-
rustls
modern TLS library written in Rust
-
curve25519-dalek
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
blake3
hash function
-
sha2
Pure Rust implementation of the SHA-2 hash function family including SHA-224, SHA-256, SHA-384, and SHA-512
-
rsa
Pure Rust RSA implementation
-
webpki-roots
Mozilla's CA root certificates for use with webpki
-
pem
Parse and encode PEM-encoded data
-
openssl
bindings
-
bcrypt
Easily hash and verify passwords using bcrypt
-
rcgen
Rust X.509 certificate generator
-
security-framework
Security.framework bindings for macOS and iOS
-
secrecy
Wrapper types and traits for secret management which help ensure they aren't accidentally copied, logged, or otherwise exposed (as much as possible), and also ensure secrets are securely wiped from memory when dropped
-
der
Pure Rust embedded-friendly implementation of the Distinguished Encoding Rules (DER) for Abstract Syntax Notation One (ASN.1) as described in ITU X.690 with full support for heapless
no_std/no_alloctargets -
snow
A pure-rust implementation of the Noise Protocol Framework
-
aes
Pure Rust implementation of the Advanced Encryption Standard (a.k.a. Rijndael)
-
subtle
Pure-Rust traits and utilities for constant-time cryptographic implementations
-
constant_time_eq
Compares two equal-sized byte strings in constant time
-
coset
Set of types for supporting COSE
-
aws-lc-rs
cryptographic library using AWS-LC for its cryptographic operations. This library strives to be API-compatible with the popular Rust library named ring.
-
sequoia-openpgp
OpenPGP data types and associated machinery
-
group
Elliptic curve group traits and utilities
-
blst
Bindings for blst BLS12-381 library
-
ct-codecs
Constant-time hex and base64 codecs from libsodium reimplemented in Rust
-
cryptoki
Rust-native wrapper around the PKCS #11 API
-
tiny-keccak
Keccak derived functions
-
vsss-rs
Verifiable Secret Sharing Schemes for splitting, combining and verifying secret shares
-
libcrux-ml-kem
Libcrux ML-KEM & Kyber implementations
-
aws-sigv4
SigV4 signer for HTTP requests and Event Stream messages
-
hmac-sha512
A small, self-contained SHA512, HMAC-SHA512, HKDF-SHA512, SHA384, HMAC-SHA384, and HKDF-SHA384 implementation
-
base64ct
Pure Rust implementation of Base64 (RFC 4648) which avoids any usages of data-dependent branches/LUTs and thereby provides portable "best effort" constant-time operation and embedded-friendly no_std support
-
asn1
ASN.1 (DER) parser and writer for Rust
-
fiat-crypto
generated Rust
-
tokio-openssl
SSL streams for Tokio backed by OpenSSL
-
pgp
OpenPGP implementation in Rust
-
schannel
bindings for rust, allowing SSL/TLS (e.g. https) without openssl
-
boring
BoringSSL bindings
-
cryptoxide
pure implementation of various common modern cryptographic algorithms, WASM compatible
-
crypto-primes
Random prime number generation and primality checking library
-
ed25519-compact
A small, self-contained, wasm-friendly Ed25519 implementation
-
openssl-probe
helping to find system-wide trust anchor (“root”) certificate locations based on paths typically used by
openssl -
rustls-platform-verifier
supports verifying TLS certificates in rustls with the operating system verifier
-
tfhe
TFHE-rs is a fully homomorphic encryption (FHE) library that implements Zama's variant of TFHE
-
gridiron
Rust finite field library with fixed size multi-word values
-
ring
An experiment
-
age
[BETA] A simple, secure, and modern encryption library
-
tss-esapi
Rust-native wrapper around TSS 2.0 Enhanced System API
-
secret-vault
secure vault to store securely application secrets in memory from Google/AWS/K8S and environment variables
-
matrix-sdk-crypto
Matrix encryption library
-
pairing
Pairing-friendly elliptic curve library
-
w3f-bls
Aggregate BLS-like signatures
-
light-poseidon
Poseidon hash implementation in Rust
-
pasetors
PASETO: Platform-Agnostic Security Tokens (in Rust)
-
prio
aggregation system core: https://crypto.stanford.edu/prio/
-
ed25519-dalek
Fast and efficient ed25519 EdDSA key generations, signing, and verification in pure Rust
-
authenticator
interacting with CTAP1/2 security keys for Web Authentication. Used by Firefox.
-
x509-certificate
X.509 certificate parser and utility functionality
-
openmls
Messaging Layer Security (MLS) protocol, as defined in RFC 9420
-
russh-keys
Deal with SSH keys: load them, decrypt them, call an SSH agent
-
azure_security_keyvault_keys
Rust wrappers around Microsoft Azure REST APIs - Azure Key Vault Keys
-
bulletproofs
A pure-Rust implementation of Bulletproofs using Ristretto
-
recrypt
A pure-Rust implementation of Transform Encryption, a Proxy Re-encryption scheme
-
mls-rs
Messaging Layer Security (RFC 9420)
-
digest
Traits for cryptographic hash functions and message authentication codes
-
picky-asn1-x509
ASN1 types defined by X.509 related RFCs
-
opaque-ke
OPAQUE password-authenticated key exchange protocol
-
c2pa
Rust SDK for C2PA (Coalition for Content Provenance and Authenticity) implementors
-
cosmian_cover_crypt
Key Policy attribute encryption based on subset cover
-
curve25519-dalek-ml
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
aegis
authenticated ciphers (AEGIS-128, AEGIS-256, AEGIS-128X, AEGIS-256X)
-
p12-keystore
Convenient API to work with PKCS#12 files
-
doe
powerful Rust crate designed to enhance development workflow by providing an extensive collection of useful macros and utility functions. It not only simplifies common tasks but also…
-
snmp2
SNMP v1/v2/v3 sync/async client library with traps and MIB support
-
ecb
Electronic Codebook (ECB) block cipher mode of operation
-
kbs2
A secret manager backed by age
-
strobe-rs
Strobe protocol framework in pure Rust
-
rusty_paseto
A type-driven, ergonomic alternative to JWT for secure stateless PASETO tokens
-
ppv-lite86
Cross-platform cryptography-oriented low-level SIMD library
-
self_encryption
Self encrypting files (convergent encryption plus obfuscation)
-
hashguard
Command-Line tool for ensuring the integrity of files using hash sums
-
sha1_smol
Minimal dependency-free implementation of SHA1 for Rust
-
fips204
FIPS 204: Module-Lattice-Based Digital Signature
-
hmac-sha256
A small, self-contained SHA256, HMAC-SHA256, and HKDF-SHA256 implementation
-
vrf
Fast and extensible Verifiable Random Function (VRF) library; currently supporting secp256k1, secp256r1 and sect163k1 curves
-
fernet
in Rust
-
libpep
polymorphic encryption and pseudonymization
-
tor-keymgr
Key management for the Arti Tor implementation
-
sigstore
An experimental crate to interact with sigstore
-
secrets
Protected-access memory for cryptographic secrets
-
nkeys
NATS nkeys library
-
zkryptium
Rust crypto library for zero-knowledge proofs
-
sshkeys
parsing OpenSSH certificates and public keys
-
djpass
A command-line tool to generate and verify passwords used in Django project
-
s2n-tls
A C99 implementation of the TLS/SSL protocols
-
vnc-rs
An async implementation of VNC client side protocol
-
ssclient
SecureStore client for managing user secrets
-
gst-plugin-sodium
GStreamer plugin for libsodium-based file encryption and decryption
-
g2p
create types that implement fast finite field arithmetic
-
mycel
Encrypted async mailbox for AI CLI agents
-
hakanai
CLI client for Hakanai, a secure secret sharing service
-
noise-protocol
Noise Protocol Framework implementation
-
orion
Usable, easy and safe pure-Rust crypto
-
mbedtls
Idiomatic Rust wrapper for MbedTLS, allowing you to use MbedTLS with only safe code while being able to use such great Rust features like error handling and closures. Building on MbedTLS's focus on embedded use…
-
zipsign-api
Sign and verify
.zipand.tar.gzfiles with an ed25519 signing key -
sequoia-chameleon-gnupg
Sequoia's reimplementation of the GnuPG interface
-
dusk-poseidon
Poseidon hash algorithm over the Bls12-381 Scalar field
-
sigstore-verify
Sigstore signature verification
-
qrc-opensource-rs
The free opensource version of the Quantum Secure Cryptographic library in Rust (QRC)
-
sha256
crypto digest
-
sframe
pure rust implementation of SFrame (RFC 9605)
-
mla
Multi Layer Archive - A pure rust encrypted and compressed archive file format
-
keccak-asm
wrappers for SHA-3 algorithms written in assembly
-
vodozemac
Olm and Megolm
-
aws-lc-fips-sys
AWS-LC is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and their customers. This is the FIPS validated version of AWS-LC.
-
rustls-webpki
Web PKI X.509 Certificate Verification
-
opa-wasm
OPA policies compiled to WASM
-
apr
Rust bindings for Apache Portable Runtime
-
akd
auditable key directory
-
openssl-src
Source of OpenSSL and logic to build it
-
sigstore-verification
Sigstore, Cosign, and SLSA attestation verification library
-
openpgp-card-state
Experimental storage mechanism for openpgp-card device state
-
napa
secure command line password manager
-
p2panda-core
Extensible data-types for secure, distributed and efficient exchange of data
-
dimpl
DTLS 1.2/1.3 implementation (Sans‑IO, Sync)
-
mwa_giant_squid
MWA ASVO command line client
-
pqcrypto-traits
Shared traits for post-quantum cryptographic primitives
-
quichash
High-performance cryptographic hash utility with SIMD optimization
-
frost-core
Types and traits to support implementing Flexible Round-Optimized Schnorr Threshold signature schemes (FROST)
-
delsum
Reverse Engineer's Toolbox for Checksums
-
boring2
BoringSSL bindings
-
x25519-dalek
X25519 elliptic curve Diffie-Hellman key exchange in pure-Rust, using curve25519-dalek
-
safecloset
Secret Keeper
-
gpg-tui
Manage your GnuPG keys with ease!
-
cryptographic-message-syntax
A pure Rust implementation of Crypographic Message Syntax (RFC 5652)
-
rbw
Unofficial Bitwarden CLI
-
wdcrypt
CLI to encrypt the current working directory with Fernet encryption
-
ap-relay
activitypub relay
-
gf256
containing Galois-field types and utilities
-
classic-mceliece-rust
Pure rust implementation of the PQC scheme Classic McEliece
-
yara-x
A pure Rust implementation of YARA
-
keygen-rs
Unofficial Rust SDK for integrating with the keygen.sh licensing service
-
signify-rs
OpenBSD-compatible file signing & verification tool
-
jaz
Find secrets hidden in commits
-
crystals-dilithium
Pure Rust implementation of CRYSTALS-Dilithium and ML-DSA (FIPS 204) digital signatures
-
tdigests
An efficient Rust implementation of the t-digest algorithm
-
saorsa-pqc
Post-Quantum Cryptography library for Saorsa Labs projects
-
shadowsocks-crypto
Shadowsocks Crypto
-
rs-clip-bridge-client
Cross-platform clipboard sync client for rs-clip-bridge. Monitors local clipboard changes and synchronizes them with a remote server via WebSockets. All clipboard data is encrypted using ChaCha20-Poly1305.
-
paper-age
Easy and secure paper backups of secrets
-
rsop
SOP CLI tool based on rPGP and rpgpie
-
aws-esdk
implementing client side encryption
-
gix-validate
Validation functions for various kinds of names in git
-
mls-spec
repository of MLS / RFC9420-related data structures
-
lrwn
encoding / decoding LoRaWAN frames
-
fips203
FIPS 203: Module-Lattice-Based Key-Encapsulation Mechanism
-
internal-russh-forked-ssh-key
Pure Rust implementation of SSH key file format decoders/encoders as described in RFC4251/RFC4253 and OpenSSH key formats, as well as "sshsig" signatures and certificates (including…
-
aegis_vm
Advanced Rust code virtualization and obfuscation framework
-
dryoc
Don't Roll Your Own Crypto: pure-Rust, hard to misuse cryptography library
-
sigstore-trust-root
Sigstore trusted root management and parsing
-
datasynth-fingerprint
Privacy-preserving synthetic data fingerprinting for DataSynth
-
ieee80211
A parser for IEEE 802.11 frames
-
webpki
Web PKI X.509 Certificate Verification
-
apple-cryptokit-rs
wrapper around Apple's native CryptoKit framework for App Store compliant cryptography
-
aws-nitro-enclaves-cose
aims to provide a safe Rust implementation of COSE, with COSE Sign1 currently implemented
-
product-os-security
Product OS : Security provides a suite of helper tools to easily perform cryptographic operations including generating hashes, encrypting and decrypting content
-
libcrux-hmac
Libcrux HMAC implementation
-
generic-ec
General elliptic curve cryptography
-
b3sum
a command line implementation of the BLAKE3 hash function
-
halo2curves
Elliptic curve implementations and wrappers for halo2 library
-
sequoia-wot
OpenPGP's web of trust
-
shad3
App for hashing entries in blocklists
-
tor-cert
Non-standard certificate formats used by Tor
-
signet-cli
CLI tool for Signet cryptographic action receipts
-
fluxencrypt
A high-performance, secure encryption SDK for Rust applications
-
nam-blstrs
High performance implementation of BLS12 381
-
p12
pure rust pkcs12 tool
-
openssh-keys
read and write OpenSSH public keys
-
jwk-simple
JWK/JWKS for Rust and WASM (RFC 7517, 7518, 7638, 8037, 9864) with jwt-simple integration
-
murk-cli
Encrypted secrets manager for developers — one file, age encryption, git-friendly
-
biscuit-cli
a CLI to manipulate biscuit tokens
-
ece
Encrypted Content-Encoding for HTTP Rust implementation
-
rufendec
lightweight CLI tool for AES-256 encryption and decryption, preserving file names and directory structure. With support for ECB/GCM modes, it simplifies securing and restoring files with ease, all powered by Rust.
-
keccak-hash
keccak-hashis a set of utility functions to facilitate working with Keccak hashes (256/512 bits long) -
dnssec-prover
allows for the creation and validation of transferrable proofs of entries in the DNS
-
cmn
121 mathematical, physical, and cryptographic constants for Rust — no_std, WASM-ready, compile-time const, typed runtime lookup, 14 utility macros
-
subduction_core
Subduction: sync protocol for replicating Sedimentrees between peers
-
x509-verify
Pure Rust library that verifies X.509 signatures based on the algorithm identifiers
-
ssh-agent-client-rs
Pure rust implementation of the ssh-agent protocol. It can be used to write clients that interact with the ssh agent.
-
nethsm-sdk-rs
Rust SDK to communicate with Nitrokey NetHSM
-
rustls-pki-types
Shared types for the rustls PKI ecosystem
-
crtshmon
Monitor crt.sh for new certificates
-
nest-data-source-api
NEST Data Source API Service
-
rustack-sns-core
SNS business logic for Rustack
-
circom-witness-rs
Fast witness generator for Circom circuits
-
giant-spellbook
cryptographic multi-tool with file analysis, encoding, bitflipping, splitting, hashing, encryption, signing, and more
-
sha1
SHA-1 hash function
-
envbroker
Secure your
.envfile from coding agent doing stupid execution -
hpke
hybrid encryption standard (RFC 9180) in pure Rust
-
git-simple-encrypt
Encrypt/decrypt files in your git repo using only one password
-
ironcore-alloy
IronCore Labs SDK for all your different Application Layer Encryption needs
-
ensync
A flexible ENcrypted file SYNChroniser suitable for uses where the central location is not fully trusted
-
red_asn1
A little library to encode/decode ASN1 DER
-
sendcipher
Command line interface for encrypted file sharing at sendcipher.com
-
dbus-secret-service
interface with Secret Service API over DBUS
-
matrix-sdk-store-encryption
Helpers for encrypted storage keys for the Matrix SDK
-
encrypt_config
manage, persist and encrypt your configurations
-
threema-gateway
Official Rust SDK for Threema Gateway
-
kms-aead
KMS/AEAD envelope encryption for GCP/AWS KMS and Ring AEAD encryption
-
jaws
JSON Algorithms and Web Signing
-
cross-krb5
Safe cross platform Kerberos v5 interface
-
tough
The Update Framework (TUF) repository client
-
qp-rusty-crystals-dilithium
Pure Quantus RUST implementation of CRYSTALS-Dilithium digital signature scheme
-
ort-openrouter-cli
Open Router CLI
-
picky
Portable X.509, PKI, JOSE and HTTP signature implementation
-
nuts-container
A secure storage library
-
rsacracker
Powerful RSA cracker for CTFs. Supports RSA, X509, OPENSSH, PKCS#12, PKCS#7, and CSR in PEM and DER formats.
-
udigest
Unambiguously digest structured data
-
rust-kpdb
reading/writing KeePass 2 and KeePassX databases
-
exaf-rs
Extensible archiver format
-
prople-did-core
A set of core libraries to manage the DID data and objects based on Prople system requirements
-
brutecraber
A blazing-fast, multithreaded hash cracker built with Rust
-
crypt_guard
CryptGuard is a post-quantum cryptography library with support for Kyber, Falcon, Dilithium in combination with AES and XChaCha20
-
shiguredo_srt
SRT (Secure Reliable Transport) library
-
rattler_digest
used by rattler crates to compute different hashes from different sources
-
sgx_pkix
TLS Certificate encoding and decoding helpers for the SGX environment
-
hanko
Keeps your Git allowed signers file up to date with signing keys configured on software development platforms like GitHub and GitLab
-
inspect-cert-chain
OpenSSL-like text output for debugging certificate chains
-
qatsi
Stateless secret generation via hierarchical memory-hard key derivation using Argon2id
-
wascap
wasmCloud Capabilities. Library for extracting, embedding, and validating claims
-
paq
Hash file or directory recursively
-
enc_file
Password-based file encryption tool with a versioned header, AEAD, Argon2id KDF, and streaming mode. Library + CLI + GUI.
-
odoh-rs
Oblivious DNS over HTTPS (ODoH) protocol version 1
-
affinidi-did-common
Affinidi DID Library
-
pq-key-encoder
Post-quantum key encoding (DER, PEM, JWK) for ML-KEM, ML-DSA, SLH-DSA
-
tibet-trust-kernel
Zero-trust security foundation — AES-256-GCM encryption, SHA-256 integrity, sandboxed execution, cross-machine memory transport. For finance, IoT, AI, databases, anything zero-trust.
-
openssl-sys
FFI bindings to OpenSSL
-
verifysign
cargo used to verify digital code signature on files
-
underskrift
PDF digital signing library — PAdES B-B through B-LTA, PKCS#7, visible/invisible signatures, LTV, and verification
-
oqs
interface to Open-Quantum-Safe's liboqs
-
salty
Small, sweet, swift Ed25519 signatures for microcontrollers
-
pem-select
A CLI tool for extracting certificates from PEM bundles
-
playfair_cipher
Playfair, Two square and Four square cipher
-
s3-simple
fast and efficient s3 client for bucket operations
-
kcr_kyverno_io
Kubernetes Custom Resource Bindings
-
glass_pumpkin
A cryptographically secure prime number generator based on rust's own num-bigint and num-integer
-
nu_plugin_nw_ulid
Production-grade ULID (Universally Unique Lexicographically Sortable Identifier) utilities plugin for Nushell with cryptographically secure operations, enterprise-grade security, and streaming support
-
sehercode
CLI tool to monitor Claude API rate limits and execute code after reset
-
sirr
CLI client for Sirr — push, get, and manage ephemeral secrets
-
mpvss-rs
Publicly Verifiable Secret Sharing Library
-
clubcard
exact membership query filter for static sets
-
cosmian_crypto_core
Cosmian base cryptographic library
-
instant-acme
Async pure-Rust ACME client
-
blsful
BLS signature implementation according to the IETF spec on the BLS12-381 curve
-
clatter
no_std compatible implementation of Noise protocol framework with Post-Quantum extensions
-
product-os-random
Product OS : Random provides a suite of random generator tools for different contexts. This includes random text, number and key generators including cryptographically secure random generation.
-
frost-ed25519
A Schnorr signature scheme over Ed25519 that supports FROST
-
cognitum-gate-tilezero
Native arbiter for TileZero in the Anytime-Valid Coherence Gate
-
uselesskey
Deterministic cryptographic key and certificate fixtures for Rust tests. Seed-stable, cached, scanner-safe.
-
rust_keylock_shell
Shell access to the rust-keylock. rust-keylock is a password manager with goals to be Secure, Simple to use, Portable and Extensible.
-
zff
interact with zff, a file format for forensic images
-
secure-gate
Secure wrappers for secrets with explicit access and mandatory zeroization — no_std-compatible, zero-overhead library with audit-friendly access patterns
-
dco3_crypto
Symmetric and asymmetric encryption for DRACOON in Rust
-
clawdentity-cli
Clawdentity Rust CLI for identity onboarding, provider setup, and connector operations
-
libp2p-noise
Cryptographic handshake protocol using the noise framework
-
treeship-cli
Portable trust receipts for agent workflows - CLI
-
multihash-codetable
Default multihash code-table with cryptographically secure hash implementations
-
edgee-server
The full-stack edge platform for your edge oriented applications (server part)
-
cose-rust
COSE Rust implementation
-
jubjub-schnorr
A pure-Rust implementation of Schnorr signatures with a PLONK circuit module additionally
-
nethsm-cli
A CLI for the Nitrokey NetHSM
-
sd-jwt-payload
Selective Disclosure JWTs (SD-JWT)
-
gxt-cli
Minimal, encrypted, signed and copy-pasteable tokens for manual data exchange between games
-
qfall-schemes
Collection of prototype implementations of lattice-based cryptography
-
aranya-afc-util
using Aranya Fast Channels
-
deno_native_certs
deno-native-certs loads native certificate store into rustls
-
oboron
Encryption and encoding library for developer ergonomics: prefix entropy, compact outputs, high performance
-
aef
An encrypted file archiver
-
jwt-hack
Hack the JWT (JSON Web Token) - A tool for JWT security testing and token manipulation
-
tangy
Tang server implementation
-
web-bot-auth
Web Bot Authentication using HTTP Message Signatures
-
cuaimacrypt
symmetric hybrid cipher engine — block cipher and stream cipher combined
-
hai-cli
A CLI with a REPL for hackers using LLMs
-
pgen
Passphrase Generator
-
vitaminc
cryptographic suite by CipherStash
-
sha3sum
compute and check SHA3 message digest
-
geneos-toolkit
building Geneos Toolkit compatible applications
-
vmprotect
Unofficial VMProtect SDK for Rust
-
cryptocol
cryptographic library that includes big number arithmetic operations, hash algorithms, symmetric-key encryption/decryption algorithms, asymmetric-key (public-key) encryption/decryption algorithms…
-
rescue_poseidon
Sponge construction based Algebraic Hash Functions
-
rustls-symcrypt
rustls crypto provider model for SymCrypt
-
fpe
Format-preserving encryption
-
rustgenhash
generate hashes from the command line
-
confidential-ml-transport
Attestation-bound encrypted tensor transport for confidential ML inference
-
libcrux-ml-dsa
Libcrux ML-DSA implementation
-
assay-registry
Pack registry client for remote pack distribution (SPEC-Pack-Registry-v1)
-
kanidm-hsm-crypto
easily interacting with a HSM or TPM
-
fatoora-core
Rust Fatoora/ZATCA SDK with C ABI and multi-language bindings
-
flexible-transcript
transcript trait definition, along with viable options
-
sha1collisiondetection
SHA-1 hash function with collision detection and mitigation
-
jubjub-plus
Jubjub elliptic curve group
-
oxo-license-issuer
CLI maintenance tool for issuing and managing oxo-license signed licenses
-
l-s
Summary any file‘s meta
-
minio-rsc
minio, api is compliant with the Amazon S3 protocol
-
proofmode
Capture, share, and preserve verifiable photos and videos
-
native-pkcs11
Cross-platform PKCS#11 module written in rust. Can be extended with custom credential backends.
