Projects / Nettle library

Nettle library

Nettle is a cryptographic library that is designed to fit easily in more or less any context: in crypto toolkits for object-oriented languages (C++, Python, Pike, etc.), in applications like LSH or GNUPG, or even in kernel space. In most contexts, you need more than the basic cryptographic algorithms; you also need some way to keep track of available algorithms and their properties and variants. You often have some algorithm selection process, often dictated by a protocol you want to implement. And as the requirements of applications differ in subtle and not so subtle ways, an API that fits one application well can be a pain to use in a different context, which is why there are so many different cryptographic libraries around. Nettle tries to avoid this problem by doing one thing, the low-level crypto stuff, and providing a simple but general interface to it. In particular, Nettle doesn't do algorithm selection. It doesn't do memory allocation. It doesn't do any I/O. The idea is that one can build several application- and context-specific interfaces on top of Nettle and share the code, testcases, benchmarks, documentation, etc.

Operating Systems

Recent releases

  •  10 Jun 2009 19:21

    Release Notes: This release breaks binary compatibility by splitting the library into two, libnettle and libhogweed, where the latter contains the functions related to public key cryptography. Some other changes that are not backwards compatible have been made. The manual has been contributed to the public domain to enable remixing into documentation of programs that use Nettle. There are new x86_64 implementations of AES and SHA1. On a 2.2 GHz opteron, SHA1 was benchmarked at 250 MByte/s, and AES-128 at 110 MByte/s. AES performance on 32-bit x86 increased by 20-30%.

    •  05 Nov 2004 21:40

      Release Notes: A configure bug has been fixed. The AES section in the manual has been updated.

      •  26 Oct 2004 21:23

        Release Notes: Automake is no longer used. Support for arctwo. Fixes to the libdes compatibility code. By default, the static library is compiled as position independent code. This is needed on some systems to make it possible to link nettle into a dynamically loaded module. Stricter constness typing for the sexp_iterator_assoc and sexp_iterator_check_types arguments. Minor tweaks of arcfour on x86 CPUs, to speed it up on older x86 variants such as PII and PPro. The shared library is intended to be binary compatible with nettle 1.8 through1.10.

        •  08 Feb 2004 10:32

          Release Notes: This release optimizes the C implementation of arcfour and the x86 implementations of arcfour and SHA-1. The benchmark program was improved, there are portability fixes, and there are fixes to make Nettle compile on systems without gmp. There are also other bugfixes.

          •  11 Jan 2004 10:42

            Release Notes: New example programs, demonstrating encrypting and decrypting files using RSA, are included. There is support for systems that don't have alloca or inttypes.h. There is support for the MD2 and MD4 hash functions. There is also new name mangling, to reduce the risk of link collisions.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.