk page. I have nothing to hide. Not everyone are experts at Wikipedia edition (or deletion) as MrOllie is. Security in mind (talk) 12:51, 23 July 2021 (UTC)[reply]

correcttion: adding that COI tag in my user talk page immediatelty after being made aware of it by MrOllie. - Security in mind (talk) 12:55, 23 July 2021 (UTC)[reply]

Well, I assumed you had read the COI guidelines by now and had simply forgotten that provision. - MrOllie (talk) 13:01, 23 July 2021 (UTC)[reply]

I have. From now on I will be the judge to decide if I use {{request edit}}, or if I do the edit myself if I know the changes will not create any objections. Editions from users in COI are Strongly discouraged, not prohibited. - Security in mind (talk) 13:19, 23 July 2021 (UTC)[reply]

Cinadon36, as MrOllie mentioned above, there is notability in this topic. The discussion is about whether two different implementations providing different capabilities should have their own rows / details. C and Java are two completely different programming languages. They can't be considered similar, hence should have their own details uniquely documented, else this article loses its value to document differences between different implementations. - Security in mind (talk) 13:19, 23 July 2021 (UTC)[reply]

I am just asking whether it is notable, so to see how RS are treating this issue. I am not going to send the article to AfD or add a notability banner or whatsoever. Also, the article seems to techincal, not addressing the needs of the general public. Anyway, I was asking about notability, because Me Ollie said above "The primary value of this article is as a navigational aid to other Wikipedia articles..." I didn't know that WP hosted articles that were tools or aids to other wp articles. Now, as for your argument Security in mind, that C and Java are totally different programming languages, it might be true, but general public is not aware of it, and as long as the article does not explain why is it so, the argument weakens. Cinadon36 15:29, 23 July 2021 (UTC)[reply]

I agree this is a technical article. However it is not meant to explain the difference between C and Java, as Programming_language#Implementation already takes care of this. Users reaching this page will have, or are expected to have, the technical knowledge to understand the difference between Java and C. This article compares the implementations and features of different cryptographic libraries. Security in mind (talk) 15:36, 23 July 2021 (UTC)[reply]

@Valerie.peng, I think using "JCA/JCE" for the implementation name is somewhat misleading or confusing, as both are more a framework than an implementation. I'd rather use "Oracle SunJSSE", which is Oracle's implementation of JCA/JCE. There is OpenJDK which could list "OpenJDK SunJSSE" as the implementation name should Oracle add their own tweaks to their implementation compared to the public OpenJDK source. Also, in the hardware-assisted section, what is really providing hardware assistance? Is it the JCA/JCE (Oracle's SunJSSE provider), or is it the JRE itself that provides hardware assistance? Open for discussion. - Security in mind (talk) 19:17, 26 January 2022 (UTC)[reply]