-
p256
Pure Rust implementation of the NIST P-256 (a.k.a. secp256r1, prime256v1) elliptic curve as defined in SP 800-186, with support for ECDH, ECDSA signing/verification, and general purpose curve arithmetic
-
gloves
seamless secret manager and handoff
-
dcap-qvl-webpki
Fork of rustls-webpki to support single cert CRL check
-
rgp
Enabling E2EE for a range of applications
-
bdrck
Generic common foundational utilities
-
az-cvm-vtpm
Package with shared code for Azure Confidential VMs
-
yimi-rutool
A comprehensive Rust utility library inspired by Hutool
-
crypto_bastion
Hardened post-quantum MLSigcrypt signcryption crate
-
zfuel
types used for a mutual credit accounting system
-
cyphergraphy
Implementation-independent abstractions for main cryptographic algorithms (part of cyphernet suite)
-
winter-rand-utils
Random value generation utilities for Winterfell crates
-
biscuit-parser
Datalog parser used in the biscuit-auth and biscuit-quote crates
-
rshc
compile shell script(or expect script) to Rust code and binary
-
sketches
Probabilistic data structures for scalable approximate analytics
-
turboshake
A family of extendable output functions (XOFs) based on 12-rounds Keccak[1600] permuation
-
midnight-curves
BLS12 381 and Jubjub curves
-
ssh-vault
encrypt/decrypt using ssh keys
-
readable-hash
Human-readable hash representations for easy verification and data obfuscation
-
tfhe-zk-pok
zero-knowledge proofs of encryption for TFHE
-
hyper-openssl
Hyper TLS support via OpenSSL
-
wolfssl
High-level bindings for WolfSSL
-
hexvault
Cascading cell-partitioned encryption architecture
-
pf8
encoding and decoding artemis PF8 archive files
-
paas-client
PEP Authorization API Service client
-
elf2tab
Compiles from ELF to TAB (a Tock Application Bundle using the Tock Binary Format)
-
Mademoiselle_Entropia
Extremely strong, stupidly simple and relatively fast symmetric cipher.. check out the Readne for explanation. Have a great day, Dear User 💯❤️
-
tap-agent
Transaction Authorization Protocol (TAP)
-
agent-mesh-core
Core types for agent-mesh: identity, messages, ACL, Noise handshake
-
rustls-jls
Rustls is a modern TLS library written in Rust
-
cosmian_findex
Symmetric Searchable Encryption
-
ascon-core
Pure Rust implementation of the Ascon permutation
-
b4ae
B4AE (Beyond For All Encryption) - Quantum-resistant secure communication protocol
-
t-rust-less-lib
Password manager library
-
crab-cryptor
file cryptor
-
minisign-verify
A small, zero-dependencies crate to verify Minisign signatures
-
crrl
cryptographic research
-
deterministic-hash
Create deterministic hashes regardless of architecture
-
c5store
A comprehensive Rust library for unified configuration and secret management, supporting various sources, typed access, and local encryption
-
embedded-tls
TLS 1.3 client with no_std support and no allocator
-
rustack-s3-core
S3 service implementation for Rustack
-
cocoon
protected container with strong encryption and format validation
-
grammers-crypto
Several cryptographic utilities to work with Telegram's data
-
tls-api
TLS API without implementation
-
cryptovec
A vector which zeroes its memory on clears and reallocations
-
jwtk
JWT signing (JWS) and verification, with first class JWK and JWK Set (JWKS) support
-
saorsa-gossip-groups
MLS group management wrapper for Saorsa Gossip (RFC 9420 compliant)
-
news-backend
Personalized article recommendations without profiling or cookies
-
img4-dump
Extracts payloads and metadata from IMG4/IM4P/IM4M; decrypts with user-supplied IV+Key; optional LZFSE/LZSS decompress
-
labscript
Prescription PDF generator with e-signature and QR verification
-
tss-esapi-sys
FFI wrapper around TSS 2.0 Enhanced System API
-
keyquorum
Shamir secret sharing daemon for distributed key quorum
-
xts-mode
XTS block mode implementation in rust
-
threshold-ml-dsa
Threshold ML-DSA (FIPS 204) via the Mithril scheme (ePrint 2026/013)
-
canus-lupus
— Post-quantum Swiss Army Knife CLI (Layer 2 of the canus-lupus stack)
-
binstalk-types
The binstall toolkit that contains basic types for binstalk crates
-
crabapple
iOS backup decryption and encryption
-
enx
Rails-credentials-style encrypted env workflow for Unix projects
-
arcanum-primitives
Native cryptographic primitives for Arcanum
-
hmac
Generic implementation of Hash-based Message Authentication Code (HMAC)
-
bitbottle
a modern archive file format
-
libvault
modified from RustyVault
-
muddy
literal string obfuscation library
-
voprf
verifiable oblivious pseudorandom function (VOPRF)
-
bl4
Borderlands 4 save editor library - encryption, decryption, and parsing
-
blossom-rs
Full-featured Blossom (BUD-01) blob storage library for Rust — embeddable server, async client, BIP-340 Nostr auth
-
vertrule-verifier
Public-facing verifier for VertRule receipt envelopes -- zero private runtime-stack dependencies
-
caesar_cipher_enc_dec
can easily use caesar cipher
-
tindercrypt
Data encryption with symmetric cryptographic keys or passwords/passphrases, and self-contained encryption metadata
-
libherokubuildpack
Opinionated common code for buildpacks implemented with libcnb.rs
-
hunt-scan
MCP agent scanning and vulnerability detection for clawdstrike hunt
-
openpgp-card-tools
inspecting, configuring and using OpenPGP cards
-
cert-dump
High-performance X.509 certificate scanner and extractor for binary files
-
tardigrade
Modern archive tool — tar for 2026
-
astrid-audit
Chain-linked cryptographic audit logging for Astrid
-
elastic-elgamal
ElGamal encryption and related zero-knowledge proofs with pluggable crypto backend
-
lakers
EDHOC (RFC 9528)
-
rooster
password manager
-
nitro-tpm-attest
Retrieve a signed attestation document from the NitroTPM
-
jacs
JACS JSON AI Communication Standard
-
llm-secrets
Workload identity for AI agents — prove who you are, access only what you should, for only as long as you need
-
localsend-rs
LocalSend protocol - cross-platform file transfer tool
-
rsecure
file encryption and decryption tool using AES-GCM
-
opentalk-roomserver-module-e2ee
End-to-end encryption module for the OpenTalk RoomServer
-
opensefaz-cli
CLI para manipulação de documentos fiscais eletrônicos
-
smpl_jwt
Very simple JWT generation lib
-
c2patool
displaying and creating C2PA manifests
-
json-proof-token
based on the new JOSE Working Group draft specifications: JSON Web Proof (JWP), JSON Proof Token (JPT) and JSON Proof Algorithm (JPA)
-
mesh-core
Wire types, CBOR serialization, Ed25519 identity, and content-addressed hashing for the MARS protocol
-
compass-cli
Interactive README runner and onboarding guide
-
tdx-quote
Parses and verifies Intel TDX quotes
-
rust_tokio_kcp
A kcp implementation for tokio
-
zipsign
Sign and verify
.zipand.tar.gzfiles with an ed25519 signing key -
ruscrypt
⚡ Lightning-fast cryptography toolkit built with Rust - A comprehensive CLI tool for classical and modern cryptographic operations
-
qasa
Post-quantum cryptography implementation using CRYSTALS-Kyber and CRYSTALS-Dilithium for quantum-safe communications
-
libsmx
Pure-Rust, no_std, constant-time SM2/SM3/SM4/SM9 Chinese cryptography (GB/T 32918/32905/32907/38635)
-
krill
Resource Public Key Infrastructure (RPKI) daemon
-
pqc-binary-format
Standardized binary format for post-quantum cryptography encrypted data interchange
-
crypto-glue
A facade over the RustCrypto ecosystem
-
herolib-crypt
secure asymmetric cryptography: signing and encryption using Ed25519
-
blind-rsa-signatures
RSA blind signatures in pure Rust
-
prolock
securely storing secrets like passwords and plain text snippets in a password-protected file
-
prollytree
A prolly (probabilistic) tree for efficient storage, retrieval, and modification of ordered data
-
git-surgeon
Surgical git hunk control for AI agents
-
moq-token
Media over QUIC - Token Generation and Validation
-
happy-cracking
A fast, comprehensive CTF toolkit for cryptographic encoding/decoding, classic ciphers, hash operations, and analysis tools
-
xml-sec
Pure Rust XML Security: XMLDSig, XMLEnc, C14N. Drop-in replacement for libxmlsec1.
-
securestore
API for creating or decrypting user secrets
-
xmlsec
Wrapper for xmlsec1 library
-
fract
A Hyperchaotic, Quantum-Resistant, Minimalist Cryptographic Hash
-
yubirs-tools
Command line tools for interacting with YubiKeys, based upon yubirs
-
vmadm
Administer virtual machines in local libvirt
-
httpsig
IETF RFC 9421 of http message signatures
-
punchline
P2P encrypted TUI messenger using Noise IK over UDP
-
byte-array-ops
no_std-compatible library for security-by-default byte array operations. Includes automatic memory zeroization, constant-time utilities, multiple input formats (hex, binary, UTF-8)…
-
sphinx-packet
A Sphinx packet implementation in Rust
-
printwell-pdf
PDF manipulation features (forms, signing) for Printwell
-
subduction_crypto
Cryptographic types for Subduction: signed payloads, verification witnesses
-
kestrel-cli
Kestrel file encryption program
-
rns-crypto
Cryptographic primitives for the Reticulum Network Stack
-
tongsuo-src
Source of Tongsuo and logic to build it
-
minisign
sign files and verify signatures
-
trustless-provider-filesystem
Filesystem-based key provider for trustless
-
why2
Lightweight, fast, secure, and easy to use encryption system
-
cipherstash-client
The official CipherStash SDK
-
darkbio-crypto
Cryptography primitives and wrappers
-
reqsign-volcengine-tos
Volcengine TOS signing implementation for reqsign
-
fheanor
that provides fast implementations of rings commonly used in homomorphic encryption, built on feanor-math
-
protofish2
Non-blocking Stream Transportation
-
arq-restore
A program to restore backups created with Arq 6 and 7
-
lorawan
structures and tools for reading and writing LoRaWAN messages from and to a slice of bytes
-
cesride
Cryptographic primitives for use with Composable Event Streaming Representation (CESR)
-
datafusion-postgres-cli
Command-line tool for DataFusion's Postgres Protocol frontend
-
hpke-dispatch
runtime algorithmic selection for hybrid public key encryption
-
agentic-identity
Cryptographic identity anchor for AI agents — persistent identity, signed actions, revocable trust
-
pkix
TLS Certificate encoding and decoding helpers
-
hofmann-rfc
RFC 9380 (Hash-to-Curve), RFC 9497 (OPRF), and RFC 9807 (OPAQUE)
-
merkle-search-tree
A data structure for efficient state-based CRDT replication and anti-entropy
-
weirwood
Privacy-preserving XGBoost inference via Fully Homomorphic Encryption
-
neco-vault
minimum dependency memory-only signing vault built on neco-secp
-
cryptotensors
extension of safetensors that adds encryption, signing, and access control (Rego-based policy engine) while maintaining full backward compatibility with the safetensors format. It…
-
cerememory-transport-grpc
gRPC transport binding for CMP
-
qcicada
SDK for the QCicada QRNG (Crypta Labs) — macOS-first, works on Linux too
-
lxmf-core
Core LXMF message format, constants, and stamp validation (no_std)
-
aws-lc-sys
AWS-LC is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and their customers. It іs based on code from the Google BoringSSL project and the OpenSSL project.
-
botan
Rust wrapper for Botan cryptography library
-
lockstitch
incremental, stateful cryptographic primitive for symmetric-key cryptographic operations in complex protocols
-
ciphersuite
Ciphersuites built around ff/group
-
kangarootwelve_xkcp
An FFI wrapper for the XKCP implementation of the KangarooTwelve hash function
-
ret2script
Checker script runner for Ret2Shell - A feature-riches CTF challenge platform
-
devolutions-crypto
An abstraction layer for the cryptography used by Devolutions
-
negentropy
set-reconciliation protocol
-
polytune
Maliciously-Secure Multi-Party Computation (MPC) Engine using Authenticated Garbling
-
native-ossl
Native Rust idiomatic bindings to OpenSSL
-
sl-messages
Message exchange for MPC protocols
-
ssi-vc-jose-cose
Securing Verifiable Credentials using JOSE and COSE with the
ssilibrary -
mbedtls-smx
Idiomatic Rust wrapper for MbedTLS, allowing you to use MbedTLS with only safe code while being able to use such great Rust features like error handling and closures. Building on MbedTLS's focus on embedded use…
-
pqc_kyber
post-quantum Kyber KEM algorithm
-
reishi-handshake
Pure, sans-IO implementation of the Noise IK handshake with optional post-quantum hybrid mode
-
siguldry
Sigul protocol
-
kitty-rc
controlling kitty terminal emulator via its remote control protocol
-
rust_ev_crypto_primitives
Crypto Primitives necessary for E-Voting Applications
-
dotenvage
Dotenv with age encryption: encrypt/decrypt secrets in .env files
-
pact_verifier_cli
Standalone pact verifier for provider pact verification
-
fastmurmur3
Fast non-cryptographic hash, with the benchmarks to prove it
-
wolfssl-wolfcrypt
Rust wrapper for wolfssl C library cryptographic functionality
-
witnet-bn
Pairing cryptography with the Barreto-Naehrig curve
-
shield-core
EXPTIME-secure encryption library - Rust core implementation
-
servo-script
A component of the servo web-engine
-
rustls-cng
Windows CNG API bridge for rustls
-
shamirsecretsharing
Shamir secret sharing library for Rust
-
dudect-bencher
DudeCT constant-time function tester
-
deno_net
Networking for Deno
-
ruma-common
Common types for other ruma crates
-
secure-crypt
Ultra secure encryption/decryption tool using Rust + libsodium with zero secret leakage
-
fiscal
Brazilian fiscal document library (NF-e/NFC-e) — Rust port of sped-nfe
-
paseto-pq
Post-quantum PASETO tokens with RFC-compliant footer authentication using ML-DSA signatures
-
pdfk
Modern PDF password CLI
-
saorsa-fec
Quantum-safe erasure coding with post-quantum cryptography using saorsa-pqc
-
rskit
rust kit
-
fynx-proto
Production-ready SSH and IPSec/IKEv2 protocol implementations with comprehensive testing and high-level APIs
-
vcl-protocol
Cryptographically chained packet transport with QUIC, cross-platform TUN, and bug fixes
-
env_encryption_tool
Rust-based .env (dotenv) file encryption & decryption tool - store & retrieve your app environment variables safely 😎 now Post-Quantum-safe!
-
certradar-cli
Certificate transparency and SSL/TLS security analysis CLI tool
-
tenuo
Agent Capability Flow Control - Rust core library
-
obscura-server
A server for relaying secure messages using the Signal Protocol
-
hkdf
HMAC-based Extract-and-Expand Key Derivation Function (HKDF)
-
bls48581
BLS signature implementation using the BLS48-581 curve with KZG commitments
-
recipe
Dynamic binary composition and low level manifest orchestration. Defines the blueprints and deterministic procedures for the Honest-Classified security ecosystem.
-
opensecret
Rust SDK for OpenSecret - secure AI API interactions with nitro attestation
-
cerememory-core
Core types, traits, and CMP protocol definitions for Cerememory
-
tauri-plugin-secure-element
Tauri plugin for secure element use on iOS (Secure Enclave) and Android (Strongbox and TEE)
-
aws-db-esdk
implementing client side encryption with DynamoDB
-
poulpy-schemes
A backend agnostic crate implementing mainsteam RLWE-based FHE schemes
-
libsession
Session messenger core library - cryptography, config management, networking
-
ashcore
ASH (Application Security Hash) — RFC 8785 compliant request integrity verification with anti-replay protection
-
keeper-secrets-manager-core
Rust SDK for Keeper Secrets Manager
-
yubikey-signer
YubiKey code signing utility
-
rpgm-asset-decrypter-lib
decrypting/encrypting RPG Maker MV/MZ audio and image assets
-
xor_cryptor
A encryption/decryption library using bitwise xor
-
rust_helpers
help with projects
-
sad-rsa
Hardened pure Rust RSA implementation with Marvin attack mitigation
-
kanoniv-agent-auth
Sudo for AI agents - cryptographic delegation, Ed25519 identity, and signed audit trails
-
cubehash
(rev2/rev3) hashing with SIMD acceleration and portable fallback
-
chacha20poly1305
Pure Rust implementation of the ChaCha20Poly1305 Authenticated Encryption with Additional Data Cipher (RFC 8439) with optional architecture-specific hardware acceleration. Also contains…
-
pqready
A cross-platform CLI tool to test for quantum-secure TLS/HTTPS encryption support
-
bab_rs
Bab family of hash functions, and its WILLIAM3 instantiation
-
mitoo
toolkit library that encapsulates methods such as configuration reading, file operations, encryption and decryption, transcoding, regular expressions, threading, collections, trees…
-
clasp-registry
Entity registry for CLASP - persistent identity for devices, users, and services
-
fastcert
zero-config tool for making locally-trusted development certificates
-
gun-rs
A realtime, decentralized, offline-first, graph data synchronization engine (Rust port)
-
chuchi-crypto
Crypto library providing encryption and signing
-
nabla-cli
An OSS tool for reverse engineering and binary composition analysis
-
rama-boring
BoringSSL bindings for Rama
-
ockam_transport_websocket
WebSocket Transport for the Ockam Routing Protocol
-
wolfcrypt-wrapper
Rust wrapper for wolfssl C library cryptographic functionality
-
sentinel-crypto
Cryptographic utilities for Cyberpath Sentinel, including hashing and signing
-
tf-registry
A high-performance, asynchronous implementation of the Terraform Provider Registry protocol, powered by Tokio and Axum
-
nexcore-codec
Zero-dependency codec library (hex, base64, percent-encoding) for NexCore ecosystem
-
rops
SOPS-like library in pure Rust
-
pq-oid
OID constants for all PQ algorithms (ML-KEM, ML-DSA, SLH-DSA)
-
omnibor
Reproducible software identity and fine-grained build dependency tracking
-
rvf-crypto
RuVector Format cryptographic primitives -- SHA-3 hashing and Ed25519 signing
-
c2-chacha
The ChaCha family of stream ciphers
-
challenge-bypass-ristretto
implemention of the privacy pass cryptographic protocol using the Ristretto group (WIP)
-
bizinikiwi-bn
Pairing cryptography with the Barreto-Naehrig curve
-
secrets-tweaked
Protected-access memory for cryptographic secrets
-
win-crypto-ng
Safe bindings to Windows Cryptography API: Next Generation
-
kindi
Cryptographic evidence hunter for embedded firmware and software supply chains. SIMD Aho-Corasick, Rayon parallel, 33-175x faster, 8 fuzz targets, zero unsafe.
-
greentic-dw-providers-common
Shared support crate for Greentic DW provider scaffolding
-
mls-rs-crypto-hpke
HPKE implementation based on mls-rs-crypto-traits used by mls-rs
-
cyber-hemera
Hemera — Poseidon2 hash over Goldilocks field
-
djangohashers
port of the password primitives used in Django project
-
korrosync
A KOReader Sync Server
-
hashtree-core
content-addressed merkle tree with KV storage
-
latticearc
Production-ready post-quantum cryptography. Hybrid ML-KEM+X25519 by default, all 4 NIST standards (FIPS 203–206), post-quantum TLS, and FIPS 140-3 backend — one crate, zero unsafe.
-
sl-mpc-mate
secure multi-party computation
-
shadowforge
Quantum-resistant steganography toolkit for journalists and whistleblowers
-
gstp
A secure, authenticated, transport-agnostic data exchange protocol with distributed state management via Encrypted State Continuations (ESC)
-
lattice-kyber
Pure Rust implementation of ML-KEM (FIPS 203) / CRYSTALS-Kyber post-quantum key encapsulation mechanism
-
mero-sign
CLI tool for signing Calimero bundle manifests
-
schemapin
Cryptographic schema integrity verification for AI tools - Rust implementation
-
ngdp-crypto
Salsa20 and ARC4 encryption/decryption with key management for Blizzard's TACT files
-
mvm-core
Core types, IDs, config, and utilities for mvm
-
phala-tee-deploy-rs
Rust client for deploying and managing Docker containers on Phala TEE Cloud (dstack)
-
kafkang
Rust client for Apache Kafka
-
hypercore-protocol
Replication protocol for Hypercore feeds
-
light-openid
Lightweight OpenID primitives & client
-
graviola
modern, fast cryptography library
-
rust-argon2
Argon2 password hashing function
-
kcr_argoproj_io
Kubernetes Custom Resource Bindings
-
scalable-rbe
A prototype of a scalable Registration-Based Encryption scheme based on standard lattice assumptions
-
atproto-plc
did-method-plc implementation for ATProto with WASM support
-
codescan
Fast, configurable source code security scanner
-
curve25519-dalek-ng
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
tibet-zip-airlock
tibet-zip Airlock: sandboxed decompression with eBPF kernel enforcement
-
psp_security
PSP Security Protocol
-
itylos-cli
Sovereign ephemeral messaging CLI with local AES-256-GCM encryption and burn-on-read semantics
-
tacet
Detect timing side channels in cryptographic code
-
sgx_types
Rust SGX SDK provides the ability to write Intel SGX applications in Rust Programming Language
-
weftos-rvf-crypto
RuVector Format cryptographic primitives — SHA-3, Ed25519, ML-DSA-65 dual signing (WeftOS fork)
-
waproto
Protocol Buffers definitions for WhatsApp
-
eolib
A core rust library for writing applications related to Endless Online
-
tlock_age
Rust encryption library for hybrid time-lock encryption
-
staticrypt
Static encryption for string literals and binary data
-
slient_layer
Compression-resistant steganography library for images and audio
-
gatewarden
Hardened Keygen.sh license validation infrastructure
-
tnid
A UUID compatible ID with static type checking
-
shrouded
Secure memory management with mlock, guard pages, and automatic zeroization
-
tor-llcrypto
Low level cryptography wrappers used by Tor
-
foctet-transport
Layered transport integration helpers for Foctet secure channels
-
agntcy-slim-config
Configuration utilities
-
rusty_paserk
Platform Agnostic Serializable Keys (PASERK) is an extension on PASETO for key management
-
apns-h2
Async HTTP/2 APNs client based on hyper
-
appstoreconnect
client
-
gpgme
bindings for Rust
-
shelter
ROP-based sleep obfuscation to evade memory scanners
-
oxirush-security
5G security algorithms — KDF, NIA1/2/3, NEA0/1/2/3, SUCI concealment per TS 33.501
-
typelock
Enforce security boundaries at the Type level
-
cert-helper
A helper library for managing certificates using OpenSSL, including support for generating CSRs and CRLs
-
chbs
providing secure passphrase generation based on a wordlist
-
isideload
Sideload iOS/iPadOS applications
-
serde-encrypted-value
A Serde Deserializer wrapper which transparently decrypts encrypted values
-
affinidi-secrets-resolver
Common utilities for Affinidi Trust Development Kit
-
cloakpipe-cli
CLI binary for CloakPipe privacy proxy
-
nuts-archive
A tar like archive on top of the nuts-container
-
shashasha
SHA3
-
ssri
Various utilities for handling Subresource Integrity
-
windows-iso-downloader
Download Windows 10 and Windows 11 ISOs directly from Microsoft
-
wycheproof
test vectors
-
russh-cryptovec
A vector which zeroes its memory on clears and reallocations
-
dtls
A pure Rust implementation of DTLS
-
aes_crypto
A platform-agnostic library for the AES cipher (Rijndael)
-
yacme
ACME client
-
acme-redirect
Tiny http daemon that answers acme challenges and redirects everything else to https
-
filecoin-hashers
Hashers used in filecoin and their abstractions
-
opentalk-roomserver-crypto-provider
Crypto provider setup for the OpenTalk RoomServer
-
tokmd-content
Content scanning helpers for tokmd analysis (TODOs, duplicates, imports)
-
wave-proto
Minimal UDP wrapper that transparently handles encryption and connection handling
-
zbus-lockstep
Keep types in lockstep with DBus XML definitions
-
isomdl
ISO mDL implementation in Rust
-
tink-streaming-aead
Streaming AEAD functionality for Rust port of Google's Tink cryptography library
-
rust-dice
Rust wrapper for dice
-
breakmancer
Drop a breakpoint into any shell
-
etebase
client library for Etebase
-
webrtc-dtls
A pure Rust implementation of DTLS
-
m-bus-core
Core types for the m-bus-parser M-Bus protocol library
-
apate-rs
Keyed reversible source code obfuscator — goddess of deceit
-
fp2
An efficient, flexible and constant time Rust implementation of the extension field Fp^2 with modulus x^2 + 1
-
jacs-binding-core
Shared core logic for JACS language bindings (Python, Node.js, etc.)
-
pasta-msm
Optimized multiscalar multiplicaton for Pasta moduli for x86_64 and aarch64
-
vrf-rfc9381
VRFs (Verifiable Random Functions) as described in RFC9381
-
scryptenc
scrypt encrypted data format
-
spacedls
no_std CCSDS 355.0-B-2 (SDLS) Space Data Link Security implementation
-
nacrypt
A secure and easy-to-use file encryption utility
-
noise-rust-crypto
Wrappers of dalek and RustCrypto crates for noise-protocol
-
rdedup
Data deduplication with compression and public key encryption. - binary
-
sigma-proofs
A toolkit for auto-generated implementations of Σ-protocols
-
eldenring
Structures, bindings, and utilities for From Software's title Elden Ring
-
dugout
Git-native secrets manager for development teams, written in Rust
-
kcr_fluentd_fluent_io
Kubernetes Custom Resource Bindings
-
secapi
bindings
-
atlas-common
Common functionality for Atlas ML provenance system
-
ds-rom
extracting/building Nintendo DS ROMs
-
klave
SDK for the Klave platform
-
laicrypto
Lemniscate-AGM Isogeny (LAI) Encryption – quantum‑resistant cryptography
-
blake2ya
The BLAKE2 cryptographic hash and message authentication code
-
iroh-blake3
the BLAKE3 hash function
-
willow25
A ready-to-use implementation of the Willow specifications
-
hxrts-aura-consensus
Single-shot consensus protocol for non-monotone operations in Aura
-
openpgp-card
A client implementation for the OpenPGP card specification
-
ironseal
Lightweight identity-free attestation protocol
-
scion-sdk-utils
SCION endhost SDK utilities
-
hmac-sha1
wrapper around the RustCrypto hmac and sha1 crates for simple HMAC-SHA1 generation
-
yubitui
A blazingly fast, intelligent TUI for YubiKey management
-
rustls-mbedpki-provider
Implements rustls PKI traits using mbedtls
-
claim169-core
ID Claim 169 QR Code decoder library
-
libsui
A injection tool for executable formats (ELF, PE, Mach-O) that allows you to embed files into existing binary and extract them at runtime
-
nacl
Rust version of NaCl Cryptographic library with Scrypt added
-
wkd-server
A WKD server
-
radicle-artifact
Radicle Artifact Collaborative Object (COB)
-
flexiber
Encoding and decoding of BER-TLV as described in ISO 7816-4, without allocations
-
co-didcomm
COKIT fork of didcomm-rs — DIDComm messaging v2 implementation with modern crypto and WASM support
-
pkcs11-sys
Generated bindings for pkcs11.h. Useful for building PKCS#11 modules in rust.
-
accumulators
Complete package of multiple Accumulators with Stores and hashing functions (Hashers)
-
uov-rs
UOV (Unbalanced Oil and Vinegar) signature scheme with a small Rust SDK
-
steganography-online-codec
Steganography Online Codec allows you to hide a password encrypted message within the images & photos using AES encryption algorithm with a 256-bit PBKDF2 derived key
-
informalsystems-malachitebft-signing-ed25519
Ed25519 signing scheme for the Malachite BFT consensus engine
-
peat-mesh
Peat mesh networking library with CRDT sync, transport security, and topology management
-
saorsa-gossip-identity
Post-quantum identity management for Saorsa Gossip: ML-DSA-65 keypairs and PeerId derivation
-
suit_validator
no_std-friendly Rust crate for decoding and verifying SUIT Manifest
-
fast-des
implements DES encryption and NetNTLMv1 hashing in bitsliced form. a 10x-100x improvement in speed can be achieved depending on hardware.
-
clock-hash
ClockHash-256: Consensus hash function for ClockinChain
-
qcrypto
design, simulation and validation of Quantum Cryptography protocols
-
vaultic
Secure your secrets. Sync your team. Trust your configs.
-
chacha
stream ciphers
-
nu_plugin_secret
Production-grade secret handling plugin for Nushell with secure CustomValue types that prevent accidental exposure of sensitive data
-
garage_model
Core data model for the Garage object store
-
magic-crypt
MagicCrypt is a Java/PHP/NodeJS/Rust library to encrypt/decrypt strings, files, or data, using Data Encryption Standard(DES) or Advanced Encryption Standard(AES) algorithms. It supports CBC block cipher mode…
-
cipherrun
A fast, modular, and scalable TLS/SSL security scanner written in Rust
-
okid
generating double clickable ids
-
blake512-hash
Pure Rust implementation of the BLAKE-512 hash function (SHA-3 finalist)
-
cryptr
encrypted (streaming) values
-
parsec-service
A language-agnostic API to secure services in a platform-agnostic way
-
hpke-rs
HPKE Implementation
-
esk
Encrypted Secrets Keeper with multi-target deploy
-
tailscale-localapi
Client for the Tailscale local API
-
sigstore-bundle
Bundle format handling for Sigstore
-
qcert
generating test key/certificate pairs
-
provekit_acvm
The virtual machine that processes ACIR given a backend/proof system
-
msoffice_crypt
msoffice-crypt bindings for the Rust programming language
-
floe-rs
FLOE cryptographic construction
-
vedaksha-vedic
Vedic astrology: nakshatras, dashas, vargas, yogas, shadbala
-
rust_jarm
JARM fingerprinting in native Rust
-
ecrust-fp
Finite field arithmetic for the ecrust ecosystem
-
jsonwebtoken-aws-lc
Create and decode JWTs in a strongly typed way
-
altcha-lib-rs
Community implementation of the Altcha library in Rust for your own server application to create and validate challenges and responses
-
wasm_web_crypto
Type-safe Rust wrapper for the Web Crypto API (SubtleCrypto + Crypto)
-
php-ext-pqcrypto
PHP extension for post-quantum cryptography (ML-KEM, X-Wing, ML-DSA, SLH-DSA)
-
antimatter
antimatter.io Rust library for data control
-
jks
Java KeyStore (JKS) and PKCS12 encoder/decoder for Rust
-
zsign-rs
Cross-platform iOS code signing library - Rust port of zsign
-
symcrypt
Friendly and Idiomatic Wrappers for SymCrypt
-
ssss
Shamir's Secret Sharing Scheme
-
cocoon-tpm-crypto
Cocoon TPM project - cryptographic primitives
-
prople-crypto
A set of libraries and function helpers to maintain cryptography data based on Prople system requirements
-
adaptive-pipeline-domain
Domain layer for optimized, adaptive pipeline - pure reusable business logic, entities, value objects, and domain services following DDD principles
-
neodata
Streaming fixed-memory 16-ary merkle tree with backend-agnostic storage
-
aws-sdk-paymentcryptography
AWS SDK for Payment Cryptography Control Plane
-
drand_core
A drand client library
-
tink-ffi
Safe Rust bindings to Google Tink cryptography library
-
promocrypt-core
Core library for cryptographically secure promotional code generation
-
pubky-noise
Fully-integrated Noise AE framework in pubky-sdk
-
blsttc
Pairing threshold cryptography
-
schnorr-rs
Schnorr Protocols
-
libslug
Cryptography Intended For Slug20 That Supports X59 Certificate Format and Post-Quantum Cryptography
-
xor-cipher
reusable and optimized XOR ciphers in Rust
-
tink-aead
AEAD functionality for Rust port of Google's Tink cryptography library
-
rustflexstack
ETSI C-ITS GeoNetworking and BTP protocol stack in Rust
-
certboy
yet-another-cert-manager
-
tuf
Update Framework (TUF)
-
secretsharing_shamir
Hardened Rust cryptographic library for Shamir's Secret Sharing with support for multiple prime sizes
-
libcrux-p256
Formally verified P-256 implementation
-
ironlock
A secure file encryption CLI tool using Argon2id and ChaCha20-Poly1305
-
fips205
FIPS 205: Stateless Hash-Based Digital Signature Standard
-
e2eel
end-to-end encryption library for key management
-
zopp-secrets
Secret encryption and decryption for zopp secrets manager
-
blueprint-webhooks
Webhook producer for Blueprint SDK — trigger jobs from external HTTP events
-
shamir-vault
Shamir's Secret Sharing algorithm
-
dcrypt
pure-Rust, software-only cryptography library providing both classical and post-quantum primitives with a focus on security, hybrid KEMs/signatures, and memory-safe, no-FFI design
-
cryptan
crypto playground (Caesar, Morse, ...)
-
assemblyline-models
Data models for the Assemblyline malware analysis platform
-
xmit
e2e encrypted messaging between agents
-
mdk-core
A simplified interface to build secure messaging apps on nostr with MLS
-
bjorn-acme
Building blocks for an ACME server
-
uts-bmt
Binary Merkle Tree implementation for Universal Timestamps in Rust
-
dgsp
Efficient Scalable Post-Quantum Fully-Dynamic Group Signature Scheme Using SPHINCS+
-
simple-cookie
Functions for creating and parsing signed & encrypted cookies
-
pqaudit
TLS post-quantum readiness auditor
-
rasn-cms
Data types for handling Cryptographic Message Syntax
-
swt3-ai
SWT3 Witness Anchors for AI systems — cryptographic accountability protocol
-
ligerito-reed-solomon
Reed-Solomon erasure coding for Ligerito over binary fields
-
cipherscope
A high-performance, language-aware tool for scanning source code to detect cryptographic libraries and algorithms usage
-
wacore-appstate-ng
Appstate for WhatsApp protocol
-
arcis-compiler
A framework for writing secure multi-party computation (MPC) circuits to be executed on the Arcium network
-
sha3-circuit
Lookup based midnight-proofs (halo2 fork) implementation of keccak-f[1600] permutation and gadgets for the sha3-256 and keccak-256 hash functions
-
jubjub-elgamal
ElGamal encryption scheme implemented on the JubJub curve with support for zero-knowledge circuits
-
rsa-magic-public-key
Converting between the Magic Public Key format and a RustCrypto RSA type
-
ez-hash
Ergonomic hashing helpers with a simple Hashable API and optional algorithm features
-
qos_crypto
Cryptographic primitives for use with QuorumOS
-
rummage-cli
GPU-accelerated Nostr mining tool (vanity keys + NIP-13 PoW)
-
ma-did
間 (did:ma) DID method for secure identities and messaging
-
openfhe
Rust package of the OpenFHE Fully Homomorphic Encryption Library
-
wechat-pay-rust-sdk-wf
微信支付 © Wechat Pay SDK Official (标准库)
-
slipped10
SLIP-0010 : ed25519 private key derivation from master private key
-
sslenum
SSL certificate Extractor
-
argentum_encryption_business
Business layer of encryption
-
void-core
VCS engine for void — pipelines, workspace, diff, merge, transport, collaboration
-
xllm-proxy
TCP proxy server with AES-256-GCM encryption for xllm
-
dev-tool
dev-tool(变更为mitoo)是一个Rust工具包类库,对文件、加密解密、转码、正则、线程池、sqlite等方法进行封装,组成各种Util工具类。
-
wsc-cli
CLI tool to sign and verify WebAssembly modules
-
mini-sign
minisign in rust
-
spartan
High-speed zkSNARKs without trusted setup
-
eenv
Encrypted Env Manager: encrypts .env files, manages examples, and enforces safety via git hooks
-
bbjwt
well documented JWT validation library, mainly for validating OpenID Connect ID Tokens
-
rust-secure-logger
Memory-safe security logging for financial systems and critical infrastructure with encryption, log forwarding, and compliance automation
-
openentropy-cli
CLI for openentropy — your computer is a hardware noise observatory
-
nats-io-jwt
Generate JWTs signed using NKEYs for use with https://nats.io
-
btls
BoringSSL bindings
-
synta-certificate
X.509 certificate structures for synta ASN.1 library
-
atrium-crypto
Cryptographic library providing basic helpers for AT Protocol
-
tayo
A security-first domain specific language for banking operations
-
eidetica
Decentralized DB. Remember Everything. Everywhere. All At Once.
-
thrussh-keys
Deal with SSH keys: load them, decrypt them, call an SSH agent
-
pam-ssh-agent
A PAM module that authenticates using the ssh-agent
-
aethelgard-avl
A Sovereign, NASA-grade AVL Tree with generational arena storage and BLAKE3 Merkle-style integrity verification
-
tlpsign
A cryptographic protocol for time-locked signature verification with an optional revocation mechanism, requiring no trusted third party
-
dkimdo
DKIM command-line tool
-
wa-rs-proto
Protocol Buffers definitions for WhatsApp
-
corevpn-crypto
Cryptographic primitives for CoreVPN - secure key exchange, encryption, and certificate handling
-
ncm_core
core decoder for ncmc
-
symphony
Eclipse Symphony Target Provider Rust binding
-
hxrts-aura-social
Social topology (blocks and neighborhoods) for the Aura threshold identity platform
-
ringspace
Trusted webring management
-
icefast
A optimized parallel ICE encryption implementation with auto-dispatching logic and auto-vectorization
-
sm-crypto
China's Standards of Encryption Algorithms(SM2/SM3/SM4)
-
nostr-double-ratchet
Nostr double ratchet library for Rust
-
crypto-async-rs
High-performance pure Rust cryptographic library with async streaming support
-
githubclaw
Near-autonomous AI agents that manage open-source projects end-to-end using GitHub as the single source of truth
-
rasn-pkix
Data types for handling Public Key Infrastructure (PKIX) objects
-
cfun
Tidy up common functions
-
primp-rustls
A fork of the original rustls crate
-
a2
A native, asynchronous Apple push notification client
-
crypt-ro
Blazing-fast matrix-based encryption library with configurable transformations
-
sl-oblivious
OT protocols
-
trussed-chunked
extension with chunked file operations for trussed
-
kmip-protocol
KMIP protocol object (de)serialization
-
cloakpipe-core
Core detection, pseudonymization, and rehydration engine for CloakPipe
-
midnight-base-crypto
foundational cryptographic primitives for Midnight's ledger
-
blake2b-rs
Rust bindings for the official Blake2b C implementation
-
totpyx
Minimal, dependency-free RFC 6238 TOTP implementation
-
stix-rs
STIX 2.1 types and helpers for Rust
-
cryprot-core
Core primitives for cryptographic protocol implementations
-
jmix-rs
JMIX (JSON Medical Interchange) format - secure medical data exchange with cryptographic features
-
ockam
End-to-end encryption and mutual authentication for distributed applications
-
amll-lyric
一个歌词解析/生成模块,着重于歌词内容解析,支持多种格式
-
chie-crypto
Cryptographic primitives for CHIE Protocol
-
boring-sys
FFI bindings to BoringSSL
-
pkcs12cracker
High-performance, multi-threaded PKCS#12 password cracker supporting dictionary, pattern-based, and brute force attacks
-
clasp-caps
Capability tokens for CLASP protocol (delegatable Ed25519)
-
pkcs8
Pure Rust implementation of Public-Key Cryptography Standards (PKCS) #8: Private-Key Information Syntax Specification (RFC 5208), with additional support for PKCS#8v2 asymmetric key packages (RFC 5958)
-
syft-crypto-cli
Command-line interface for SyftBox cryptographic operations
-
xwt-web
xwt that runs in the browser. Powered by wasm-bindgen and web-sys
-
turnkey_api_key_stamper
Generate signatures over Turnkey API requests using a P-256 key
-
rvf-federation
Federated RVF transfer learning -- PII stripping, differential privacy, federated averaging
-
qubip_aurora
A framework to build OpenSSL Providers tailored for the transition to post-quantum cryptography
-
memo128
encoding and decoding 128-bit data as mnemonic sentences
-
json_atomic
The Cryptographic Atom — JSON✯Atomic: canonicalization + BLAKE3 content addressing + DV25-Seal (Ed25519) for Signed Facts
-
rustup-mirror
Setup a local rustup mirror
-
kuska-handshake
Secure Scuttlebutt handshake + boxstream library
-
bupstash
Easy and efficient encrypted backups
-
envio
A secure command-line tool for managing environment variables
-
acme2-eab
A Tokio and OpenSSL based ACMEv2 client
-
yamid
Machine ID
-
pake-kem
password-authenticated key exchange (PAKE) based from a key encapsulation mechanism (KEM)
-
chachacha
SIMD optimized implementations of the Chacha stream cipher
-
frost-secp256k1
A Schnorr signature scheme over the secp256k1 curve that supports FROST
-
cryl
Secret generation tool
-
shippo_git
Git helpers for Shippo
-
pkcrack
Known-plaintext attack against PkZip encryption
-
taceo-groth16-material
A collection of utilities for generating witnesses and proofs for Groth16 circuits. Supports Circom circuits for now.
-
neco-secp
minimum dependency secp256k1 and Nostr signing core
-
qssl
Pure Rust post-quantum TLS — zero C code. ML-KEM, ML-DSA, SLH-DSA, Falcon. FIPS 203/204/205/206 compliant. 100 Lean 4 theorems.
-
capycrypt
An advanced cryptographic suite for secure message exchange
-
deadrop
Zero-knowledge encrypted dead drop. One binary. One command. Gone.
-
sphinx-rs
Production-grade Sphinx onion routing with Single-Use Reply Blocks (SURBs) for anonymous messaging
-
encodex
cryptanalysis tool for legacy and modern codes, ciphers and hashes
-
datex-crypto-facade
DATEX Crypto Trait used by the datex crate
-
ap-noise
Noise Protocol implementation for access-protocol
-
wechat-oa-sdk
WeChat Official Account API SDK for Rust
-
ps-datachunk
Chunk-based data encrypter
-
pg-core
PostGuard core library for communication and bytestream operations
-
cipher-salad
Implementations of classic ciphers
-
scp-identity
Decentralized identity (DID) management for SCP (Shared Context Protocol)
-
midnight-ledger
transaction format and semantics for Midnight
-
lambda-shield
A lightweight, energy-efficient stream cipher based on the Collatz Lemma 3 residue discovery
-
cnfy-uint
Zero-dependency 256-bit unsigned integer arithmetic for cryptographic applications
-
pg_ecdsa_verify
A PostgreSQL extension for ECDSA signature verification
-
prefix-file-tree
Predictable file directory structures
-
cyphera
Data protection SDK — format-preserving encryption (FF1/FF3), AES-GCM, data masking, and hashing. Zero-copy passthrough preservation. Policy-driven. Cross-language compatible.
-
sunscreen
A Fully Homomorphic Encryption (FHE) compiler supporting the Brakerski/Fan-Vercauteren (BFV) scheme
-
bergshamra
— Pure Rust XML Security library (XML-DSig, XML-Enc, C14N)
-
oracle_omen_patches
Self-evolution patch system with gates for oracle.omen
-
appattest
Verification of Apple App Attestations and Assertions, to help enforce iOS App Integrity Checks
-
jacs-mcp
MCP server for JACS: data provenance and cryptographic signing of agent state
-
pngyou
high-performance CLI tool to hide secret messages in a PNG file using steganography
-
tectonic-fn-dsa-kgen
FN-DSA signature scheme
-
cryptid-rs
encrypt and decrypt integer IDs to URL safe strings
-
jtm
Just The Math Crypto Library
-
chromium-crypto
Chromium crypt
-
hxrts-aura-signature
Threshold signature schemes and attestation types for Aura
-
thash
A terminal program for hashing with many algorithms and many output formats, and recursive hashing support
-
symbi-runtime
Agent Runtime System for the Symbi platform
-
librnxengine
implement robust software licensing, activation, and validation systems
-
hcl
high level cryptography library ready for production use
-
agentbin
CLI for publishing rendered documents at public URLs
-
datapipe
Stream data from here to there
-
ubiq-rust
SDK for the Ubiq Security platform
-
gcm_rs
AES-256 GCM
-
kk-crypto
KK (Keeney Kode), A novel cryptographic primitive where symbol values are temporal functions of universal entropy
-
vitaminc-protected
Protected type wrappers for handling sensitive data. Part of the VitaminC cryptographic suite.
-
arwen-codesign
Ad-hoc code signing for Mach-O binaries
-
isideload-cryptographic-message-syntax
A pure Rust implementation of Crypographic Message Syntax (RFC 5652)
-
anodize-stage-sign
Signing stage for the anodize release tool — signs artifacts with GPG or other tools
-
motosan-hyperliquid
Unified facade crate for the motosan-hyperliquid SDK — re-exports all sub-crates behind feature flags
-
better-blockmap
Generate better blockmap files for electron-builder
-
ciphercore-utils
Convenience functions and wrappers used by CipherCore crates
-
donut-cli
CLI tool for libdonut-rs
-
oxitoken
Fastest and most secure JWT encoding/validation library for Rust. Fully supports custom header/claims structs, an extendable validation pipeline, and is crypto-backend agnostic (built-in…
-
axial
All in One web framework for Rust
-
ypass
A secure password manager using YubiKey HMAC-SHA1 challenge-response
-
saku-sync
Sync engine for the saku ecosystem
-
anyhide
Hide any data in any file(s) - steganography tool with hybrid encryption and plausible deniability
-
mogh_server
Configurable axum server including TLS, Session, CORS, common security headers, and static file hosting
-
codive-tunnel
Shared types and cryptography for secure tunneling
-
air
A.I.R
-
cryptostream
Transparent encryption and decryption for Read and Write streams
-
secra-pluginctl
生产级插件打包工具 - 安全可信的插件产物管理(支持加密、签名、并发处理)
-
custom-utils
Provide customized tools based on features
-
aes-wasm
AES-GCM, AES-OCB, AEGIS, AES-CTR, CMAC-AES for WebAssembly
-
sodalite
Tweetnacl in pure rust with no std dependency
-
rustack-kms-core
KMS business logic for Rustack
-
palisade-config
Security-conscious configuration management for honeypot systems with cryptographic tag derivation
-
sigma_fun
A framework for making Sigma protocols fun!
-
libtls
Rust bindings for LibreSSL's libtls
-
assinador-livre-rs
Aplicacao desktop em Rust para assinatura digital de PDF com certificado A3 no Windows, com API WebSocket local
-
jax-common
Core data structures and cryptography for JaxBucket - end-to-end encrypted P2P storage
-
secret-tree
Hierarchical secret derivation with Blake2b
-
sct
Certificate transparency SCT verification library
-
pqc-fips
Imported pqc-combo v0.1.0
-
ledger-core
Core data model, hashing, and signature verification primitives for immutable trace records
-
radicle-oid
Radicle representation of Git object identifiers
-
pqsign
Hybrid post-quantum file signing (Ed25519 + ML-DSA-65)
-
convergio-org-package
Org-as-package ecosystem: install, sandbox, sign, and delegate between org packages
-
openapi-rs
A type-safe Rust client library for building, signing, and sending API requests with minimal boilerplate
-
veil-sdk
Rust SDK for the Mugen Veil verifiable inference network
-
fips204_rs
FIPS 204: Module-Lattice-Based Digital Signature
-
srp6
A safe implementation of the secure remote password authentication and key-exchange protocol - SRP version 6 and 6a
-
authenticated-pseudonyms
anonymous credentials
-
rustls-channel-resolver
single-cert channel-ish rustls resolver for live-reloading certificate files
-
svalinn
A unified, safety-critical hybrid cryptographic library (X25519, ML-KEM, Ed25519, ML-DSA, SLH-DSA)
-
edgee-cli
Edgee CLI to play with AI Gateway, tools, components
-
naru-config
A security-first configuration manager with encryption and audit logging
-
sha2-const-stable
const fn implementation of the SHA-2 family of hash functions. Based on sha2-const, but updated to use only stable rust
-
intent-cipher
Intent-keyed stream cipher — research artifact, illustrative use only. Not production cryptography.
-
convergio-multitenancy
Multi-tenancy isolation — tenant routing, quotas, and namespace management
-
ghostkey
A command-line tool for Freenet Ghost Key operations
-
age-plugin-yubikey
YubiKey plugin for age clients
-
payload-loader
Production-ready Rust loader with cryptography, configuration, and security features
-
agntcy-slim-mls
Messaging Layer Security for SLIM data plane
-
atlas-rs
attested TLS (aTLS) core library for verifying TEE attestations over TLS connections
-
kiwavi
A secure TOTP-based key derivation system using user salts
-
tsp-ltv
Shared timestamping (RFC 3161) and long-term validation (OCSP, CRL, trust stores) infrastructure for AdES signatures
-
short-crypt
ShortCrypt is a very simple encryption library, which aims to encrypt any data into something random at first glance
-
iscc-lib
High-performance Rust implementation of ISO 24138:2024 (ISCC)
-
hosanna-rs-secret
Safe in-memory secret types (SecretString, SecretBytes) with redacted Debug/Display, zeroisation on drop, and constant-time equality
-
confidential-ml-pipeline
Multi-enclave pipeline orchestration for confidential ML inference
-
tesser-broker
Broker abstraction and execution client interfaces for Tesser
-
n01d-forge
Secure Cross-Platform Image Burner with AES-256 Encryption - Write ISOs to USB drives with optional encryption
-
gxt
Minimal, encrypted, signed and copy-pasteable tokens for manual data exchange between games
-
flp-saml2
SAML2 for Rust
-
palcrypto-rs
A crypto lib
-
tor-client-lib
A client library for the Tor API
-
crypt4gh
Encryption and decryption implementation of the Crypt4GH encryption format
-
sifredb
Field-level encryption library with envelope encryption and blind indexes
-
interactsh-rs
client library for working with Interact.sh servers
-
oint-keys
Standard Cryptography-Suite For Web 3.20, offering cryptographic abstraction (Generic Signing/Verifying, Generic Encryption) for various algorithms including post-quantum
-
ms-offcrypto-writer
Encrypting ECMA376/OOXML files with agile encryption as described in MS-OFFCRYPTO
-
sare-cli
Command-line interface for the SARE encryption standard
-
mir-issues
Issue definitions and reporting for the mir PHP static analyzer
-
crabgraph
A safe, ergonomic, high-performance cryptographic library for Rust built on audited primitives
-
macid
build a unique machine id
-
zbx_sender
Zabbix Sender Client
-
json-web-token
JWT
-
rust-padbuster
It's a port of python-paddingoracle (https://github.com/mwielgoszewski/python-paddingoracle)
-
rotorix-core
Enigma-inspired transformation pipeline with explicit state and pluggable components
-
feistelnet
Symetric block split Feistel Network
-
libkeri
KERI (Key Event Receipt Infrastructure)
-
alterion-encrypt
X25519 ECDH key exchange, AES-256-GCM session encryption, Argon2id password hashing, and the MessagePack/deflate request-response pipeline with an Actix-web interceptor
-
cargocrypt
Zero-config cryptographic operations for Rust projects with HIVE MIND collective intelligence
-
oma-repo-verify
Handle APT repository verify library
-
efficient-sm2
China's Standards of Signature Algorithms (SM2)
-
strong-box
Strong, ergonomic encryption for non-cryptographers
-
sssui-mpc-rs
shamir-secret-sharing for SUI chain
-
aranya-policy-text
The Aranya Policy Language textual types
-
cooltest
Randomness testing tool
-
ossl
OpenSSL version 3+ bindings to modern EVP APIs
-
deno_crypto
Web Cryptography API implementation for Deno
-
dalek-ff-group
ff/group bindings around curve25519-dalek
-
fog-crypto
signing & encryption easier for small, independent blocks of bytes. Primary use-case is the fog-pack crate.
-
sigstore-sign
Sigstore signature creation
-
barretenberg-rs
Rust bindings for Barretenberg, a C++ cryptographic library for zero-knowledge proofs
-
sm9
SM9 (OSCCA GM/T 0044-2016), identity-based cryptography
-
avx-nucleus
Atomic-level operations - Foundation of avx cryptography stack
-
ockam_command
End-to-end encryption and mutual authentication for distributed applications
-
sequoia-octopus-librnp
Reimplementation of RNP's interface using Sequoia for use with Thunderbird
-
kerberos_crypto
Cryptography algorithms for Kerberos
-
qurox-pq
Quantum-ready cryptographic SDK with hybrid classical and post-quantum algorithms
-
enigma-simulator
An absurdly fast and highly flexible Enigma machine simulation, encryption, and decryption library
-
no-way-jose-aws-lc
aws-lc-rs crypto backend for no-way-jose (HMAC, ECDSA, EdDSA, RSA, AES-GCM)
-
elizaos-plugin-secrets-manager
Multi-level secrets management plugin for elizaOS with encryption and dynamic plugin activation
-
nix-base32
nix (as in NixOS) compatible base32 encoding
-
rust-keylock-ui
A password manager with goals to be Secure, Simple to use, Portable and Extensible
-
sshenv
SSH-key-backed encrypted vault for environment variables
-
oniongen-rs
A v3 .onion vanity URL generator written in Rust
-
ecdsa
Pure Rust implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) as specified in FIPS 186-4 (Digital Signature Standard), providing RFC6979 deterministic signatures as well as support for added entropy
-
otp_offline
offline verification of YubiKey OTPs
-
fi-digital-signatures
Cryptography library for rust and WASM
-
ps3decrs
PS3 ISO decryption tool
-
ezcheck
lightweight, cross-platform, and high-performance tool for calculating, comparing, and verifying hash of strings and files
-
wecanencrypt
OpenPGP library for encryption, signing, and key management
-
libsodium-rs
A comprehensive, idiomatic Rust wrapper for libsodium, providing a safe and ergonomic API for cryptographic operations
-
trustless-protocol
Protocol utilities for trustless
-
dat
Data Access Token
-
pubky-messenger
private messaging using Pubky
-
vigenere-demo
优雅的维吉尼亚密码实现,采用泛型设计,支持自定义字符集
-
mozilla-root-ca
Mozilla Root CA list from https://curl.se/ca/cacert.pem
-
mxlink
connecting (linking) to the Matrix Client Server API (for building bots, etc.)
-
mlar
A wrapper around the MLA library for common use cases
-
zccache-hash
Hashing and cache key computation for zccache
-
ltk_pki
Support code for verifying League Toolkit mod signatures
-
aruna-file
component for encrypting / compressing .aruna files, including specification
-
ironoxide
A pure-Rust SDK for accessing IronCore's privacy platform
-
bitwark
Empowering secure digital interactions with robust binary token management and dynamic rolling keys
-
yesser-todo-errors
Error library for yesser-todo
-
blazehash
Forensic file hasher — hashdeep for the modern era, BLAKE3 by default
-
bark-dev
bark(receive notify on IOS devices)
-
async-openssl
SSL streams for async IO backed by OpenSSL
-
rommer
A powerful tool designed to customize Android ROM ZIP files without building from source
-
roughenough-keys
Roughenough key material handling with multiple secure storage backends
-
voidio
VOID I/O - High-performance Cross-platform I/O for Rust
-
faest
Pure Rust implementation of the FAEST post-quantum secure digital signature scheme
-
securepass
A password generator and balancer library in Rust
-
in-toto
Library for in-toto
-
lupin
A blazing-fast, lightweight steganography tool for concealing secret data within normal files
-
yunli
Additional utilities for working with Yunli
-
openfused
— the file protocol for AI agent context. CLI + daemon.
-
ml-signify
Post-quantum signing utility inspired by OpenBSD signify(1)
-
paks
A light-weight encrypted archive inspired by the Quake PAK format
-
taceo-eddsa-babyjubjub
An EdDSA signature scheme implementation over the Baby Jubjub elliptic curve using Poseidon2, useful for SNARK-friendliness
-
arachnid
aims to be a complete offensive security suite written for Rust
-
p2panda-encryption
Decentralised data- and message encryption for groups with post-compromise security and optional forward secrecy
-
hermes-tdata
Pure Rust parser for Telegram Desktop's tdata storage format. Decrypts local storage and extracts auth keys without Qt/C++ dependencies.
-
fn-dsa-kgen
FN-DSA signature scheme
-
csrf
CSRF protection primitives
-
polygraphia
A comprehensive library for classical and modern cryptographic algorithms
-
ark-ed-on-bw6-761
A Twisted Edwards curve defined over the scalar field of the BW6-761 curve
-
prisma-decrypt
CLI tool for super fast prisma-field-encryption column decryption (clock decryption)
-
trust_pdf
Verifies signed PDFs against the originals, checking for sneaky modifications
-
webrtc-srtp
A pure Rust implementation of SRTP
-
agent-vault
Zero-trust credential manager for AI agents
-
chamber-tui
A secure, local-first secrets manager with encrypted storage and zero-knowledge architecture
-
easy_password
Easy password hashing (includes bcrypt)
-
rustic_cdc
performing Content-Defined Chunking (CDC) on data streams
-
lets-encrypt-warp
letsencrypt.org with warp
-
tuftool
creating and signing The Update Framework (TUF) repositories
-
pqcrypto-sphincsplus
Post-Quantum Signature Scheme sphincsplus
-
sharrd
A secure seed phrase manager using Shamir's Secret Sharing
-
routex-settlement
routex settlement
-
verkle_pq
Quantum-resistant Verkle tree library built on quilibrium-verkle with CRYSTALS-Dilithium3 (ML-DSA-65) post-quantum signatures and SHAKE-256 proof binding
-
enject
Hide .env secrets from AI agents. Stores secrets in an encrypted local store and injects them into subprocesses at runtime — your .env file contains only symbolic references, never real values.
-
oxigdal-security
Enterprise security features for OxiGDAL: encryption, access control, compliance
-
secp
A flexible and secure secp256k1 elliptic curve math library with constant-time support and superb ergonomics
-
olm-sys
Low level binding for libolm
-
turtls
A TLS library
-
git-remote-htree
Git remote helper for hashtree - push/pull git repos via nostr and hashtree
-
wacore-noise-ng
Noise Protocol implementation for WhatsApp with AES-256-GCM
-
rana
Nostr public key mining tool
-
rust_ev_verifier_lib
Main library for the E-Voting system of Swiss Post
-
crypto-auditing-log-parser
Event log parser for crypto-auditing project
-
jwtea
Lean JWT library
-
aes-gcm
Pure Rust implementation of the AES-GCM (Galois/Counter Mode) Authenticated Encryption with Associated Data (AEAD) Cipher with optional architecture-specific hardware acceleration
-
spideroak-crypto
SpiderOak's cryptography library
-
hypercore_handshake
Used for establishing an encrypted connection between hypercore peers
-
lifx-rs
A synchronous + asynchronous library for communicating with the official LIFX-API and the unoffical offline API
-
wasmsign2
WebAssembly modules signatures proposal
-
chip_as_code
Semantic Chips — deterministic boolean circuits as text DNA. Parse, evaluate, evolve, and prove policy gates with No-Guess constitutional checkpoints.
-
az-snp-vtpm
vTPM based SEV-SNP attestation for Azure Confidential VMs
-
dcrypt-params
Constant values for dcrypt library
-
shosha256
A sha256 previewer I made just for fun
-
pubm-test-multi-eco-cli
pubm E2E test fixture: multi-ecosystem CLI crate
-
ta-audit
Append-only event log and artifact hashing for Trusted Autonomy
-
mockforge-security-core
Security and encryption primitives for MockForge
-
light-poseidon-nostd
Poseidon hash implementation in Rust with no_std support (fork of light-poseidon)
-
tokio-nats
Async-await ready NATS library
-
clear_on_drop
Helpers for clearing sensitive data on the stack and heap
-
git-mine
Mine your favorite git commit hashes
-
crypta
Gestor de secretos moderno escrito en Rust puro, compatible con SOPS/Age para encriptación de secretos y sincronización automática con Git
-
subtle-encoding
Encoders and decoders for common data encodings (base64, bech32, hex) which avoid data-dependent branching/table lookups and therefore provide "best effort" constant time. Useful for encoding/decoding…
-
pqcrypto
Post-Quantum cryptographic primitives
-
libreofficekit
in Rust
-
sha3-utils
SHA-3 utilities
-
commucat-federation
Federation event signing and verification for CommuCat domains
-
silent-sparrow
A minimal, scheduled, cryptographically signed status beacon
-
rzbackup
RZBackup
-
crypt-keeper
A cli helper for managing, encrypting and decrypting files
-
tvc
CLI for Turnkey Verifiable Cloud
-
xcalgo
XCA: Topological Data Analysis Cryptosystem - Novel encryption based on graph homomorphisms and persistent homology
-
xaeroid
decentralized identity with Ed25519 and hash commitments
-
fiscal-crypto
Certificate handling and XML signing for Brazilian fiscal documents
-
starweft-protocol
Core protocol definitions and message types for starweft
-
rustcrypt
Macro-first encryption and obfuscation library for Rust
-
edgesentry-rs
Tamper-evident immutable audit trace: signing, verification, ingestion and CLI
-
affinidi-did-authentication
Using proof of DID ownership to authenticate to services
-
tropic01
An embedded-hal driver for the TROPIC01 chip by TropicSquare
-
p3ak-vault
P3AK vault CLI — encrypted portable AI knowledge store. Create, ingest, search, and serve .vault files. 35 formats, hybrid BM25+vector search, 98% accuracy.
-
rpgmad-lib
decrypting/encrypting RPG Maker
rgssarchives -
str0m-wincrypto
Supporting crate for str0m
-
gitoid
Git Object Identifiers in Rust
-
enigmar
High-performance Enigma Machine simulator (M3/M4) with Python bindings
-
libsm
China's Standards of Encryption Algorithms (SM2/3/4)
-
rasn-ocsp
Data types for Online Certificate Status Protocol
-
ed25519-dalek-hpke
HPKE encryption/decryption using
ed25519-dalekkeys via automatic X25519 conversion -
cipher_identifier
identifying classical ciphers based on statistical analysis
-
orbis-pkg
parsing and extracting PlayStation 4 PKG files
-
enva-shared
Shared types and utilities for enva
-
recs_lib
A confusing library for encrypting files and text
-
blake2-rfc
A pure Rust implementation of BLAKE2 based on RFC 7693
-
rialo-sol-cpi
CPI helper library for Rialo Sol programs
-
neocities-sync
Sync files to neocities while doing the least amount of API requests
-
ferrocrypt
Core Ferrocrypt library: symmetric (XChaCha20-Poly1305 + Argon2id) and hybrid (RSA-4096) encryption utilities
-
age-plugin-gpg
Age plugin that uses recipients/identities from gpg-agent, making it possible to use gpg smartcards
-
luks
Pure-Rust Library for the Linux Unified Key Setup
-
dome-ward
Injection detection, schema integrity, and heuristic analysis for Thunder Dome
-
libqabu
A auditable and versitile Rust cryptography library
-
wechatbot
WeChat iLink Bot SDK for Rust
-
cerememory-transport-mcp
MCP (Model Context Protocol) transport binding for CMP
-
ed25519-bip32
Ed25519 BIP32
-
sorted-iter
Typesafe extensions for sorted iterators, including set and relational operations
-
hyde-tee
Unified abstraction layer for hardware-based TEE in Rust
-
hana-vault
used by the Hana SSH client for storing user data securely in encrypted SQLite
-
slhdsa-c-rs
FFI bindings for the slhdsa-c SLH-DSA implementation
-
cuts-core
core library for cuts
-
chalamet_pir
Stateful, Single-Server Private Information Retrieval for Key-Value Databases
-
decryptor_s2
cli for decrpting and encrpting S2 10th Anniversary assets
-
pqc_dilithium
A post-quantum cryptographic signature scheme based on the hardness of lattice problems over module lattices
-
concryptor
A multi-threaded AEAD encryption engine
-
google/ctap2
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards
-
mpc-core
A flexible, trait-based core framework and asynchronous execution engine for Multi-Party Computation (MPC) protocols
-
ironhide
easily encrypt and decrypt files to users and groups. Similar to GPG, but usable at scale.
-
xdid
DID library
-
yara-sys
Native bindings to the libyara library
-
mozilla/jwcrypto
Firefox Application Services
-
acmer-server
ACME TLS certificates proxy server
-
str0m-apple-crypto
Apple CommonCrypto/Security framework backend for str0m WebRTC
-
pingap-certificate
Certificate for pingap
-
snippet-agent
Codebase parsing tool. It aggregates code (i.e. RAG) as an input to LLMs
-
sunscreen_math
contains GPU implementations that support the Sunscreen compiler
-
sigserlic
Combine serde with signify
-
lb-rs
interacting with your lockbook
-
dhsd
SCION endhost SDK observability utilities
-
dechdev_rs
by DECHDEV
-
commucat-crypto
Noise handshake helpers and Ed25519 tooling for CommuCat
-
tls-friend
A friendly library to make dealing with TLS easier
-
r1cs
building R1CS gadgets
-
xor_cryptor_keylen
xor_cryptor, but with a minimum key length of 1
-
rusk-tuf
TUF (The Update Framework) metadata verification for rusk
-
freezeout-core
Freezeout Poker core types
-
envguard
Encrypted .env files that just work. Zero config, single binary, built-in team sharing.
-
gost-crypto
GOST 28147-89 block cipher and GOST R 34.11-94 hash — no_std, RustCrypto compatible
-
azalea-crypto
Cryptography features used in Minecraft
-
ssh-key
Pure Rust implementation of SSH key file format decoders/encoders as described in RFC4251/RFC4253 and OpenSSH key formats, as well as "sshsig" signatures and certificates (including…
-
polyhash
POLYVAL and GHASH per RFC 8452
-
tor-hscrypto
Basic onion service cryptography types used by Aerti
-
threshold-pairing
Pairing threshold cryptography
-
glome
Generic low-overhead message exchange with cryptographic integrity protection
-
nexus-stratum-security
Security hardening for NexusStratum — XSS prevention, CSP, input sanitization
-
boring-vendit
BoringSSL bindings
-
soft-fido2-crypto
Cryptographic utilities for the soft-fido2 FIDO2/WebAuthn authenticator
-
crown
A cryptographic library
-
tiny-encrypt
tiny file encrypt tool
-
crypto2
cryptographic algorithms
-
printwell
HTML to PDF conversion using Chromium's rendering libraries
-
secret-vault-value
secure and serializable type to store and control secret/sensitive values
-
ecies_25519
Cross-platform Elliptic Curve Integrated Encryption Scheme (ECIES) using X25519, AES-256-GCM, and HKDF-SHA256
-
cx448
A pure-Rust implementation of Ed448 and Curve448 and Decaf. This crate also includes signing and verifying of Ed448 signatures, and x448
-
paillier-common
paillier over bigint traits provided by rust-bigint
-
nekocat
-
relay-ciphers
Cipher implementations for Relay Mail
-
ssi-bbs
The BBS Signature Scheme implementation for SSI
-
cloakpipe-tree
CloakTree: Vectorless, reasoning-based retrieval with privacy-first tree indexing
-
marsupial
safe bindings to the xkcp/k12 implementation of the kangarootwelve hash function
-
zkcg-circuits
Zero-knowledge circuits for the ZKCG protocol
-
age-plugin-xwing
X-Wing plugin for age clients
-
fss-rs
Function secret sharing including distributed comparison & point functions
-
cypheron-core
Post-quantum cryptography library with NIST-standardized quantum-resistant algorithms
-
opensession-api
Shared API types, crypto, and SQL builders for opensession.io
-
uniaz
Unify the Unicode chars into A-Z sequence
-
kzen-paillier
Efficient pure-Rust library for the Paillier partially homomorphic encryption scheme
-
cryptic
encryption/decryption application. You can use this to encrypt and decrypt files using a password
-
gopenpgp-sys
Rust bindings to gopenpgp
-
wots-rs
Winternitz One-time Signature Scheme made using Rust
-
trezor-noise-protocol
Noise Protocol Framework implementation, customized
-
wolfcrypt
RustCrypto trait implementations backed by wolfCrypt
-
super_simple_jwt
A super simple implementation of JWTs in rust!
-
tokio-boring-vendit
SSL streams for Tokio backed by BoringSSL
-
shielded_transport_pigeon
Shielded Transport Pigeon, STP, is an encrypted optionally reliable UDP transport layer that does not use TLS
-
lsmtree
Implements a Sparse Merkle tree for a key-value store. The tree implements the same optimisations specified in the libra whitepaper, to reduce the number of hash operations required per tree operation to O(k)…
-
paseto-core
Core traits and encodings for PASETO/PASERK
-
omnibor-cli
CLI for working with OmniBOR Identifiers and Manifests
-
provekit-passport-input-gen
Passport input generator for ProveKit
-
m-bus-application-layer
M-Bus application layer parser (DIF/VIF, data records)
-
ascon-hash
Ascon-Hash256 and Ascon-XOF128
-
streaming-crypto
Cryptographic library with optional FFI and Python bindings
-
async-hash
Traits and helper functions for SHA256 hashing of async data types
-
rand-esdm
interface to ESDM RNG server
-
scromble
A no-nonsense single-file encryptor with data authentication
-
k12sum
A command line implementation of the KangarooTwelve hash function
-
pqctracer
A reusable TLS-aware HTTP client that captures post-quantum cryptography handshake metadata
-
monocypher
Bindings for the monocypher C library
-
pem-rfc7468
PEM Encoding (RFC 7468) for PKIX, PKCS, and CMS Structures, implementing a strict subset of the original Privacy-Enhanced Mail encoding intended specifically for use with cryptographic keys…
-
jwt-encde
GUI JWT encoder / decoder - Local, private, easy
-
card-cli
FIDO(U2F, WebAuthn), YubiKey, OpenPGP command line tool
-
stackforge-core
Core networking logic for Stackforge
-
ps-cypher
Chacha-based data cypher
-
depguard-test-util
Shared test utilities for depguard fixture and report normalization
-
pwhash
A collection of password hashing routines in pure Rust
-
cryprot-ot
Oblivious Transfer extension protocols
-
kcr_kustomize_toolkit_fluxcd_io
Kubernetes Custom Resource Bindings
-
libsodium-sys-stable
Maintained FFI bindings for libsodium stable
-
ssl-certs
Load SSL certs from env vars
-
SaltPass
A deterministic password generator based on cryptographic algorithms
-
azure_svc_keyvault
generated REST API bindings
-
app-utils
modules for application logic (YAML, audit, timestamps)
-
regitry-code
是一个使用 SM2、SM3 国密算法进行加密、解密和生成注册码、任务号、密码的类库
-
rust-native-obf
advanced native obfuscation library for rust
-
oo7-daemon
Server side implementation of the freedesktop Secret Service
-
mnm
Mnemonic sentences for BitTorrent info-hashes
-
mozilla/neqo-crypto
Neqo, an implementation of QUIC written in Rust
-
ferrocrypt-cli
Command-line interface for Ferrocrypt (installs the 'ferrocrypt' binary)
-
paillier-zk
ZK-proofs for Paillier encryption scheme
-
rust-crypto-utils
Memory-safe cryptographic utilities for secure key handling, encryption, and post-quantum readiness
-
capiba-identidade
Identidades soberanas desacopladas de autoridades centralizadas (DIDs)
-
crypter
A AES-GCM 256 encryption and decryption library
-
mxdx-secrets
Age encryption and secret management for mxdx
-
memokey
CLI for memobuild key generation, signing, and verification
-
xrc_cli
A cli for multi-threaded encryption/decryption of files/folder using bitwise xor
-
paas-api
Common API for PAAS server and client
-
yb
Secure blob storage on a YubiKey
-
simple-rijndael
Pure Rust, simple implementation of the rijndael-cbc algorithm for osu! score decryption or encryption
-
zhihu_sign
知乎Web端签名破解
-
kotoba-cid
Content ID (CID) system for Kotoba graph processing
-
hanzo-pqc
Post-quantum cryptography primitives (ML-KEM, ML-DSA, SLH-DSA) for Hanzo ecosystem
-
feistel-permutation-rs
Constant time, constant space permutations with Feistel Network ciphers
-
apertur-sdk
Rust SDK for the Apertur API
-
racme
Rust 庫,提供與 ACME 協議互動的功能,支援自動化憑證管理,適用於 Let's Encrypt 等 CA。
-
siguldry-pkcs11
A minimal PKCS#11 module that implements the interfaces required to sign content using the Siguldry server
-
sha2raw
SHA-2 hash function
-
sshx
A secure web-based, collaborative terminal
-
safe_pqc_kyber
Fork of pqc_kyber with some safety fixes
-
const-siphasher
SipHash-2-4, SipHash-1-3 and 128-bit variants in pure Rust
-
libsignify-rs
OpenBSD-compatible file signing & verification library
-
hbs-lms
Pure Rust implementation of the Leighton Micali Signature scheme with support for key generation, signature generation and verification
-
uesugi-rs
Uesugi cipher implementation using the iroha table
-
maat_field
Finite field arithmetic and value-to-field encoding for the Maat zero-knowledge backend
-
bls-signatures-evm
BLS signatures in Rust for the EVM
-
turbomcp-dpop
DPoP (RFC 9449) implementation for TurboMCP with HSM support
-
keyquorum-split
Split a secret into Shamir shares for use with keyquorum
-
dgc
A parser and validator for the EU Digital Green Certificate (dgc) a.k.a. greenpass
-
fhe
Fully Homomorphic Encryption in Rust
-
nam-blst
Bindings for blst BLS12-381 library
-
sha256-rs
SHA256 hash made using Rust
-
sosistab2
An obfuscated datagram transport for horrible networks
-
co-did-key
COKIT fork of did-key — Implementation of the did:key method
-
ntdb_unwrap
Decrypt/decoded NTQQ database files
-
ncrypt-me
Dead simple encryption library
-
deoxysii
Deoxys-II-256-128 MRAE primitives for Rust
-
xs_curve25519-dalek
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
sigh
HTTP signature generation and verification for ActivityPub, using OpenSSL
-
goldilocks-crypto
ECgFp5 elliptic curve and Schnorr signatures over the Goldilocks field
-
r-license
An industrial-grade offline software licensing system with hardware binding and anti-rollback protection
-
squint
Encode sequential integer ids as random looking strings
-
django-rs-core
Core types, settings, app registry, signals, and error types for django-rs
-
anubis-rage
Post-quantum secure file encryption tool with hybrid X25519+ML-KEM-1024. Defense-in-depth security.
-
agentic-identity-mcp
MCP server for AgenticIdentity — expose identity operations to AI agents
-
pkcs11-bindings
Rust bindings for the PKCS#11 specification
-
ed25519_to_curve25519
Convert ed25519 keys and sign to curve25519
-
gpg-expire-warner
Prints a warning when GPG keys are about to expire
-
abrute
AESCrypt Brute force attempter
-
holecard-cli
A secure CLI password manager with dual-key encryption and TOTP support
-
boring-rustls-provider
A BoringSSL-based rustls crypto provider with optional FIPS and post-quantum support
-
yedad_ladder
Core library for Yedad ladder hash algorithm - digital signature based on double SHA-256 for decentralized networks
-
false-bottom
A deniable encryption scheme
-
hotboot
Secure private data with a weak secret, using as a protection access control of the system and defense especially designed against cold-boot attacks
-
bmw-hash
Pure Rust implementation of Blue Midnight Wish (BMW-512) hash function
-
cryptograph
All you need for encrypthing your messages
-
cerememory-archive
CMA (Cerememory Archive) export/import based on SQLite
-
nvlp
Encrypt files to GitHub users via their SSH keys
-
sqisign-rs
Core types and traits for SQIsign post-quantum signature scheme
-
bergshamra-c14n
XML Canonicalization (C14N) for Bergshamra XML Security library
-
altcha-lib
Community implementation of the Altcha library in Rust for your own server application to create and validate challenges and responses
-
rfc2289-otp
One Time Passwords (OTP) per IETF RFC 2289
-
irox-cryptids
IROX Cryptographic Primitives - probably very hazardous
-
ec-gpu-gen
Code generator for field and eliptic curve operations on the GPUs
-
http-signature-normalization-actix-extractor
An HTTP Signatures library that leaves the signing to you
-
bromberg_sl2
Cayley hashing as in 'Navigating in the Cayley Graph of SL₂(𝔽ₚ)'
-
sigstore-tsa
RFC 3161 Time-Stamp Protocol client for Sigstore
-
identity_ecdsa_verifier
JWS ECDSA signature verification for IOTA Identity
-
equix
Asymmetric function for client puzzle protocols
-
libtumpa
Shared tumpa library: high-level OpenPGP key, card, and keystore operations on top of wecanencrypt
-
crypto-permutation
Permutation based cryptography framework; core traits
-
signet-core
Cryptographic action receipts for AI agents
-
runar_node
Runar Node implementation
-
df1t-cyph
minimal rust encryption algorithm made by a solid structured sequential algorithms without any external cryptographic crates
-
comprehensive_tls
A harness for creating consistently-shaped servers will less boilerplate
-
s5_core
types and traits shared by all S5 crates
-
debsign-rs
Sign Debian packages with GPG
-
lambdaworks-gpu
Modular math library for cryptography - GPU implementation
-
qssm-proofs
Formal invariants, reductions, and hardness gates for QSSM Engine A/B binding
-
clubcard-crlite
An instantiation of Clubcard for use in CRLite
-
ytdlp-ejs
ejs
-
lattice-slh-dsa
Pure Rust implementation of SLH-DSA (FIPS 205) / SPHINCS+ post-quantum digital signature scheme
-
bergshamra-crypto
Cryptographic algorithm implementations for Bergshamra XML Security library
-
rs_sha512
rs_sha512is a Rust implementation of the SHA-512 cryptographic hash algorithm, part of the largerrs_shieldproject. This package provides SHA-512 hashing functionality in a standalone manner… -
abao
BLAKE3 verified streaming
-
rpgpie
Experimental high level API for rPGP
-
ifd-jcecard
PC/SC IFD Handler for jcecard virtual OpenPGP and PIV smart card
-
cretrit
Flexible Order-Revealing Encryption library
-
tecdh
Threshold elliptic-curve Diffie-Hellman key exchange
-
http-sig
IETF draft 'Signing HTTP Messages'
-
librustysigs
Signatures: A Secure Code Signing System
-
qrptonote
AES-256-GCM encrypted terminal notebook. mlock'd cleartext buffer, Argon2id KDF, prctl-hardened.
-
brass-aphid-wire-decryption
do runtime decryption of TLS conversations, and helpers for popular TLS libraries
-
auths-verifier
Minimal-dependency attestation verification library for Auths - supports FFI and WASM
-
shadow-crypt
Secure password-based file encryption with filename obfuscation
-
weapay
SDK for Alipay and WeChat Pay based on v3
-
ncmdump
Some copyright protection file dump
-
shaha
Hash database builder and reverse lookup tool
-
easydes
Encrypt with DES easily in Rust
-
anothertls
TLS implementation, but written from scratch (including the crypto) in pure Rust - of course
-
wsc
WebAssembly Signature Component - WASM signing and verification toolkit
-
keysmith
Create keys, uuid's, timestamps, and more
-
bvf-cli
Command-line tool for encrypting and decrypting files using the bvf format
-
logline
full stack bundle (TDLN + JSON✯Atomic + LogLine core + LLLV) with CLI
-
abcrypt
encrypted data format
-
avila-primitives
Big integer primitives (U256, U512, U1024, U2048, U4096) - Built on avila-nucleus
-
keystore-rs
securely generating, storing, and managing cryptographic keys with support for macOS and Linux keychain integration
-
aman
The definitive, high-performance binary integrity & signing platform. Supports P-256, Ed25519, Multi-sig, and Anti-tamper.
-
zeph-vault
VaultProvider trait and backends (env, age) for Zeph secret management
-
rustpython-stdlib
RustPython standard libraries in Rust
-
quadra-a-core
Core protocol primitives for the quadra-a agent network
-
lafs
Least-Authority File Store utils
-
dleq
single and cross-curve Discrete Log Equality proofs
-
quantumapi
Official Rust SDK for QuantumAPI - European quantum-safe encryption and identity platform
-
acme-lib
requesting certificates from an ACME provider
-
cait_sith_keplr
Threshold ECDSA via Triples
-
frost-secp256k1-tr
A Schnorr signature scheme over the secp256k1 curve that supports FROST and Taproot
-
pmv_encryption_rs
PersonalMediaVault encrypted storage model. This library allows to encrypt and decrypt data, and also read ans write files in the same format PersonalMediaVault uses.
-
trussed-se050-manage
Trussed extension for managing a secure element
-
http-signature-directory
Validate if your JWKS directories meet web-bot-auth standards
-
ghostkey-common
Wire types for communicating with the Freenet ghostkey delegate (GhostkeyRequest/GhostkeyResponse). Use this crate from a Freenet dapp that needs to sign messages or read ghostkey identity info via the delegate…
-
yourevalid
Validation type and trait. For internal use in polyproto-related crates, currently
-
neuedu-cryptos
包含国密算法的密码库。 A library include SM3, SM4 (Chinese ShangMi) crypto algos
-
hfile
command-line interface (CLI) tool for generating hash values of files
-
spwn
A language for Geometry Dash triggers
-
safehold
A secure cross-platform environment variable manager with CLI and optional GUI for encrypted storage of secrets and config
-
reishi-quinn
Noise IK handshake integration for quinn with QUIC key derivation
-
ibe
Identity Based Encryption schemes on the BLS12-381 pairing-friendly elliptic curve
-
foctet-http
Thin HTTP adapter for application/foctet body envelopes
-
nuts-memory
A backend implementation for nuts
-
ec25519
Small, self-contained, wasm-friendly elliptic curve algorithms for 25519 curve family
-
nettext
A text-based data format for cryptographic network protocols
-
native-pkcs11-keychain
native-pkcs11 backend for macos keychain
-
shannon-nu-plugin
Functionality for building Nushell plugins
-
dog-auth-local
Local (username/password) authentication strategy for DogRS
-
dexios
Secure, fast and authenticated command-line encryption of files with modern algorithms and an audited encryption backend
-
pqrascv-core
Post-Quantum Remote Attestation & Supply-Chain Verification (PQ-RASCV) prover core — no_std + alloc
-
aes-prng
Pseudo-random number generator based on AES
-
trojan-cert
Certificate generation utilities for trojan-rs
-
abhedya-ffi
C/FFI Bindings for Abhedya PQC
-
tlock
Rust encryption library for practical time-lock encryption
-
observer-core
Core canonical contracts and analytics for the Observer verification platform
-
pakery-crypto
Concrete cryptographic implementations for PAKE protocols
-
winternitz-ots
Interacting With Winternitz One-Time Signatures, a Hash-Based, Post-Quantum Digital Signature Scheme Based On Lamport Signatures. This implementation uses the hash function Blake2b for all hashing…
-
prefixed-api-key
module for generating a Prefixed API Key
-
saltine-caeser
Caeser cipher implementation for the saltine crate
-
opentalk-types-signaling-e2ee
Signaling types for the OpenTalk e2ee module
-
compact_argon2
Thin wrapper around the argon2 crate to improve ergonomics and provide a smaller serialization format
-
rpm-sequoia
RPM PGP interface using Sequoia
-
jdt_activity_pub
ActivityPub is a set of structs and enums used to facilitate the operations of ActivityPub servers and clients
-
viadkim
DomainKeys Identified Mail (DKIM) specification
-
nstack
Arity 4 stack for the kelvin merkle toolkit
-
syft-crypto-protocol
Post-quantum cryptographic protocol implementation for SyftBox using Signal's PQXDH
-
bandersnatch-ffi
C FFI bindings for Bandersnatch VRF - ring signatures and ticket ID computation
-
aft-crypto
Cryptography library for aft
-
hxrts-aura-relational
RelationalContext implementation for cross-authority coordination in Aura
-
const-sha1
A sha1 implementation for use in const contexts
-
rust_code_obfuscator
easily obfuscate strings and control-flow using cryptify lib
-
rustack-kinesis-core
Kinesis business logic for Rustack
-
pq-jwt
Post-Quantum JWT implementation using ML-DSA (FIPS 204) signatures for quantum-resistant authentication
-
did-key
did:key method
-
classical-ciphers
Classical cipher implementations: Caesar, Vigenère, Atbash, XOR
-
jpki
Read certificates, sign and verify documents using your JPKI card
-
monerochan-recursion-gnark-ffi
Monero-Chan, The Open-Source Privacy Platform (OSPP)
-
backblaze-b2-client
Backblaze B2 Client for Rust
-
sntrup761
Streamline NTRU Prime algorithm
-
suon_xtea
XTEA cipher implementation for the Suon MMORPG framework
-
gxt-extism-types
Minimal, encrypted, signed and copy-pasteable tokens for manual data exchange between games
-
scp-media
Real-time media transport types for SCP (Shared Context Protocol)
-
bevy_assets_bundler
Assets Bundler for bevy, with content encryption support
-
sha3
SHA-3 family of cryptographic hash algorithms
-
cdumay_sodium
sodium
-
rekrypt
Professional proxy re-encryption library based on Curve25519 for Rust and WebAssembly
-
thieves-cant
Solitaire Cipher designed by Bruce Schneier
-
base_custom
Use any characters as your own numeric base and convert to and from decimal
-
black-bagg
Secure password manager with RAM-only execution, fixed contact display, and post-quantum cryptography
-
wstep-rs
[MS-WSTEP] WS-Trust X.509v3 Token Enrollment Extensions protocol
-
fsextra
collection of extensions to simplify working with Unix-based filesystems. With support for cryptographic operations (encryption, hashing)
-
libsignal-dezire
signal protocol
-
wasefire-stub
Stubs for the Wasefire applet API
-
lurpax
— encrypted snapshot vault CLI (Erron.ai)
-
kryptos
various older, insecure, cryptographic ciphers
-
pw_hash
A collection of password hashing routines in pure Rust. Fork of pwhash by inejge.
-
spake2-conflux
The SPAKE2 password-authenticated key-exchange algorithm
-
atomic-id
Very fast and unique id generation
-
sustenet-shared
Sustenet shared library that contains the common code used by all modules
-
edgee-proxy
Edgee proxy
-
qscp
Quantum Secure Copy — post-quantum file transfer over QSSL. No IPFS, no third party. Transport IS the encryption.
-
elara-crypto
ELARA Protocol - Cryptographic engine with identity binding, multi-ratchet encryption, and post-quantum ready security
-
fast-paillier
Optimized Paillier encryption scheme
-
benaloh-challenge
Implements the Benaloh Challenge (also known as an Interactive Device Challenge), a crytographic technique to ensure the honesty of an untrusted device
-
vrf-mod
An extensible rust library for building VRF functionality with support for Elliptical Curve VRFs (secp256k1, secp256r1 curves)
-
saorsa-mls
Experimental Message Layer Security (MLS)-inspired library for P2P secure group communication
-
ufile-rus3
UFile Rust SDK
-
nginx-src
Source of NGINX
-
crypto-seal
A small utility designed to securely "package" or seal serde-compatible data type that can passed around in an uncompromised manner
-
rustpad
Multi-threaded Padding Oracle attacks against any service
-
variant-ssl
Bindings for OpenSSL variants such as BoringSSL / AWS-LC / Tongsuo
-
synta-tools
Command-line tools for inspecting and manipulating ASN.1 DER and PEM files
-
nekohash
A multifaceted hashing library for Rust
-
psect-core
probabilistic regression search — entropy-minimizing bisection for flaky tests
-
rustls-mbedtls-provider-utils
code used in mbedtls based provider for rustls
-
scicrypt
Lightweight cryptographic building blocks for proof of concept implementations in multi-party computation
-
aerovault
Military-grade encrypted vault format — AES-256-GCM-SIV, Argon2id, AES-KW, HMAC-SHA512
-
tink-daead
Deterministic AEAD functionality for Rust port of Google's Tink cryptography library
-
ntied
stable messenger
-
roc-cert
A Rust-based CLI tool for automatic SSL certificate renewal
-
tbz-airlock
Alias for tibet-zip-airlock — Sandboxed decompression with eBPF kernel enforcement
-
saferet
Secure types for handling sensitive data in Rust with automatic memory cleanup and protection against accidental exposure
-
rust-license-key
A production-grade Rust library for creating and validating offline software licenses using Ed25519 cryptography
-
message_verifier
Rust Message Verifier library compatible with Rails' MessageVerifier and MessageEncryptor
-
auths
Decentralized identity for developers — cryptographic commit signing with Git-native storage
-
meritocrab-github
GitHub API integration for the Meritocrab reputation system
-
alterion-ecdh
X25519 ECDH key store with timed rotation, grace-window overlap, and HKDF-SHA256 session key derivation
-
simplepir
A fast and efficient implementation of SimplePIR in Rust
-
neco-galois
necosystems series finite field arithmetic for secp256k1 and P-256
-
xcqa
Dictionary-based cryptosystem with zero-knowledge proof signatures
-
hawk
Hawk Implementation for Rust
-
balanced-tree-index
constant-time manipulation of a complete binary tree with a flat in-memory representation
-
cross-authenticode
Cross-platform implementation of Authenticode signature verification
-
edcert
can be used to sign and verify content based on Ed25519
-
dilithium-rs
Pure Rust implementation of ML-DSA (FIPS 204) / CRYSTALS-Dilithium post-quantum digital signature scheme
-
fractus
Cryptographic attack library for Rust and Python
-
test-cert-gen
generate certificates for tests (e. g. for TLS)
-
ai_hash
hashing helpers supporting sgd sharding
-
cryptos
All cryptographic in one, make crypto easy
-
locker-backend
Self-hosted digital encrypted vault with immutable consent receipts for personal documents
-
clasp-crypto
E2E encryption add-on for CLASP protocol - AES-256-GCM, ECDH P-256, ECDSA, TOFU
-
relay-lib
The Relay library
-
tequel-rs
A high-performance 2x Loop Unrolling SIMD/AVX2 integrity engine and hash function, built in pure Rust for modern x86_64 architectures
-
smcrypto
China's Standards of Encryption Algorithms(SM2/SM3/SM4)
-
scramblr
Obfuscation for Ordinary
-
tokio-rustls-acme2
TLS certificate management and serving using rustls (for use with Tokio)
-
rummage-rs
Safe Rust wrappers for the Rummage GPU Nostr mining library (CUDA)
-
seal-crypto
providing pure cryptographic capability abstractions (traits) and implementations for the seal-kit ecosystem
-
cose_minicbor
no_std-friendly Rust crate for decoding and verifying COSE (CBOR Object Signing and Encryption) messages with optional cryptographic backends
-
chksum-cli
checksum calculator
-
mnemossh
CLI tool for generating and managing Ed25519 SSH keys using BIP-39 mnemonic phrases
-
tweetnacly
Bindings for TweetNaCl, with a couple of additions: flexible SHA2-512 hash, detached mode
-
offline-license-validator
Offline license validation library using Ed25519 signatures
-
ovunto-security
secure end-to-end communication between clients through a server
-
libkrimes
A pure rust, minimal kerberos library
-
pinenut-log
An extremely high performance logging system for clients (iOS, Android, Desktop), written in Rust
-
ed25519_heapless
Ed25519 signature verification, generic over bigint backends
-
rustfs-crypto
Cryptography and security features for RustFS, providing encryption, hashing, and secure authentication mechanisms
-
atlas-token-confidential-transfer-proof-extraction
Atlas Program Library Confidential Transfer Proof Extraction
-
botan-src
Sources of Botan cryptography library
-
dcf
Distributed comparison function implementation
-
bbs-accum
accumulator commitment scheme by Jutla et al
-
qcoin-crypto
Cryptographic primitives for qcoin
-
ntrust-native
Pure rust implementation of the PQC scheme Saber
-
qp-plonky2-field
Finite field arithmetic
-
bao1x-api
Baochip-1x API Crate
-
nam-ec-gpu-gen
Code generator for field and elliptic curve operations on the GPUs
-
si-crypto-hashes
reusable functionality for working with typical cryptographic hashes
-
ecrust-ec
Elliptic-curve abstractions and point arithmetic for the ecrust ecosystem
-
ansible-vault
encrypt and decrypt ansible vault
-
bls24-curves
A pure Rust framework for pairing-based cryptography using BLS24 curves
-
nps-nip
NPS — Neural Identity Protocol frames and Ed25519 identity management with AES-256-GCM key encryption
-
libsoliton_capi
C ABI export layer for libsoliton — generates soliton.h via cbindgen
-
cortex-airlock
TIBET Cortex Airlock: zero-plaintext-lifetime processing with mlock and zeroize
-
vwh
Cryptographic accountability tool for verifying digital presence
-
philiprehberger-jwt
JSON Web Token encoding, decoding, and validation with HMAC algorithms
-
lupine-cli
CLI for the Lupine PQC suite
-
pulith-verify
Content verification primitives for downloaded artifacts
-
reqtls
A tls lib
-
quantum-sign
post-quantum signatures, format, policy, and CLI in one crate
-
decaf377-rdsa
randomizable signature scheme using the decaf377 group
-
jose
A JSON Object Signing and Encryption implementation
-
a3s-box-runtime
MicroVM runtime engine — VM lifecycle, OCI images, attestation, networking
-
invariant-robotics
Command-line interface for Invariant
-
tectonic-fn-dsa-sign
FN-DSA signature scheme
-
mykey
MIKEY (RFC 3830) — Multimedia Internet KEYing for SRTP key exchange
-
sentc
Encryption and group/user management sdk. Easy-to-use encryption with post quantum cryptography.
-
hyde-plat
Fully Homomorphic Encryption compute engine for the hyde ecosystem
-
philiprehberger-secret-store
Secure in-memory secret storage with automatic zeroization, expiry, and redacted display
-
am-core
Core library for agent-to-agent encrypted messaging over Nostr
-
encrypto_rsa
stunning-encrypto is cross platform end-to-end encryption dependency
-
brass-aphid-wire-messages
structs and constants for TLS message and IANA constants
-
openssl_provider_forge
FFI binding for the
CoreandProviderAPIs ofOpenSSL 3.2+ -
openentropy-server
HTTP entropy server with an ANU-style random endpoint
-
decds
A CLI for Distributed Erasure-Coded Data Storage System
-
wasmtime-wasi-tls-openssl
Wasmtime implementation of the wasi-tls API, using OpenSSL for TLS support
-
sl-shamir
Shamir Secret Sharing
-
abpilot-cc-sdk
Rust SDK for ABPilot CC platform
-
rusty_secrets
threshold Shamir's secret sharing in the Rust programming language
-
test-curve25519-dalek
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
pqxdh-zoa
generic implementation of Signal's PQXDH
-
lox-extensions
A reputation-based bridge distribution system that provides privacy protection to users and their social graph while remaining open to all users
-
mdbook-pagecrypt
Encrypt your mdbook-built site with password protection
-
seedpass
A secure password generation tool based on a single master key using Argon2 and BIP-39
-
itsdangerous
Rust port of the popular itsdangerous python library for signing strings and sending them over untrusted channels
-
openentropy-wasm
WebAssembly entropy collection using browser APIs — timing jitter, crypto.getRandomValues(), and scheduling noise
-
snowstorm
A minimalistic encryption protocol based on Noise protocol (snow)
-
hbsx
file encryption tool with compression support
-
koi-truststore
Platform trust store integration for installing and removing local CA certificates
-
lupine-serial
Serialization (DER, PEM, SPKI) for the Lupine PQC suite
-
zhc_langs
Language dialects for the ZHC compiler (IOP, HOP, DOP)
-
ristretto_types
Types and traits for the Ristretto JVM
-
libcrux-platform
Platform detection crate for libcrux
-
hsh
Quantum-Resistant Cryptographic Hash Library for Password Encryption and Verification in Rust
-
frost-dkg
Frost Distributed Key Generation protocol
-
ctf_party
CTF Party is a tool that provides various cryptographic and network utilities for CTF (Capture The Flag) competitions. It is written in Rust and offers a command-line interface for easy usage…
-
torrosion
A Tor library for Rust
-
poseidon-rs
Poseidon hash implementation
-
mc-oblivious-ram
Implementations of Oblivious RAM data structures
-
fastn-id52
fastn ID52 identity and cryptographic key management
-
kookie
A secure, local-first, encrypted secret manager for developers
-
aranya-id
Aranya ID types
-
truelayer-signing
Produce & verify TrueLayer API requests signatures
-
commucat-media-types
Shared media codec descriptors for CommuCat
-
coz-rs
Coz cryptographic JSON messaging specification
-
akv-cli
Azure Key Vault CLI (unofficial) can read secrets from Key Vault, securely pass secrets to other commands or inject them into configuration files, encrypt and decrypt secrets, and managed keys and secrets in Key Vault
-
ciphercore-base
The base package of CipherCore: computation graphs API, Secure MPC Compiler, utilities for graph evaluation and inspection
-
xaman
CLI tool for Aman integrity system
-
motorcortex-rust
Motorcortex Rust: A library for Rust client applications to control Motorcortex Core
-
thrussh-libsodium
Straightforward bindings to libsodium
-
arcanum-agile
Cryptographic agility framework for the Arcanum cryptographic engine
-
subtle-ng
Pure-Rust traits and utilities for constant-time cryptographic implementations
-
ntrulp
Pure implementation of high-security prime-degree large-Galois-group inert-modulus ideal-lattice-based cryptography
-
rndc
BIND9 RNDC protocol implementation for Rust
-
serde-encrypt
Encrypts all the Serialize
-
mogh_encryption
encrypt and decrypt data
-
mdf
MDFive, simple md5 tool
-
provnzero-proxy
A high-performance Zero Data Retention (ZDR) proxy for AI APIs
-
gpg-error
Libgpg-error bindings for Rust
-
concrete-csprng
Cryptographically Secure PRNG used in the TFHE-rs library
-
parmesan
Parallel ARithMEticS over ENcrypted data
-
rust-bottle
Bottle protocol - layered message containers with encryption and signatures
-
isideload-apple-codesign
Pure Rust interface to code signing on Apple platforms
-
ps-hkey
defines the hashkey format and provides methods for resolving them
-
gen-key
Small CLI tool for generating RSA and HMAC keys
-
authenticator-ctap2-2021
interacting with CTAP1/2 security keys for Web Authentication. Used by Firefox.
-
pqc_bridge
A lightweight Rust library for post-quantum cryptography providing secure key management, encryption, and digital signatures using NIST-standardized algorithms
-
acme-client
Easy to use ACME client library to issue, renew and revoke TLS certificates
-
bvf
personal encryption
-
agentic-payments
Autonomous multi-agent Ed25519 signature verification with Byzantine fault tolerance
-
wa-rs-tokio-transport
Tokio-based WebSocket transport for whatsapp-rust
-
unknown_order
working with finite fields where the modulus is of unknown order, typtical for RSA, Paillier, Hyperelliptic curves, etc
-
minimal-ed448
Unaudited, inefficient implementation of Ed448 in Rust
-
cryptoki-sys
FFI wrapper around the PKCS #11 API
-
datex-crypto-native
Native implementation of the DATEX Crypto facade
-
secry
AES-256-GCM / ChaCha20-Poly1305 / XChaCha20-Poly1305 token encryption CLI
-
swift-secure-enclave-tool-rs
Swift secure enclave tool in Rust
-
mls-rs-crypto-traits
Crypto traits required to create a CryptoProvider for mls-rs
-
vusi
ECDSA signature vulnerability analysis library and CLI
-
vme-pkix
TLS Certificate encoding and decoding helpers for the Fortanix VME environment
-
fitgirl-decrypt
decrypt torrents from fitgirl-repacks
-
nova-scotia
Middleware to compile Circom circuits to Nova zkSNARK scheme
-
tink-hybrid
Hybrid encryption functionality for Rust port of Google's Tink cryptography library
-
coz-cli
CLI for Coz cryptographic JSON messaging
-
aingle_zome_types
AIngle zome types
-
ssh-packet
implementing SSH packet reading/writing using
binrw -
roughenough-common
Shared cryptography and encoding utilities for Roughenough
-
nist-drbg-rs
NIST SP 800-90A Rev. 1 for Deterministic Random Bit Generators
-
rejson
A command line utility for managing secrets
-
signcryption
implementing the Toorani-Beheshti signcryption scheme instantiated over Ristretto255 or Ed25519
-
signature_bbs_plus
The Ockam BBS+ signature impementation
-
clog_rs
A cryptographically secure content storing library. Provides simple APIs to create, read, and edit files without compromising security.
-
agentic-comm
Agent-to-agent and agent-to-human communication engine with channels, pub/sub, and message routing
-
lllv-core
LLLV — Cryptographic capsules for verifiable retrieval
-
ejson
Manage encrypted secrets using public key encryption
-
bacon-cipher
Bacon's cipher
-
skipjack
A straight-line implementation of Skipjack in Rust
-
pwgen-x
A feature-rich password generator with pronounceable, secure, passphrase, and PIN modes
-
argon2-kdf
Intuitive Rust bindings for Argon2
-
signedshot-validator
Validator for SignedShot media authenticity proofs
-
yadacha
symmetric cipher that combines chacha20 and very large private keys
-
nethsm
A high-level library to interact with the API of a Nitrokey NetHSM
-
quantacore-sdk
Rust bindings for the QUAC 100 Post-Quantum Cryptographic Accelerator
-
affinidi-tsp
Trust Spanning Protocol (TSP) implementation for the Affinidi TDK
-
flowerpassword
Flower Password implementation for Rust - Deterministic password generator using HMAC-MD5
-
sponge-hash-aes256
A sponge-based secure hash function that uses AES-256 as its internal PRF
-
blake2
hash functions
-
redoubt-hkdf
HKDF-SHA256 implementation with secure memory handling
-
deno_tls
TLS for Deno
-
cocoonfs-cli
Cocoon TPM project - CLI utility for accessing CocoonFs images
-
defendor
A secure file encryption tool with AES-GCM and Argon2 for password hashing
-
signal-backup-decode
decode signal backups
-
halite-sys
Unsafe Rust bindings for libsodium stable
-
openadp-ocrypt
Rust SDK for OpenADP - Distributed secret sharing and advanced data protection
-
webpki-root-certs
Mozilla trusted certificate authorities in self-signed X.509 format for use with crates other than webpki
-
aes-gcm-stream
AES GCM stream encrypt and decrypt library, supports AES128/192/256 bit keys
-
oboron-cli
CLI tool for Oboron - general purpose encryption and encoding library
-
libcrux-aesgcm
Libcrux AES-GCM implementation
-
pg-cli
Commandline interface for PostGuard
-
cosmian_sse_memories
Symmetric Searchable Encryption
-
shamir_share
A secure and efficient Rust library for Shamir's Secret Sharing
-
keyutils
Rust interface to the Linux keyring
-
klave-connector
Module allowing easy connection to deployed Klave apps
-
external-command-rs
External tool in Rust
-
sequoia-git
managing and enforcing a commit signing policy
-
webbuf_aescbc
WebBuf AES-CBC library
-
rsrp-pqcrypto
Hybrid post-quantum cryptographic primitives for deterministic proof systems
-
cita-crypto
A switch to choice algorithm, secp256k1, ed25519, sm2
-
aeonflux
Composable, lightweight, fast attribute-based anonymous credentials with infinite (aeon) rerandomised (flux) presentations using algebraic message authentication codes (aMACs), symmetric verifiable encryption…
-
apksig
Decoding the APK Signing Block
-
uricrypt
Hierarchy-preserving deterministic URI encryption
-
libcrux-secrets
Libcrux utilities for working with secrets
-
rust_ev_system_library
E-Voting system library functionalities for the Verifier
-
fn-dsa
signature scheme
-
tsumiki-pkix-types
PKIX types (AlgorithmIdentifier, Name, etc.) for X.509 certificates
-
soft-aes
A Rust-based software library for AES
-
hxrts-aura-chat
Secure chat functionality for the Aura threshold identity platform
-
test-dalek-docs
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
rialo-s-secp256r1-program
Precompile implementation for the secp256r1 elliptic curve
-
dec-cryptor
A high-performance file encryption tool using AES-256-CTR and Argon2id
-
rswxpay
WeChat Pay V3 API SDK for Rust — pure Rust crypto, no OpenSSL
-
arcanum-zkp
Zero-knowledge proofs: Bulletproofs, Schnorr proofs, commitments
-
gimli-hash
The Gimli-permutation based Hash
-
cggmp24-keygen
UC-secure DKG implementation based on CGGMP24 paper
-
tor-checkable
Types to ensure that signed or time-bound data is validated before use
-
cipha-cli
CLI for classical ciphers
-
secretik
Opinionated cli tool for encrypting secrets
-
saltine
A classical cipher encryption and decryption suite
-
rustls-ffi
Rustls bindings for non-Rust languages
-
passwordmaker-rs
Rust reimplementation of the PasswordMaker Pro algorithm. This is partially a port, partially written from scratch. Compatibility is a goal, but not guaranteed.
-
ockam_identity
Ockam is a library for building devices that communicate securely, privately and trustfully with cloud services and other devices
-
kuska-sodiumoxide
Fast cryptographic library for Rust (bindings to libsodium), with conversion from ed25519 to curve25519
-
enchantress
AES-256 file encryption tool
-
crypto-auditing
Client library for crypto-auditing project
-
hanzo-identity
Crypto Identities for Hanzo AI platform
-
ysc1
YSC1 (Yeun's Stream Cipher 1) based on the Amaryllis-1024 specification
-
pkgar
Redox Package Archive
-
pkce-std
Handling Proof Key for Code Exchange
-
ristretto_pom
Ristretto Package Object Model
-
wormsign
Dilithium5 signature tool
-
securo
Cryptographic impl for hybrid classical-post-quantum authentication and secure communication
-
prompt-store
Prompt Store is a secure, encrypted CLI and Rust library for managing, deploying, and orchestrating AI prompts using workspaces and Git-based workflows
-
why2-chat
Lightweight, fast and secure chat application powered by WHY2 encryption
-
enocoro128v2
Safe, embedded-friendly Enocoro-128 (Version 2) stream cipher. Verified using Hitachi's official test vectors.
-
gm-rs
China's Standards of Encryption Algorithms(SM2/SM3/SM4)
-
plat-mkfhe
Multi-Key Fully Homomorphic Encryption — compute across independent keys
-
lupine-sign
Signature implementations (ML-DSA, SLH-DSA, hybrid Ed25519+ML-DSA) for the Lupine PQC suite
-
sigstore-crypto
Cryptographic primitives for Sigstore
-
light-indexed-array
indexed (and concurrent) Merkle tree in Rust
-
peachnote-vault-core
QuickPeach Vault Core: shared vault format, manifest, and encryption primitives
-
sslx
The modern way to work with certificates and TLS
-
ratchet-x2
Pure Rust Double Ratchet protocol implementation
-
enigma-identity
Enigma Identity: local identity + X3DH bundle + shared secret derivation
-
kyberauth
Enable AES keys transfer on unsecure channel using quantum-resistant Kyber
-
xkcp-rs
Safe wrappers to the XKCP library
-
aesp
optional CLI for AES in parallel. Personal project -- use at your own risk.
-
anypki
fully customizable PKI tool that allows your project to have a customized CA trust chain, blacklist/whitelist filtering root CAs by Country Code, Serial Number, SHA-1/SHA-256 fingerprint, or Issuer Name
-
host-chat
Chat protocol primitives — crypto, encoding, protocol logic. No I/O, WASM-safe.
-
kcr_jetstream_nats_io
Kubernetes Custom Resource Bindings
-
ps-datalake
Encrypted flat storage
-
ndr
CLI for encrypted Nostr messaging using double ratchet
-
health-backend
Daily wellness check‑in that handles PHI securely
-
star-constellation
Nested threshold aggregation built on the STAR protocol
-
midnight-circuits
Circuit and gadget implementations for Midnight zero-knowledge proofs
-
hkd32
HMAC-based Hierarchical Key Derivation: deterministically derive a hierarchy of symmetric keys from initial keying material through repeated applications of the Hash-based Message Authentication Code…
-
azure_mgmt_maps
generated REST API bindings
-
macarunes
macaroons
-
elizaos-plugin-tee
elizaOS TEE Plugin - Trusted Execution Environment integration for secure key management and remote attestation
-
gni
create a GPU Node ID
-
gimli-permutation
Gimli: a cross-platform permutation
-
sha_file_hashing
computing and validating SHA-1 file hashes with a clean, trait-based API
-
sf-cli
Secure file encryption CLI/TUI tool with password protection
-
pingap-acme
ACME client for pingap
-
blastkids
Derive BLS12-381 child keys using Blastkids
-
trussed-hpke
HPKE extension for trussed
-
libsrtp
a pure rust implementation of SRTP
-
hyde-core
Core traits and types for Hyde TEE abstraction
-
ristretto_cli
A Java Virtual Machine (JVM) CLI
-
aztec-crypto
Cryptographic primitives and key derivation for the Aztec Rust SDK
-
keycrypt
AES-256-GCM encryption helpers backed by the OS keychain (auto-init key on encrypt, strict decrypt, Zeroize in-memory keys)
-
cloakpipe-local
Local-only RAG mode for CloakPipe — future scope
-
host-chat-mls
MLS group keying for host-chat — forward secrecy and post-compromise security
-
attestation-doc-validation
attesting enclaves according to the Evervault Attestation scheme. This crate is used to generate ffi bindings.
-
theoros
LinkedIn feed digest — daily scrape, Claude filter, vault note
-
sam_encrypt
that provides a set of cryptographic primitives for building a proxy self re-encryption scheme
-
arcanum-pqc
Post-quantum cryptographic algorithms for the Arcanum engine
-
taceo-groth16
Groth16 zkSNARK proof system
-
rustls-tpm-signer
A package that allows to use a TPM as a custom signer in rustls and tonic
-
fluxencrypt-cli
Command line interface for FluxEncrypt encryption SDK
-
ffsend-api
A fully featured Firefox Send API client
-
avila-nucleus
Atomic-level operations - Foundation of Avila cryptography stack
-
mas-jose
JSON Object Signing and Encryption (JWT & co) utilities
-
hxrts-aura-core
Foundation types, effect traits, and cryptographic utilities for Aura
-
argon2rs
The pure Rust password hashing library that runs on Argon2
-
vitaminc-aead
Authenticated Encryption with Associated Data (AEAD) primitives. Part of the Vitamin-C cryptographic suite.
-
libcrux-ml-tkem
Libcrux ML-KEM & Kyber & tkem implementations
-
xdid-method-key
xdid implementation of did:key
-
spqr-syft
Vendored spqr crate for syft
-
ordinary-obfuscation
Obfuscation for Ordinary
-
ssh-key-fork-arti
Pure Rust implementation of SSH key file format decoders/encoders as described in RFC4251/RFC4253 and OpenSSH key formats, as well as "sshsig" signatures and certificates (including…
-
wacore-binary
Binary data and constants for WhatsApp protocol
-
pkloong-kcapi
High-level Rust wrapper for Linux Kernel Crypto API
-
akd_client
Client verification companion for the auditable key directory with limited dependencies
-
rift-core
Core types, identity, cryptography, and invites for the Rift P2P protocol
-
cutil
A complete internal PKI toolkit for Rust
-
mbedtls-platform-support-smx
support library for the
mbedtlscrate, providing platform and target specific implementations of all necessary functions. By separating this logic into a separate crate, multiple… -
upki
Platform-independent browser-grade certificate infrastructure
-
rustpq
Pure Rust post-quantum cryptography suite - ML-KEM, ML-DSA, and more
-
aucpace-conflux
AuCPace protocol implementation
-
nu_plugin_hmac
A HMAC sealing plugin for Nushell
-
tpm2-crypto
TPM 2.0 cryptographic routines
-
tholos-pq
Pure post-quantum multi-recipient encryption: Kyber-1024 + Dilithium-3 + XChaCha20-Poly1305 with a stable, versioned wire format
-
coil-tls
TLS management primitives for the Coil framework
-
pezsc-keystore
Keystore (and session key management) for ed25519 based chains like Pezkuwi
-
rsa-fdh
provably secure blind-signing signature scheme that uses RSA and a full domain hash and support blind signing / blind signatures
-
auths-sdk
Application services layer for Auths identity operations
-
xwt-cert-fingerprint
Certificate fingerprint computation algorithms related to WebTransport. Not directly required to use xwt, but can be helpful. Also usable without xwt. Intended to work with both wasm and native.
-
onepass-base
Basic formatting and word lists for onepass-seed
-
kcapi
Official high-level rust bindings for libkcapi
-
moq-token-cli
Media over QUIC - Token Generation and Validation
-
ecdh-omr
ECDH based Oblivious Message Retrieval
-
num-primes
Generating Large Prime and Composite Numbers using num with a simplistic interface
-
signify
Command-line implementation of the signify signature scheme
-
sare-lib
Hybrid post-quantum encryption library providing SARE standard primitives and APIs
-
abe_gpsw
ABE GPSW scheme for BLS pairing implemented in rust
-
sigmate
A modern, developer-focused CLI for cryptographic file signing and verification
-
sc_drbg
Subset Counter-Based Deterministic Random Bit Generator
-
bssl-cmake-sys
FFI bindings to BoringSSL (cmake incorporated)
-
mlspp-sys
Messaging Layer Security system bindings crate in Rust
-
dataparser_core
A flexible and efficient binary parsing and serialization library for Rust
-
wolfcrypt-tls
Safe Rust TLS API backed by wolfSSL
-
void-crypto
Cryptographic primitives for void — KeyVault, AES-256-GCM, HKDF, envelope encryption
-
qssm-le
lattice engine facade (reference stub — not LaBRADOR)
-
sha3-rust
Keccak (SHA-3) cryptographic hash function family
-
acme2
A Tokio and OpenSSL based ACMEv2 client
-
x25519-nostd
Pure-Rust X25519 (Curve25519) ECDH implementation for no_std/bare-metal targets (avoids LLVM SIMD issues)
-
parsec-tool
Parsec Command Line Interface
-
rosenpass
Build post-quantum-secure VPNs with WireGuard!
-
secure-string
A data type suitable for storing sensitive information such as passwords and private keys in memory, featuring constant time equality, mlock and zeroing out
-
saorsa-seal
Threshold sealing for group data in the Saorsa network
-
cracken
a fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool
-
pqcrypto-falcon
Post-Quantum Signature Scheme falcon
-
htauth-cli
A CLI tool for managing htpasswd files
-
quickcert
For generating test key/certificate pairs
-
safeguard
Secure file and credential management CLI with collections and tags
-
az-tdx-vtpm
vTPM based TDX attestation for Azure Confidential VMs
-
rinkey
Keyset manipulation command-line tool for Rust port of Google's Tink cryptography library
-
synta-krb5
Kerberos V5 and GSSAPI ASN.1 structures for the synta library
-
tameshi
(試し) - Deterministic integrity attestation library for infrastructure layers
-
sirrd
— ephemeral secret vault server daemon
-
sfio-rustls-config
Configuration routines for Rustls used in libraries from Step Function I/O
-
x509-cert
Pure Rust implementation of the X.509 Public Key Infrastructure Certificate format as described in RFC 5280
-
argentum_encryption_infrastructure
The infrastructure layer of encryption
-
timing-shield
Comprehensive timing leak protection for Rust
-
sealwd
Secure password and token management library for Rust, featuring hashing, encryption, and random generation
-
opensefaz-rs
SDK Rust para integração com SEFAZ e emissão de Nota Fiscal Eletrônica (NF-e)
-
spatial-hasher
deterministic encryption and decryption using 3D spatial parameters with secure authenticated encryption
-
nip46-signer
NIP-46 remote signing server — per-client permissions, session management, and Heartwood signing extensions
-
philiprehberger-argon2-easy
Dead-simple password hashing with Argon2id — hash() and verify(), nothing more
-
sdjwt
SD-JWT support for Issuers, Holders, and Verifiers
-
ironcore-documents
working with IronCore Labs documents and header formats
-
oram
Oblivious RAM
-
fluent-hash
A lightweight library which provides a fluent interface for generating SHA-1 and SHA-2 digests
-
northroot-proof-engine
Core proof computation and validation library for PoSH (Proof of Shape) and PoX (Proof of Execution)
-
novovault
An encrypted store for notes
-
wasmsign2-cli
CLI tool to sign and verify WebAssembly modules
-
aescrypt-rs
AES Crypt (v0-v3) Rust encryption/decryption library
-
rsfn-file
Utilitário para arquivos que trafegam na RSFN (Rede do Sistema Financeiro Nacional)
-
cosmian_openssl_provider
OpenSSL cryptographic provider
-
frodo-kem-rs
A pure rust implementation of FrodoKEM and eFrodoKEM
-
superboring
A reimplementation of the 'boring' crate in pure Rust
-
mldsa-native-rs
FFI bindings and optional wrapper for the mldsa-native ML-DSA implementation
-
mushi
Point-to-point QUIC networking with application-defined mutual authentication
-
libsoliton
Core cryptographic library for the LO protocol — hybrid post-quantum key exchange, signatures, ratchet, and storage encryption
-
auths-keri
KERI CESR translation layer for Auths
-
crowenv
— Smart secrets. Like a crow. 🐦 AES-256-GCM encrypted .cenv replacement for plain .env files
-
rustssh2
A client and server SSH library
-
aerovault-cli
CLI for AeroVault v2 encrypted vaults
-
pk11-uri-parser
A zero-copy library to parse and (optionally) validate PKCS#11 URIs in accordance to RFC7512 specifications
-
xchecker-receipt
JSON receipt generation with cryptographic hashes
-
embedded-mbedtls
no_std Rust wrapper for Mbed TLS
-
rs_tfhe
A high-performance Rust implementation of TFHE (Torus Fully Homomorphic Encryption) with advanced programmable bootstrapping capabilities
-
cas-lib
A function wrapper layer for RustCrypto and Dalek-Cryptography. Intended to be used in FFI situations with a global heap deallactor at the top level project.
-
jrn
a journal app
-
fast_chacha
CPU-optimized ChaCha20 implementation with rust fallbacks
-
rustdom-x-argon2
Argon2 password hashing function
-
plat-core
Core types and traits for the plat FHE compute engine
-
quantumcryptlib
Post-quantum secure communication primitives using Kyber KEM and AEAD
-
libcryptsetup-rs-sys
Low level bindings for libcryptsetup
-
nist-pqc-seeded-rng
RNG used to produce the KATs in NIST PQC competition
-
ocsp
encoding/decoding lib for Rust
-
poly1305-nostd
Pure-Rust Poly1305 MAC implementation for no_std/bare-metal targets (avoids LLVM SIMD issues)
-
crypto-auditing-event-monitor
Event monitor for crypto-auditing project
-
json-read
json-read是一个json读取工具,可以直接通过
x.y.z.w方式读取json中的内容,不用逐层解析 -
wpa-next
Hybrid post-quantum resistant Wi-Fi security protocol prototype (ML-KEM-768 + X25519 + HKDF-SHA384)
-
purecrypt
Minimal, readable, dependency-free implementations of modern cryptographic primitives in pure Rust
-
foctet
Transport-agnostic end-to-end encryption layer for secure data transfer
-
chacha12-blake3
Secure, Simple and Fast encryption for any CPU
-
rsign2
A command-line tool to sign files and verify signatures
-
osshkeys
read and write OpenSSH public and private keys
-
cocoon-tpm-tpm2-interface
Cocoon TPM project - autogenerated TPM2 interface definitions
-
surrealdb-jsonwebtoken
Temporary
jsonwebtokenfork with Wasm support -
hush-spine
Aegis Spine protocol for ClawdStrike — envelope signing, checkpoints, trust bundles, and NATS transport
-
shortcake
A generic Rust implementation of the Pasini-Vaudenay 3-move SAS-based authenticated key agreement protocol
-
scrypt
password-based key derivation function
-
wallop_verifier
Independent verifier for the Wallop! provably fair draw protocol
-
rados
Native Rust RADOS client library and tools for Ceph
-
sl-verifiable-enc
Verifierable encryption
-
sigsum
using Sigsum transparency logs
-
libcrux-chacha20poly1305
Formally verified ChaCha20-Poly1305 AEAD library
-
co-core-room
Messaging room core
-
parasol_cpu
contains the Parasol CPU, which runs programs over a mix of encrypted and plaintext data
-
aesus
CLI for AES-256-GCM encryption using memorable passphrases
-
str0m-openssl
OpenSSL backend for str0m WebRTC
-
uselesskey-jsonwebtoken
jsonwebtoken adapter traits for uselesskey fixtures (EncodingKey/DecodingKey)
-
astrid-crypto
Cryptographic primitives for Astrid secure agent runtime
-
aranya-fast-channels
High throughput, low latency encryption protected by Aranya Policy
-
bitchat-tui
A terminal user interface (TUI) chat application using Bluetooth and modern cryptography
-
rusty-saber
Pure rust implementation of the PQC scheme Saber
-
frost-secp256k1-evm
A Schnorr signature scheme over the secp256k1 curve that supports FROST and EVM
-
janus_messages
Distributed Aggregation Protocol message definitions used in Janus, the server powering ISRG's Divvi Up
-
trivium
Small Rust implementation of the Trivium stream cipher
-
paseto-rs
A minimal, learning-focused PASETO v4 implementation in Rust
-
zuc
ZUC Stream Cipher Algorithms
-
ff-cl-gen
OpenCL code generator for prime-fields
-
deno_node_crypto
Node crypto compatibility for Deno
-
jwk_kit
JSON Web Keys (JWK)
-
laza
Kanari Network Cryptographic Hashing Library
-
idprova-core
Core library for IDProva — AI agent identity, delegation, and audit
-
p47h-open-core
Cryptographic primitives and policy engine for secure identity management
-
cry_sha256
A lightweight SHA-256 implementation for data integrity, no_std compatible
-
tls-api-openssl
TLS API implementation over openssl crate
-
git-crypt
transparent encryption of files in a git repository
-
encryptable-tokio-fs
A drop-in, API-identical replacement for
tokio::fswith transparent opt-in, non-framing stream cipher encryption -
citadel_pqcrypto
Lower-level cryptographic library for the Citadel Protocol
-
oilelpqt
Post-quantum socks5 proxy that uses Kyber1024 and triple AES
-
classified
High-assurance Operations for Number-theoretic Extension Sets and Theorems (Galois Fields)
-
sigstore-fulcio
Fulcio certificate authority client for Sigstore
-
kleos-cred
Credential management CLI with encrypted vault and YubiKey support
-
zeroize
Securely clear secrets from memory with a simple trait built on stable Rust primitives which guarantee memory is zeroed using an operation will not be 'optimized away' by the compiler…
-
dolang-ext-digest
Digest and hashing extension for the Do language
-
rusk-signing
Artifact signature verification for rusk
-
device-agent
Device-side helpers to build and sign immutable trace records
-
umbral-pre
Umbral proxy reencryption algorithm
-
s2n-tls-metrics-subscriber
Telemetry provider for s2n-tls
-
koi-crypto
Key management, TOTP, signing, and encryption primitives for local network trust
-
frost-ristretto255
A Schnorr signature scheme over the prime-order Ristretto group that supports FROST
-
simple-ssl-acme-cloudflare
SSL with ACME and CloudFlare is a tool to simply apply SSL certificates by using OpenSSL and ACME via CloudFlare DNS
-
ptrace-sdk
Rust SDK for ptrace — verifiable audit trails for AI agents
-
risc0-sppark
Zero-knowledge template library
-
wh0pass
A modern, lightweight, and secure CLI password manager built with Rust
-
aes-keywrap
AES Key Wrap construction (AES-KW, RFC 3394 / RFC 5649)
-
isideload-x509-certificate
X.509 certificate parser and utility functionality
-
uhash-types
Shared proof/challenge/difficulty types for UniversalHash stacks
-
tiny_ed448_goldilocks
A lean, high performance, pure rust implementation of Ed448-Goldilocks for easy signatures and key exchange
-
topo-scanner
File walking with gitignore support and content hashing
-
zeph-channels
Multi-channel I/O adapters (CLI, Telegram, Discord, Slack) for Zeph
-
generic-schnorr
Schnorr signature implementation generic over the underlying group
-
qssm-ms
(Mirror-Shift) succinct predicate proofs
-
saku-crypto
End-to-end encryption for the saku sync system
-
rsa_heapless
Pure Rust RSA implementation - heapless version
-
pkcs11
Rust PKCS#11 Library
-
ruipmi
An asynchronous IPMI client library implemented in Rust using Tokio
-
mozilla/rc_crypto
Firefox Application Services
-
shippo_core
Core models and planning logic for Shippo
-
dotenvx
A secure environment variable management tool with built-in encryption
-
nuts-tool-api
Code that helps you to implement a nuts tool plugin
-
dee-ssl
TLS certificate inspection CLI for domains
-
sett
Rust port of sett (data compression, encryption and transfer tool)
-
pent_house
Pent-House resonance ledger engine built atop power_house cognition primitives
-
no-way-jose-graviola
Graviola crypto backend for no-way-jose (HMAC, ECDSA, EdDSA, RSA, AES-GCM)
-
srv-session
Server-side session management core with Argon2 and KV abstraction
-
tafrah
Native Rust Post-Quantum Cryptography library
-
spacetimedb-jsonwebtoken
Create and decode JWTs in a strongly typed way
-
saltlick
encrypting and decrypting file streams using libsodium
-
syftbox-crypto-protocol
Cryptographic protocol implementation for SyftBox using X3DH key agreement
-
starweft-crypto
Cryptographic primitives and key management for starweft
-
sequoia-cert-store
A certificate database interface
-
halo2_poseidon
The Poseidon algebraic hash function for Halo 2
-
cryptimitives
Cryptographic primitives collection
-
mogh_pki
Public key identification utilities using Noise
-
oneseed
Deterministic cryptographic keys from a single seed
-
roughenough-merkle
SHA-512 Merkle tree implementation
-
rs-clip-bridge-types
Shared types for rs-clip-bridge client and server
-
tafrah-falcon
Falcon (FIPS 206) scaffolding for the Tafrah PQC library
-
ockam_api
Ockam's request-response API
-
botan-sys
FFI wrapper for Botan cryptography library
-
voa-openpgp
using OpenPGP verifiers in VOA
-
libdelve
interacting with the DelVe standard
-
httpsig-hyper
Hyper extension for http message signatures (RFC9421)
-
dpf-fss
Distributed point function implementation
-
asport-hyphae-handshake
Noise protocol framework handshakes for QUIC
-
basic-jwt
Basic JWT signing and verification library
-
kcipher2
KCipher-2 stream cipher
-
pvcrypt
System level data encryption using aes_gcm
-
abhedya-core
Core library for Abhedya: Sanskrit-Encoded Post-Quantum Cryptography
-
kryptering
Cryptographic operations library with software (RustCrypto) and HSM (PKCS#11) backends
-
monerochan-recursion-gnark-cli
Monero-Chan, The Open-Source Privacy Platform (OSPP)
-
irmaseal-curve
Fork of the BLS12-381 pairing-friendly elliptic curve construction for IRMAseal
-
wacore-noise
Noise Protocol implementation for WhatsApp with AES-256-GCM
-
rust-kbkdf
SP800-108 Key Based Key Derivation Using Pseudorandom Functions
-
gimli-crypto
A no_std implementation of Gimli AEAD cipher and hash function
-
tibet-cortex-core
TBZ envelopes, TIBET tokens, and crypto primitives
-
saltine-gromark
Gromark cipher implementation for the saltine crate
-
boring-sys2
FFI bindings to BoringSSL
-
ipcrypt-rs
IP address encryption and obfuscation methods in pure Rust
-
crypto_api_chachapoly
ChaCha20-IETF, Poly1305 and ChachaPoly-IETF for
crypto_api -
opaque-rs
OPAQUE protocol for secure password authentication
-
enseal
Secure, ephemeral secret sharing for developers
-
keyper
TUI password manager
-
cloudproof
Cosmian Cloudproof library
-
hctr2-rs
HCTR2 and HCTR3 length-preserving encryption with format-preserving variants
-
rw-aes-gcm
std::io::{Read, Write} encrypted with AES-GCM
-
trust-store
Web of Trust with TOFU key verification and social graph attestation for P2P networks
-
databoxer
Fast and easy to use CLI-based file encryption program
-
hxrts-aura-authorization
Capability-based authorization for Aura
-
zk-aluvm
AluVM ISA extension for Galois fields
-
tc_tea
Tencent's varient of TEA (tc_tea)
-
reed-solomon
BCH encoder and decoder with support of no_std environment
-
gen_pass
Secure password generation library and CLI
-
synta-x509-verification
RFC 5280 X.509 certificate path validation using synta-certificate
-
cipher
Traits for describing block ciphers and stream ciphers
-
drogue-tls
TLS 1.3 client with no_std support and no allocator
-
ts_keys
tailscale cryptographic key types
-
mls-rs-crypto-awslc
AWS-LC based CryptoProvider for mls-rs
-
pingap-util
Util for pingap
-
qslib
QuantStudio qPCR machine library
-
keyhive_crypto
Shared cryptographic primitives for Keyhive
-
p256k1
Rust wrappers around libsecp256k1 which expose internal scalar and point APIs
-
rustfs-utils
functions and data structures for RustFS, providing essential features like hashing, compression, and network utilities
-
quinn-noise
quinn noise implementation
-
bhx5chain
TBTL's library for handling X.509 certificate chains
-
keynest
offline, cross-platform secrets manager written in Rust
-
keetanetwork-crypto
Cryptographic primitives and operations for Keetanetwork
-
rustls-pq-addon
A pure-rust implementation of post-quantum hybrid TLS key exchange groups for use with rustls
-
lightspeed_hash
Hash functions
-
sshenv_vault
sshenv vault file I/O, crypto, and recipient management
-
ristretto_jit
JVM JIT Compiler
-
speck
block cipher
-
libgpg-error-sys
Raw bindings for libgpg-error
-
semaphore-rs-ark-zkey
Rust support library for Semaphore
-
est-ca
RFC 7030 Enrollment over Secure Transport (EST) — client, server, and an internal X.509 CA in pure Rust
-
aingle-argon2
Pure Rust Argon2 password hashing - optimized for AIngle
-
lmrc-vault
HashiCorp Vault management library for the LMRC Stack - comprehensive library for managing Vault installations and secrets on K3s/Kubernetes clusters
-
blueprint-strong-hash
Hash trait similar to std::hash::Hash but for strong/cryptographic hashes
-
rs_shield
comprehensive Rust library providing robust and efficient implementations of cryptographic hash functions including SHA and Keccak families, and HMAC, suitable for no_std environments…
-
pdf2john
Extract a hash from an encrypted PDF for cracking with John the Ripper or Hashcat
-
portal-lib
Secure file transfer library, written in Rust. The library utilizes SPAKE2 for key negotiation over an insecure channel, and ChaCha20Poly1305 Authenticated Encryption to encrypt the…
-
ecsimple
Elliptic Curve Cryptography
-
kyberlib
A Robust Rust Library for CRYSTALS-Kyber Post-Quantum Cryptography
-
evpkdf
OpenSSL EVP_bytesToKey function
-
sentc-crypto-common
Common shared values between sentc server api and the sentc client sdk
-
this-me
Encrypted identity store CLI tool (this.me)
-
punchline-proto
Protocol types and cryptographic primitives for punchline
-
keyhive_core
Core Keyhive types and functions
-
tough-kms
Implements AWS KMS as a key source for TUF signing keys
-
fire-crypto
Crypto library providing encryption and signing
-
ark-crypto-primitives-zypher
useful cryptographic primitives
-
asport-quinn-hyphae
Noise protocol framework handshakes for the Quinn QUIC library
-
ruma-signatures
Digital signatures according to the Matrix specification
-
cortex-audit
TIBET Cortex Audit: blackbox-met-window audit trails with tibet-vault integration
-
dcrypt-hybrid
Hybrid cryptography schemes for the dcrypt library
-
digestible
A more dynamic Hash and Hasher trait for Rust
-
openpgp-card-rpgp
Companion crate for using openpgp-card with rPGP
-
tagotip-secure
TagoTiP/S crypto envelope — AEAD encryption for TagoTiP frames
-
libsignal-rust
Complete and Powerful Rust implementation of libsignal protocol
-
rasn-its
ASN.1 implementations for Intelligent Transport Systems (ITS) V2X communications
-
aranya-internal-rustls
Fork of rustls with PSK support for internal usage
-
steamdepot
Steam depot downloader library — CM connection, authentication, PICS, CDN, and chunk downloading
-
signstar-request-signature
executable for creating, reading and writing of signing requests for files
-
nexusvault
Zero-dependency secrets management for Rust applications
-
shielded
Memory. Memory protection from speculation and side-channel attacks like Spectre, Meltdown, Rowhammer and Rambleed.
-
openmls_traits
Traits used by OpenMLS
-
crypto_api_blake2
Implements Blake2b for
crypto_api -
zks
Zero Knowledge Swarm - Post-quantum secure networking SDK with built-in anonymity
-
lox-library
Main Lox library with protocols and functions that make up Lox
-
falcon-rust
Falcon post-quantum digital signature scheme
-
evidence
Type-level tags for cryptographic primitives
-
grain-128aeadv2
stream cipher
-
zopp-crypto
Zero-knowledge cryptographic primitives for zopp secrets manager
-
tdx_workload_attestation
generating attestations about virtual machine (VM) workloads using Intel Trust Domain Extensions (Intel TDX)
-
opentalk-roomserver-types-e2ee
Opentalk RoomServer E2EE Types
-
kemkem
Unverified, unoptimized, and downright dirty implementation of the ML-KEM
-
waterscape
Private communication layer for AI agents
-
redoubt-aead-aegis-wycheproof
Wycheproof test runners for AEGIS-128L backends
-
openentropy-core
Core entropy harvesting library — hardware noise sources, raw or SHA-256 conditioned
-
dcrypt-api
Public API traits and types for the dcrypt library
-
passay-rs
A password validation library inspired by the Java Passay library
-
classified_shamir
shamir secret sharing using the honest and classified crates
-
voided-core
Core cryptographic primitives for the Voided encryption library
-
lox-zkp
A toolkit for auto-generated implementations of Schnorr proofs
-
himmelblau_kerberos_asn1
Parse/Build Kerberos ASN1 DER To/From Rust structs
-
qfe
Experimental protocol for quantum-secure communications
-
arcanum-hash
Hash functions and key derivation for the Arcanum cryptographic engine
-
gencrypt
Personal usage hashing utility
-
affinidi-messaging-didcomm
DIDComm v2.1 messaging implementation for the Affinidi TDK
-
portable-rustls
fork of rustls: a modern TLS library written in Rust
-
btcturk_websockets
client for the BtcTurk WebSocket API with real-time ticker and orderbook channels
-
kr
Development Toolkit
-
srisum
Compute and check subresource integrity digests
-
libsumatracrypt-rs
Cryptography
-
canaad-cli
CLI tool for AAD canonicalization per RFC 8785
-
gel-jwt
JWT implementation for the Gel database
-
whatsapp-rust-tokio-transport
Tokio-based WebSocket transport for whatsapp-rust
-
rage
[BETA] A simple, secure, and modern encryption tool
-
zki_sieve
SIEVE IR
-
wacore-libsignal
Signal Protocol implementation for the WhatsApp platform
-
ckks-engine
that provides an implementation of the CKKS (Cheon-Kim-Kim-Song) homomorphic encryption scheme. This enables encrypted computations on real numbers and strings while preserving the privacy of the underlying data…
-
xxblake3
encryption and decryption based on xxh3 and blake3
-
enchanter
XChaCha20Poly1305 AEAD file encryption tool
-
aws-mpl-legacy
aws-mpl-rs is a low level library for implementing client side encryption
-
randomorg
A random.org client library. The randomness comes from atmospheric noise, which for many purposes is better than the pseudo-random number algorithms typically used in computer programs.
-
paillier-lsc
Efficient pure-Rust library for the Paillier partially homomorphic encryption scheme
-
dcrypt-sign
Digital Signature Schemes for the dcrypt library
-
rustls-fork-shadow-tls
Rustls is a modern TLS library written in Rust
-
neco-p256
minimum dependency P-256 ECDSA signing core
-
normfs-crypto
Cryptographic primitives for NormFS (AES-256-GCM encryption, Ed25519 signatures)
-
totalreclaw-memory
TotalReclaw memory backend — E2EE crypto, LSH, embeddings, reranker (Memory Taxonomy v1)
-
ppoprf
Puncturable Partially-Oblivious Pseudo-Random Function
-
blkid-rs
blkid for LUKS volumes
-
zopp-storage
Storage abstraction layer for zopp secrets manager
-
kryoptic-lib
A PKCS #11 software token written in Rust
-
sequoia-sq
Command-line frontends for Sequoia
-
cliff3-util
SHA(256/512) hash, AES/RSA 암복화, 한글, I/O 및 날짜 관련 함수 모음 입니다
-
mxdx-web
Web server backend for mxdx management console
-
libes
Collection of Elliptic Curve Integrated Encryption Scheme(s)
-
enc_rust
A pure rust implementation of the Module-Lattice-based standards ML-KEM and (soon) ML-DSA, also known as the PQC scheme Crystals Kyber and Dilithium
-
vector_sdk
Rust SDK for building Vector bots
-
strx
A powerful string manipulation tool with JWT, hash, encoding, and crypto support
-
acmer
ACME TLS certificates management library
-
cipher_magma
Block Cipher Magma (GOST R 34.12-2015, former GOST 28147-89)
-
rust-keyvault
A secure, modern cryptographic key management library for Rust
-
messtar
— custom encryption protocol built with X25519, HKDF and AES-256-GCM
-
ironcore-search-helpers
Search helpers for working with encrypted values, particularly on the IronCore platform
-
real_time_issue_board_api
self‑hosted, real‑time issue board with a Rust backend (high‑performance API + WebSocket sync) for Remote Teams
-
mpc-protocol
Multi-party computation framework using the noise protocol for end-to-end encryption
-
s2n-tls-sys
A C99 implementation of the TLS/SSL protocols
-
aranya-keygen
generating crypto keys
-
keetanetwork-account
Account management and cryptographic identities for Keetanetwork
-
slahasher
Hashing functions
-
otrr
otrr — OTR protocol version 3 and 4
-
pem-iterator
Iterate over PEM-encoded data
-
nettle
Rust bindings for the Nettle cryptographic library
-
plexi-cli
A flexible auditor companion client
-
rsop-oct
SOP CLI tool for OpenPGP card devices based on rPGP
-
rust_ev_verifier_application_lib
common elements to implement an application using the crate
rust_ev_verifier_lib -
ring_signature_verifier
ring signatures generated by an Alice's Ring library
-
beekem
concurrent variant of TreeKEM for Continuous Group Key Agreement
-
zipher
Cryptography utilities and implementations including Argon2, bcrypt, post-quantum algorithms and JWT support
-
gnostr-types
gnostr: a git+nostr workflow utility
-
agentpin
Domain-anchored cryptographic identity protocol for AI agents
-
spl-elgamal-registry-interface
SPL ElGamal Registry Interface
-
codex-mobile-contracts
Shared domain contracts for codex-mobile client and bridge
-
colorhash256
Like Chroma-Hash, but with ANSI terminal colors
-
street-cred
Manage encrypted secrets for your applications
-
pq-mayo
MAYO post-quantum signature scheme
-
co-identity
COKIT DID and DIDComm implementations
-
simple_sign
signing library
-
fpass
CLI Password Manager
-
cylinder
high-level cryptographic signing library
-
mc-oblivious-map
Oblivious Hash Map data structures on top of Oblivious RAM
-
aes-gcm-siv
Pure Rust implementation of the AES-GCM-SIV Misuse-Resistant Authenticated Encryption Cipher (RFC 8452) with optional architecture-specific hardware acceleration
-
bn-curves
A pure Rust framework for pairing-based cryptography using BN curves
-
ssi-jws
JWS for the ssi library
-
agent-uri-attestation
PASETO v4.public attestation for agent-uri
-
scoop-hash
Hashing library for libscoop
-
mozilla/nss_sys
Firefox Application Services
-
openssl-kdf
OpenSSL KDF function abstraction
-
emixcrypto
Cryptographic utilities for EssentialMix, providing encryption, hashing, encoding, and random number generation
-
ferric_crypto_lib
Ferric Crypto
-
async-acme
async ACME client for tls-alpn-01 challenge
-
qux-pqc
Post-Quantum Cryptography library implementing NIST FIPS 203 (ML-KEM) and FIPS 204 (ML-DSA)
-
bessie
an authenticated, chunked cipher based on BLAKE3
-
pqc-combo
Pure Rust ML-KEM-1024 + ML-DSA-65 + AES-256-GCM for no_std
-
lens-core
High-performance code search engine with LSP integration and benchmarking
-
kuznechik
Synchronous encryption algorithm "Kuznechik" (GOST R 34.12-2015, GOST R 34.13-2015)
-
immutable-trace
Tamper-evident immutable audit trace: signing, verification, ingestion and CLI
-
wa-rs-binary
Binary data and constants for WhatsApp protocol
-
decanter
implements basic cryptographic primitives native to the ecosystem
-
frost-core-myecoria
Types and traits to support implementing Flexible Round-Optimized Schnorr Threshold signature schemes (FROST)
-
mlkem-fips203
MLKEM [512, 768, 1024] module-lattice key encapsulation mechanism following the FIPS 203 standard
-
br-crypto
crypto
-
irmaseal-core
Core library for IRMAseal communication and bytestream operations
-
voa-config
configuration of technology backends in VOA
-
sgx_tcrypto
Rust SGX SDK provides the ability to write Intel SGX applications in Rust Programming Language
-
arx-kw
ARX-KW-8-2-4 Key Wrap constructions
-
x509
X.509 certificate serialization
-
cloakpipe-vector
Vector encryption (ADCPE) for CloakPipe — future scope
-
keetanetwork-x509
X.509 certificate handling for Keetanetwork
-
cortexai-encryption
At-rest encryption for sensitive data in Cortex: AES-GCM and ChaCha20-Poly1305
-
stegano
The ultimate steganography swiss knife army CLI tool
-
tafrah-ml-kem
ML-KEM (FIPS 203) implementation for the Tafrah PQC library
-
snaft-core
SNAFT Trust Kernel — Rust core for the AI behavioral firewall
-
synta-ffi
C FFI bindings for the Synta ASN.1 library
-
hashsum
CLI to print or verify cryptographic checksums (md5, sha1, sha2, belt-hash)
-
affinidi-data-integrity
W3C Data Integrity Implementation
-
nu_plugin_x509
A nushell plugin for working with x509 certificates
-
astrid-prelude
Unified prelude for the Astrid secure agent runtime
-
rose-squared-sdk
Privacy-preserving encrypted search SDK implementing the SWiSSSE protocol with forward/backward security and volume-hiding, compilable to WebAssembly
-
ockam_transport_uds
Unix Domain Socket (UDS) Transport for the Ockam Routing Protocol
-
fn-dsa-comm
FN-DSA signature scheme
-
armature-acme
ACME protocol support for automatic TLS certificates in Armature
-
find_hash
A high-performance, offline hash type identification tool
-
hashkitten
A purrfect hashing companion
-
ssb-validate
Verify Secure Scuttlebutt (SSB) hash chains (in parallel)
-
cloakpipe-proxy
OpenAI-compatible HTTP proxy with privacy middleware
-
mpc-relay
Noise protocol websocket relay for MPC/TSS applications
-
chaum-pedersen-zkp
Chaum-Pedersen zero-knowledge protocol implementation
-
trackone-constants
Shared constants for TrackOne crates
-
uselesskey-rsa
RSA key fixtures (PKCS#8/SPKI, PEM/DER) with negative variants for tests
-
ender-eye
Encrypt and decrypt messages using SGA encoding + AES-256-GCM, inspired by the Standard Galactic Alphabet from Minecraft
-
pq-transport-gateway
Post-Quantum secure proxy for QKD infrastructure, addressing vendor TLS vulnerabilities
-
tink-signature
Signature functionality for Rust port of Google's Tink cryptography library
-
rama-boring-sys
FFI bindings to BoringSSL for Rama
-
keycache
Seals a key using a secure element
-
hiae
High-throughput Authenticated Encryption (HiAE) algorithm implementation
-
pwkit
A secure CLI password generator with template support for environment files
-
vil_crypto
VIL Expression function — AES-GCM encryption/decryption
-
synta-python
Python extension module for the synta ASN.1 library
-
ruwa-tokio-transport
Tokio-based WebSocket transport for RuWa
-
jacs-cli
JACS CLI: command-line interface for JSON AI Communication Standard
-
threshold-secret-sharing
A pure-Rust implementation of various threshold secret sharing schemes
-
acme_commander
一个全面的ACME客户端,用于SSL/TLS证书管理
-
sheesy-cli
The 'share-secrets-safely' CLI to interact with GPG/pass-like vaults
-
rust_keylock
A password manager with goals to be Secure, Simple to use, Portable and Extensible
-
amcl_wrapper
Wapper over Milagro Cryptographic Library (version 3)
-
str0m-aws-lc-rs
aws-lc-rs backend for str0m WebRTC
-
x509-certificate-printer
Parse and print X.509 certificate information in human-readable and PEM formats
-
agentic-identity-cli
CLI tool for AgenticIdentity — create identities, sign actions, manage trust
-
rand_jitter_kernel
interface to Linux kernel jitterentropy_rng
-
wcce-rs
[MS-WCCE] certificate enrollment protocol
-
scram
provider library
-
dicom-app-common
Helper library for command-line applications in the DICOM-rs project
-
trezor-noise-rust-crypto
Wrappers of dalek and RustCrypto crates for noise-protocol, customized
-
sha2-extensions
Use sha2 as an extension function
-
dcrypt-pke
Public Key Encryption schemes for the dcrypt library
-
wa-rs-noise
Noise Protocol implementation for WhatsApp with AES-256-GCM
-
rsa_keygen
generating rsa keys with a 12 word seedphrase
-
ctr
CTR block modes of operation
-
skg-crypto
Cryptographic provider traits for skelegent
-
azure_mgmt_fist
generated REST API bindings
-
bls12_381_relic
Bindings for BLS12-381 implemented by relic
-
redoubt
Systematic encryption-at-rest for in-memory sensitive data in Rust
-
quickcrypt
Fast, offline encryption & key management. No cloud. No complexity. Military-grade security.
-
pqcrypto-mlkem
Post-Quantum Key-Encapsulation Mechanism mlkem
-
argon2-rs
Argon2 password hashing library for Rust
-
kcr_s3_services_k8s_aws
Kubernetes Custom Resource Bindings
-
six_seven
Six Seven Cryptography
-
gm-sm2
China's Standards of Encryption Algorithms SM2
-
circomspect
A static analyzer and linter for the Circom zero-knowledge DSL
-
co-core-board
Kanban Board Core
-
tafrah-ml-dsa
ML-DSA (FIPS 204) implementation for the Tafrah PQC library
-
kcr_cert_manager_io
Kubernetes Custom Resource Bindings
-
nuts-directory
A backend implementation for nuts
-
zymic_cli
Encrypt and decrypt files using the Zymic format
-
kleepay-ai
Rust SDK for the KleePay card issuing API
-
guarantee
TEE attestation SDK for Rust — cryptographic proof that your code runs in a Trusted Execution Environment
-
anubis-age
Post-quantum secure encryption library with hybrid X25519+ML-KEM-1024 mode (internal dependency for anubis-rage)
-
zk-protocol
Shared protocol types for the ZK attestation service — any agent can use these to compose AttestRequest/AttestResponse
-
davey
Discord Audio & Video End-to-End Encryption (DAVE) Protocol
-
psa-crypto
Wrapper around the PSA Cryptography API
-
xs_ed25519-dalek
Fast and efficient ed25519 EdDSA key generations, signing, and verification in pure Rust
-
talktosc
talk to smartcards for OpenPGP operations
-
redoubt-rand
Cross-platform cryptographic random number generation
-
ucan
Implement UCAN-based authorization with conciseness and ease!
-
tibet-cortex-airlock
zero-plaintext-lifetime processing with mlock and zeroize
-
libaes
AES cipher in safe Rust with no dependencies
-
vitaminc-encrypt
Secure, flexible and fast encryption for Rust types. Part of the Vitamin-C cryptographic suite.
-
ssh-tresor
Encrypt and decrypt secrets using SSH agent keys
-
self_crypto_key
self-modifying encrypted key storage in binaries
-
age-plugin
[BETA] API for writing age plugins
-
pq-msg
Pure Rust abstractions for higher-level implementations of post-quantum cryptography in secure messaging protocols
-
generic-ec-curves
Elliptic curves for
generic-eccrate -
paseto-json
JSON encoding for PASETO
-
rustls-cert-gen
Rust X.509 certificate generator CLI
-
nrc
Nostr Relay Chat - A terminal-based chat client using the Nostr protocol with MLS encryption
-
mbedtls-sys-auto-smx
Rust bindings for MbedTLS. This version generates the correct bindings at compile time using bindgen
-
atlas-generic-token
Atlas Program Library Generic Token
-
oboron-py
Python bindings for Oboron - general purpose encryption and encoding library
-
foctet-archive
Foctet Secure Archive: encrypted manifest/chunks with recipient key wrapping
-
sequoia-ipc
Interprocess communication infrastructure for Sequoia
-
detsurtnu
Automated mirror of untrusted - Safe, fast, zero-panic, zero-crashing, zero-allocation parsing of untrusted inputs in Rust
-
hdpki
Hierarchical deterministic key derivation for OpenSSH and X.509
-
mostro-webtool
A web-based tool for generating deterministic keys and building Mostro protocol messages
-
abe_policy
Policy and attributes definition for ABE cryptosystems
-
patent-hash
A custom hashing algorithm with complex random number generation based on SHA-256 principles
-
pflow-zk
ZK proof traits and incidence matrix extraction for Petri nets
-
sec1
Pure Rust implementation of SEC1: Elliptic Curve Cryptography encoding formats including ASN.1 DER encoded private keys as well as the Elliptic-Curve-Point-to-Octet-String encoding
-
deno_crypto_provider
Cryptography provider for Deno
-
checkpwn_lib
interact with the HIBP API
-
boring-sys-vendit
FFI bindings to BoringSSL
-
circomkit-rs
A Circom testing & development environment for Rust
-
rusk-core
Core types, digests, IDs, and error infrastructure for rusk
-
openmls_rust_crypto
A crypto backend for OpenMLS implementing openmls_traits using RustCrypto primitives
-
uselesskey-core-sink
Tempfile-backed artifact sinks used by uselesskey
-
pbkdf2
Generic implementation of PBKDF2
-
dusk-safe
Sponge API for Field Elements
-
mbedtls-platform-support
support library for the
mbedtlscrate, providing platform and target specific implementations of all necessary functions. By separating this logic into a separate crate, multiple… -
bergshamra-dsig
XML Digital Signatures for Bergshamra XML Security library
-
hashtree-blossom
Blossom protocol client for hashtree - upload/download blobs with NIP-98 auth
-
sunscreen_curve25519
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
idprova-verify
IDProva verification utilities — DAT and receipt log verification
-
EZDB
Easy little database
-
lhash
Minimal hashing library
-
firecloud-core
Core types and traits for FireCloud distributed storage
-
dcrypt-kem
Key Encapsulation Mechanisms for the dcrypt library
-
datex-crypto-web
Web implementation of the DATEX Crypto facade for WASM targets
-
pqcrypto-picnic
Picnic implementation for
pqcrypto -
elliptic-curve-tools
Extra Rust-Crypto elliptic-curve adaptors, functions, and macros
-
curve25519-parser
Curve25519 Parser - DER/PEM parser for OpenSSL Ed25519 / X25519 keys
-
parasol_runtime
supports the Parasol CPU, providing key generation, encryption, and FHE evaluation functionality
-
rust-sign
Document signing library using BLAKE3 hashing and Ed25519 signatures
-
bicycl-rs
Safe Rust wrapper for BICYCL C API
-
redoubt-hkdf-wycheproof
Wycheproof test runners and FIPS vectors for HKDF-SHA256 backends
-
rivvend
Rivven broker server with Raft consensus and SWIM membership
-
tectonic-oqs
interface to Open-Quantum-Safe's liboqs
-
dalek-test-curve-docs
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
infolyt-ipc
IPC protocol types for Infolyt
-
kryoptic
A PKCS #11 software token written in Rust
-
lock_box
A command-line tool for generating and managing passwords
-
ark-poly-zypher
efficient polynomial arithmetic via FFTs over finite fields
-
sha1-extensions
Use sha1 as an extension function
-
ockam_abac
Attribute based authorization control
-
ttsync-contract
Protocol types and wire contracts for TT-Sync v2
-
toolcraft-jwt
Toolcraft jwt module
-
pqc_kyber_kyberslash
post-quantum Kyber KEM algorithm
-
podman-sequoia
A polyfill to use Sequoia as a signing backend for containers
-
clasp-identity
Unified identity for CLASP, DID, and libp2p - one Ed25519 keypair, three identity systems
-
uselesskey-core-kid
Deterministic key-id helpers for uselesskey fixture crates
-
abhedya-kem
Key Encapsulation Mechanism (KEM) for Abhedya PQC
-
zears
AEZ v5 cipher
-
rs-builder-signing-sdk
Polymarket Builder API authentication with HMAC-SHA256 signatures
-
native-pkcs11-traits
Traits for implementing and interactive with native-pkcs11 module backends
-
ubl-ledger
UBL Ledger: append-only NDJSON with async writer, WAL, verify for Universal Business Ledger
-
monerochan-recursion-compiler
Monero-Chan, The Open-Source Privacy Platform (OSPP)
-
hmac-sha1-compact
A small, self-contained SHA1 and HMAC-SHA1 implementation
-
frost-p256
A Schnorr signature scheme over the NIST P-256 curve that supports FROST
-
ripemd
Pure Rust implementation of the RIPEMD hash functions
-
tpksig
Decoding the TPK Signing Block
-
tls_codec
A pure Rust implementation of the TLS (de)serialization
-
tink-awskms
AWS-KMS integration for Rust port of Google's Tink cryptography library
-
ubl-types
UBL types: IDs + DIM, Display/FromStr, validator & helpers for Universal Business Ledger
-
sgx_tseal
Rust SGX SDK provides the ability to write Intel SGX applications in Rust Programming Language
-
mp4decrypt
Decrypt CENC protected MP4 content using Bento4
-
mbedtls-sys-auto
Rust bindings for MbedTLS. This version generates the correct bindings at compile time using bindgen
-
sppg
CLI passphrase generator using the diceware method
-
bh-jws-utils
TBTL's library for handling JSON Web Signatures (JWS)
-
ssh-portkey
Secure SSH credential manager with a fast ratatui-based TUI, fuzzy search, and encrypted vault
-
rustcube
Multi-password, order-dependent, streaming encryption/decryption tool with secure memory handling
-
mls-rs-crypto-rustcrypto
RustCrypto based CryptoProvider for mls-rs
-
yule-verify
Cryptographic integrity verification: Merkle trees, signatures, and model manifests
-
crypt3_rs
Unix crypt(3) reimplemented in pure rust
-
scp-platform
Platform abstraction traits for SCP (Shared Context Protocol)
-
tsumiki-cli
Command-line tool for X.509 certificate inspection and PKCS handling
-
no-way-jose-ecdh-es
ECDH-ES JWE key agreement (P-256, P-384, X25519) for no-way-jose
-
vitaminc-password
Secure password generator. Part of the Vitamin-C cryptographic suite.
-
spki
X.509 Subject Public Key Info (RFC5280) describing public keys as well as their associated AlgorithmIdentifiers (i.e. OIDs)
-
zkboo
protocol
-
wolfssl-src
Compile wolfSSL from source for use by wolfcrypt-sys
-
ghostkey_lib
working with Freenet's Ghost Keys
-
stout-index
SQLite index management for stout
-
authy-cli
CLI secrets store & dispatch for AI agents — encrypted vault, scoped policies, run-only tokens, and audit logging
-
emissary-util
I2P protocol stack
-
syftbox-crypto-cli
Command-line interface for SyftBox cryptographic operations
-
fhe-traits
Traits for the fhe.rs library
-
XPManager
A fast and efficient CLI tool for managing passwords and encrypting sensitive data
-
chksum-md5
MD5 hash function with a straightforward interface for computing digests of bytes, files, directories, and more
-
shippo_publish
GitHub release publisher for Shippo
-
vanity-ssh-rs
Generate SSH key pairs with custom patterns in the public key
-
nethsm-backup
binary for working with encrypted NetHSM backups
-
ReXOR
Cross-platform library with CLI app for encoding and decoding files using XOR encryption
-
ecrust-protocol
Protocol-oriented building blocks built on top of the ecrust field and curve crates
-
checkasum
A small utility to verify the data integrity of a downloaded file with its expected checksum
-
redoubt-aead-xchacha
XChaCha20-Poly1305 AEAD implementation
-
aws-mpl-cxx
C++ bindings for aws-mpl
-
hashing
A robust, production-ready hashing library and CLI tool supporting multiple algorithms
-
leancrypto-sys
Rust language binding for leancrypto, a cryptographic library with stack-only support and PQC-safe algorithms
-
libcrux-kem
Libcrux KEM implementation
-
yubikey
Pure Rust cross-platform host-side driver for YubiKey devices from Yubico with support for hardware-backed public-key decryption and digital signatures using the Personal Identity Verification (PIV)…
-
minivault
Local-only, light-weight Encryption as a Service
-
gcm-nonceless
Decrypts GCM encrypted data without access to the nonce
-
pipebuf_rustls
PipeBuf wrapper for Rustls
-
rustls-aws-lc-rs
An aws-lc-based crypto provider for rustls
-
aes-256-gcm
AES-GCM (Aes 256 Gcm) with some enhancement
-
obs-sdk
针对华为云的OBS工具封装rust版本的sdk
-
black-bagg-sigs
Quantum-Sign detached signature, trust, and crate bundle for black-bagg 0.4.10 (crates.io-only)
-
soteria-rs
Wrapper around a secret that is stored in memory with the goal to protect against side-channel and speculative attacks
-
pkgar-keys
Key management tool/library for pkgar
-
pakery-opaque
OPAQUE augmented PAKE protocol (RFC 9807)
-
qp-poseidon-constants
Precomputed Poseidon2 constants for Goldilocks field
-
htauth
managing htpasswd files
-
scion-sdk-common-types
SCION endhost SDK common types
-
signer-fil
Filecoin transaction signer — secp256k1 ECDSA + Blake2b
-
hxrts-aura-rendezvous
Secret-Branded Broadcasting (SBB) and rendezvous protocols for Aura
-
isap-aead
Pure Rust implementation of ISAP v2 with Ascon and Keccak
-
rustls-ccm
CCM and CCM-8 cipher suites for rustls (TLS 1.2 and TLS 1.3)
-
maige
A CLI tool for securely managing and injecting environment variables and secrets
-
rustls-graviola
graviola is a modern, fast cryptography library
-
picky-test-data
Test data for the picky crates
-
checkpipe
Perform a computation over some bytes passing through some struct
-
openpgp-card-tool-git
Git signing and verification with a focus on OpenPGP cards
-
sidefuzz
Fuzzer to automatically find side-channel (timing) vulnerabilities
-
xecrypt
Xbox 360 cryptographic primitives (AES, SHA-1, RSA signature verification)
-
qserde
a non-std rust library for serializing/deserializing ml-kem(aka kyber) public key, encapsulating/decapsulating 256 bit keys and so on
-
rustls-mbedcrypto-provider
Mbedtls based crypto provider for rustls
-
ark-ff-zypher
finite fields
-
ruqu-qflg
Quantum Federated Learning with Byzantine Tolerance - Privacy-preserving distributed quantum ML
-
tuple-hash
TupleHash per NIST SP 800-185
-
cosmian_findex_client
Cosmian Findex REST Client
-
xitter-txid
Generate X (Twitter) client transaction IDs
-
po-crypto
Cryptographic identity, key exchange, and AEAD encryption for Protocol Orzatty
-
tor-hsclient
Arti's implementation of an onion service client
-
tectonic-fn-dsa-comm
FN-DSA signature scheme
-
keetanetwork-asn1
ASN.1 definitions and utilities for Keetanetwork
-
bergshamra-xml
XML DOM abstraction for Bergshamra XML Security library
-
tss-keyfile
Decoding of TPM 2.0 TSS Keyfiles from PEM/DER/(ASN.1)
-
sequoia-sqv
OpenPGP signature verification program
-
ciphern
Enterprise-grade cryptographic library
-
valar-spiral-rs
Fork of spiral-rs: Rust implementation of the Spiral PIR scheme
-
bip32
hierarchical key derivation implemented in a generic, no_std-friendly manner. Supports deriving keys using the pure Rust k256 crate or the C library-backed secp256k1 crate
-
enigma-aead
AEAD + framing + nonce transport layer for Enigma secure messaging
-
sidh
An efficient supersingular isogeny-based cryptography library
-
cbc
Cipher Block Chaining (CBC) block cipher mode of operation
-
seal-crypto-wrapper
A high-level, misuse-resistant cryptographic wrapper library for Rust, binding algorithms to keys to ensure type safety
-
zk-paillier
Collection of Paillier cryptosystem zero knowledge proofs written in Rust
-
omit
Omit allows you to securely share environment variables and secrets using a single key
-
bssh-russh
Temporary fork of russh with high-frequency PTY output fix (Handle::data from spawned tasks)
-
stegano-seasmoke
Providing cryptography functionality as library for stegano-core
-
cosmian_crypto_base
Crypto lib for hybrid encryption and pure crypto primitives
-
nuts-tool
A cmdline utility for the nuts container
-
wolfcrypt-ring-testing
Tests and benchmarks for wolfcrypt-ring-compat
-
sentc-crypto
The main implementation of the sentc sdk
-
he-ring
that provides fast implementations of rings commonly used in homomorphic encryption, built on feanor-math
-
kcr_trino_stackable_tech
Kubernetes Custom Resource Bindings
-
esdm-tool
small tool to query and use ESDM
-
mal_dev_core
Core cryptographic and transport utilities for loader
-
eccoxide
elliptic curve cryptography (ECC) framework
-
crab-gnupg
API for GNU Privacy Guard (GnuPG) written in rust. Manage gpg keys and secure files using rust.
-
vanity-age-keygen
Generate vanity Age keys
-
curve420
elliptic curve in Rust
-
uselesskey-core-seed
Seed parsing and redaction primitives for uselesskey
-
sapphire-hash
A recursive, performant file hash calculator
-
signstar-sign
Signstar signing responses for Signstar signing requests
-
wireapp/proteus
Axolotl protocol implementation
-
age-plugin-tlock
tlock plugin for age clients
-
plexi
A flexible auditor companion client
-
gitclaw
Official GitClaw SDK for Rust - The Git Platform for AI Agents
-
ts-token
JSON web token library for my projects
-
pgjwt_rs
PostgreSQL extension for JWT verification with RS256 and Ed25519 support
-
co-core-membership
Membership core
-
semaphore-rs-poseidon
Rust support library for Semaphore
-
crown-bin
A cryptographic library
-
paspio
A password entropy calculator
-
scanner-hash
Hashing utilities used by scanner-core
-
tangy-lib
Tang protocol library implementation
-
cloakpipe-audit
Structured audit logging for CloakPipe
-
wae-crypto
WAE Crypto - 统一加密抽象模块
-
uselesskey-hmac
HMAC HS256/HS384/HS512 secret fixtures for deterministic and random tests
-
tink-mac
MAC functionality for Rust port of Google's Tink cryptography library
-
webbuf_pbkdf2_sha256
Rust WASM PBKDF2-HMAC-SHA256 password-based key derivation
-
keynesis
General purpose key management and associated cryptographic protocols
-
hyphae-handshake
Noise protocol framework handshakes for QUIC
-
noise-framework
Noise protocol framework in functional style
-
libsignify
Create cryptographic signatures for files and verify them
-
bls_bulletproofs
A pure-Rust implementation of Bulletproofs using Ristretto
-
hrp
generate human-readable passwords
-
xkcp-sys
Native bindings to the XKCP library
-
yohu
A versatile command-line cryptography tool implementing multiple cipher algorithms for educational and practical use
-
kassandra-client
Interact with an FMD service
-
cryptox
Centralized crypto utilities for rust
-
angulu-cli
password tool
-
stormdl-integrity
BLAKE3 incremental hashing and content verification
-
sl-paillier
Paillier encryption
-
a3s-common
Shared types for A3S: privacy classification, tool definitions, transport protocol
-
mc-oblivious-traits
Traits and interfaces for components related to Oblivious data structures
-
pwsec
Support for password-based encryption
-
secret-store-sdk
Rust SDK for XJP Secret Store Service
-
concrete
open-source FHE Compiler that simplifies the use of fully homomorphic encryption (FHE)
-
nostringer_cli
Command-line interface for the nostringer ring signature library
-
paraxiom-pqc
Paraxiom post-quantum cryptography — pure Rust, zero C. Unified API for ML-KEM, ML-DSA, SLH-DSA, and Falcon.
-
lwbc
Compact implementations of small block ciphers (SPECK, SIMON, SIMECK)
-
const-oid
Const-friendly implementation of the ISO/IEC Object Identifier (OID) standard as defined in ITU X.660, with support for BER/DER encoding/decoding as well as heapless no_std (i.e. embedded) support
-
linux-crng-ioctl
wrapper for Linux kernel kernel RNG ioctls
-
r255b3
Short Schnorr signatures using Ristretto255 and Blake3
-
libcrux-poly1305
Formally verified Poly1305 MAC library
-
portal-client
Secure file transfer utility, written in Rust. The protocol utilizes SPAKE2 for key negotiation over an insecure channel, and ChaCha20Poly1305 Authenticated Encryption to encrypt…
-
sshenv_vault_models
sshenv vault data structures and byte-format constants
-
votate-ed25519-dalek
Fast and efficient ed25519 EdDSA key generations, signing, and verification in pure Rust
-
module-lwe
Implements the module learning-with-errors public key encrpytion scheme
-
miracl32
version of miracl/core for 32-bit no_std platforms
-
elliptic-curve
General purpose Elliptic Curve Cryptography (ECC) support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof
-
gsw-rs
GSW (Gentry-Sahai-Waters) lattice-based fully homomorphic encryption in Rust
-
wacore-appstate
Appstate for WhatsApp protocol
-
lazy-locker
A secure local secrets manager with TUI interface and SDK support
-
git_vault
A simplified version control system built in Rust for local files, quite similar to how git functions
-
bessie_bin
a demo/test CLI for the Bessie cipher, NOT FOR PRODUCTION USE
-
certbot-dns01-hook
Hook for certbot to serve the DNS01 challenge secret TXT record
-
zerocaf
A pure-Rust implementation of elliptic curve operations over the Doppio-curve
-
age-plugin-argon2
Argon2id recipient/identity plugin for the age encryption format
-
phalanx-crypto
🛡️ Phalanx - General-purpose group E2E encryption protocol
-
ssskit
Fast, small and secure Shamir's Secret Sharing library crate
-
tcrypt
A secure cryptographic library for key exchange and encryption
-
kg_passgen
Password generator that hashes an input master password and a service url
-
affinidi-messaging-core
Protocol-agnostic messaging traits for DIDComm and TSP
-
mc-rand
A platform abstraction layer providing a cryptographic RNG,
McRng -
rustls-ring
A *ring*-based crypto provider for rustls
-
snowflake-jwt
Snowflake JWT token generator
-
polyfuzzy
Fuzzy message detection with randomized and compact keys
-
tafrah-hqc
HQC (FIPS 207) scaffolding for the Tafrah PQC library
-
SHARAG256
A custom hashing algorithm with complex random number generation based on SHA-256 principles
-
rustls-openssl
Rustls crypto provider for OpenSSL
-
zkboo-sha2
SHA-2 primitives for the ZKBoo ecosystem
-
blake-hash
BLAKE hash functions
-
bt_secure_storage
lightweight Secret Vault and Encryption Library for Rust to store secrets
-
variant-ssl-sys
FFI bindings to OpenSSL variants such as BoringSSL / AWS-LC / Tongsuo
-
loopring_sign
generates an eddsa signature for loopring
-
webbuf_aesgcm
Rust WASM AES-GCM authenticated encryption
-
lattice-safe-suite
Post-quantum cryptography suite — ML-DSA (FIPS 204) + FN-DSA (FIPS 206) + ML-KEM (FIPS 203) + SLH-DSA (FIPS 205)
-
ark-r1cs-std-zypher
A standard library for constraint system gadgets
-
acme-micro
requesting certificates from an ACME provider (acme-lib fork)
-
sentc-crypto-light
The main implementation of the sentc light sdk
-
pqcrypto-hqc
Post-Quantum Key-Encapsulation Mechanism hqc
-
kychacha_crypto
A Post-Quantum Secure Encryption Protocol using chacha20poly1305 and CRYSTALS-kyber
-
paseto-v3-aws-lc
PASETO/PASERK V3 based on AWS-LC
-
rust-rsa-tool
sophisticated encryption utility employing a hybrid cryptographic system. It integrates RSA and AES algorithms, supports both CBC and ECB operational modes, and utilizes Base64-encoded…
-
hxrts-aura-recovery
Guardian-based device recovery and key restoration protocols
-
neco-nostr-wasm
minimum dependency WebAssembly bindings for neco-secp and neco-vault
-
sylow
BLS signature scheme using the alt-bn128 curve
-
craftls
Rustls is a modern TLS library written in Rust
-
eme-mode
EME block cipher mode of operation
-
libcrux-ecdh
Libcrux ECDH implementation
-
shamir-3-pass
Shamir 3-pass protocol (commutative encryption)
-
neco-argon2
minimum dependency Argon2id password hashing with Blake2b
-
ockam_app_lib
Ockam's desktop application library
-
frost-ed448
A Schnorr signature scheme over Ed448 that supports FROST
-
amcl
The Apache Milagro Cryptographic Library (version 3)
-
ecksport-auth
Native auth impl using NaCl-based signing key system
-
aes_frast
lib for AES encryption and decryption, coded in pure safe Rust-lang
-
sta-rs
Distributed Secret-Sharing for Threshold Aggregation Reporting
-
dcrypt-symmetric
Symmetric encryption algorithms for the dcrypt library
-
neco-sha2
zero dependency SHA-256, HMAC-SHA256, and HKDF-SHA256
-
pqc-nostd
PQC no_std no_alloc Kyber Dilithium embedded 100% Rust
-
edgesentry-audit
Tamper-evident immutable audit trace: signing, verification, ingestion and CLI
-
s3p-cli
CLI for BlockNet S³P (encrypt→erasure→merkle, fountain tools)
-
rs-password-utils
Password utilities, writen in Rust
-
catzconnect
Secure, minimal SDK for sending encrypted communication requests to the CatzConnect API
-
didcomm
DIDComm for Rust
-
nostro2-nips
Nostro2 is a simple toolset for interacting with the Nostr protocol
-
bergshamra-enc
XML Encryption for Bergshamra XML Security library
-
modular_math
modular arithmetic crate for U256
-
pqc_kyber_edit
post-quantum Kyber KEM algorithm, with a fix for pqc_kyber KyberSlash
-
bergshamra-transforms
Transform pipeline for Bergshamra XML Security library
-
hasher
Package hasher provides a Hasher trait
-
test-ed25519-dalek
Fast and efficient ed25519 EdDSA key generations, signing, and verification in pure Rust
-
fn-dsa-sign
FN-DSA signature scheme
-
chacha20poly1305-nostd
Pure-Rust ChaCha20-Poly1305 AEAD implementation for no_std/bare-metal targets (avoids LLVM SIMD issues)
-
lupine-pqc
Lupine — Post-Quantum Cryptographic Suite (FIPS 203/204/205)
-
awol2005ex_kerberos_asn1
Parse/Build Kerberos ASN1 DER To/From Rust structs
-
redoubt-hkdf-rust
Pure Rust HKDF-SHA256 implementation
-
presence
Privacy friendly presence tokens
-
medallion
JWT library for rust using serde, serde_json and openssl
-
sha-to-hex
function to encode string using secret and return hex string
-
student-key-manager
Secure key management for student data anonymization with encryption and database integration
-
openmls_libcrux_crypto
A crypto backend for OpenMLS based on libcrux implementing openmls_traits
-
vrf-r255
A Verifiable Random Function built on the ristretto255 group
-
noctahash
Memory-hard password hashing algorithm designed to resist GPU, ASIC, and side-channel attacks
-
key_value_service
A refreshingly simple data-driven game engine and app framework
-
nuts-backend
A secure storage library
-
x509lint
X.509 linter (RFC 5280 certificates and CRLs)
-
rustls-post-quantum
Experimental support for post-quantum key exchange in rustls
-
affinidi-did-resolver-traits
Resolver traits for pluggable DID resolution
-
openpgp-ca
OpenPGP CA is a tool for managing and certifying OpenPGP keys
-
ockam_transport_tcp
TCP Transport for the Ockam Routing Protocol
-
rpgpie-sop
Experimental SOP implementation based on rpgpie
-
mpc-client
Noise protocol websocket relay client for MPC/TSS applications
-
ore-rs
Order-revealing encryption library used by the CipherStash searchable encryption platform
-
hpke-rs-crypto
Traits and types for HPKE crypto backends
-
getmyconfig
Read encrypted config and secrets from remote storage
-
hyde-tpm
TPM 2.0 backend for Hyde
-
tsumiki-x509
X.509 certificate parsing and handling with full v3 extensions support
-
secrets-vault
AES-256-GCM encrypted key-value vault with PBKDF2 key derivation. Store API keys and tokens securely instead of plaintext dotfiles.
-
librtbit-sha1-wrapper
Pluggable SHA1/SHA256 abstraction for the rtbit BitTorrent client
-
lamport_signature_plus
Lamport one-time signature scheme
-
identity_eddsa_verifier
JWS EdDSA signature verification for IOTA Identity
-
ezpgp
A minimal, auditable PGP encryption tool for secure messaging
-
ark-ec-zypher
elliptic curves and pairings
-
credx
Anonymous Credentials 2.0 implemention
-
agentic-identity-ffi
C FFI bindings for AgenticIdentity
-
sthash
A very fast cryptographic hash function for large data
-
nsec-tree-rs
Deterministic Nostr sub-identity derivation — Rust port of nsec-tree. HMAC-based one-way key hierarchy with Schnorr linkage proofs.
-
ansivault
CLI tool ansible-vault 1.1 implementation
-
trait-sys-checksum
SHA-256 checksum trait (cdylib plugin)
-
hxrts-aura-agent
Capability-based agents with clean service layer architecture for identity management
-
redoubt-aead
AEGIS-128L and XChaCha20-Poly1305 AEAD with zeroization
-
envvault-cli
A local-first encrypted environment variable manager
-
webcryptobox
Convenient opiniated wrappers around OpenSSL to use WebCrypto compatible cryptography
-
synta-python-krb5
Python extension module for synta Kerberos V5 types
-
sharks
Fast, small and secure Shamir's Secret Sharing library crate
-
p47h-cli
CLI tool for P47H policy validation and DID management
-
mls-rs-crypto-openssl
OpenSSL based CryptoProvider for mls-rs
-
sequoia-keystore
Sequoia's private key store server
-
sare-core
Core library for the SARE encryption standard
-
tectonic-fn-dsa-vrfy
FN-DSA signature scheme
-
oqs-safe
Stable, minimal, safe Rust wrapper over libOQS for PQ KEM/SIG (ML-KEM/Dilithium) with explicit mock-only dev mode
-
monerochan-curves
Monero-Chan, The Open-Source Privacy Platform (OSPP)
-
wolf-crypto
Safe and thin API for wolfSSL's wolfcrypt
-
quasor
A high-security AEAD based on a Duplex Sponge construction with SHAKE256, Argon2id, and BLAKE3
-
vks_client
Client implementation of the Verifying Keyserver (VKS) interface
-
click
A command-line REPL for Kubernetes that integrates into existing cli workflows
-
renc
Rust Encryption Engine compatible with the zenc file format
-
nrf-aes-gcm
AES-GCM support for nordic chips using the aead crate primitives
-
matrix-lite-rs
Production-ready Matrix protocol implementation with Redis backend, E2EE (Olm/Megolm), and WASM support for scalable real-time messaging
-
bertie
Minimal TLS 1.3 implementation
-
hakanai-lib
Client library for Hakanai, a secure secret sharing service
-
semaphore-rs-hasher
Rust support library for Semaphore
-
libcrux-aead
Formally verified AEAD library
-
chacha20
stream cipher (RFC 8439) implemented in pure Rust using traits from the RustCrypto
ciphercrate, with optional architecture-specific hardware acceleration (AVX2, SSE2). Additionally provides the ChaCha8… -
p12_polyfill
Allows to use pkcs12 generated by openssl v1 in rustls and native-tls (vendored openssl-src v3)
-
totp-sm-rs
A TOTP (Time-based One-Time Password) implementation in Rust with SM3 support
-
helvetia
API server that allows anonymous storage of secrets, with a simple rule; any user can create a secret using a token, and they can only access it using the same token
-
plain-aes
Rijndael's cipher, commonly known as AES
-
cortex-core
TIBET Cortex core types: TBZ envelopes, TIBET tokens, and crypto primitives
-
cosmian_fpe
Format-preserving encryption
-
concrete-core
Concrete is a fully homomorphic encryption (FHE) library that implements Zama's variant of TFHE
-
ratrod
A TCP / UDP tunneler that uses public / private key authentication with encryption
-
hashtree-rs
Rust bindings for the hashtree library
-
no-way-jose-aes-kw
AES Key Wrap (A128KW, A192KW, A256KW) JWE key management for no-way-jose
-
vitaminc-permutation
Secure Permutation functions. Part of the Vitamin-C cryptographic suite.
-
ssh-cipher-fork-arti
Pure Rust implementation of SSH symmetric encryption including support for the modern aes128-gcm@openssh.com/aes256-gcm@openssh.com and chacha20-poly1305@openssh.com algorithms as well as legacy support for older…
-
str0m-rust-crypto
Pure Rust crypto backend for str0m WebRTC
-
ipcrypt2
format-preserving encryption of IP addresses. Supports both deterministic and non-deterministic encryption modes
-
opaque-borink
configuration of OPAQUE, a passowrd-authenticated key exchange protocol
-
ssi-dids-core
Core types and traits for DIDs for the ssi library
-
sequoia-policy-config
Configure Sequoia using a configuration file
-
curve25519-entropic
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
tdln-proof
TDLN — proof bundle (deterministic translation proof + optional DV25 signatures)
-
mesh-session
Session token issuance/validation for the Mesh Protocol (HMAC-SHA256 + optional X25519/AES-GCM enterprise crypto)
-
des
Triple DES (3DES, TDES) block ciphers implementation
-
p521
Pure Rust implementation of the NIST P-521 (a.k.a. secp521r1) elliptic curve as defined in SP 800-186
-
gennaro-dkg
The Gennaro Distributed Key Generation Algorithm
-
uselesskey-ed25519
Ed25519 key fixtures (PKCS#8/SPKI, PEM/DER) with deterministic generation
-
secret-box
Safe boxing mechanism for sensitive values with automatic zeroization
-
kestrel-crypto
Cryptography backend for Kestrel
-
wedpr_l_bulletproofs
A pure-Rust implementation of Bulletproofs using Ristretto
-
firecloud-crypto
Encryption and key management for FireCloud distributed storage
-
tor-key-forge
Low level cryptography wrappers used by Tor
-
ark-serialize-zypher
serializing types in the arkworks ecosystem
-
schnorr
Signatures
-
recipher
CipherStash key generation library for ZeroKMS
-
uselesskey-core-hash
Length-prefixed hashing helpers shared by deterministic fixture derivation paths
-
wechat_work_crypto
Pure Rust implementation of WeChat Work (企业微信) message encryption/decryption library
-
cosmian_kyber
post-quantum Kyber KEM algorithm. This is a fork of the
pqc_kybercrate -
rand_jitterentropy
rand implementation for jitterentropy-library in Rust
-
proxy-signatures
Proxy signatures with delegation by warrant
-
lib2fas
Unofficial implementation of 2fas for Rust (as a library)
-
alpine-protocol-rs
Authenticated Lighting Protocol (alpine): secure control-plane + streaming guard for lighting data
-
reverie-zk
An efficient implementation of the NIZKPoK outlined in KKW 2018
-
ssh-parser
Parser for the SSH protocol
-
rssh-types
Shared protocol and domain types for rssh-agent
-
poly1305
universal hash function and message authentication code
-
ark-relations-zypher
rank-one constraint systems
-
tink-prf
PRF functionality for Rust port of Google's Tink cryptography library
-
kcr_trust_cert_manager_io
Kubernetes Custom Resource Bindings
-
eternaltwin_password
Password implementation
-
keygate-jwt
Easy to use, secure, and opinionated JWT (JSON Web Tokens) implementation for Rust
-
wasi-crypto
Experimental implementation of the WASI cryptography APIs
-
affinidi-bbs
BBS Signatures (IETF draft-irtf-cfrg-bbs-signatures) implementation over BLS12-381
-
sigma-proof-compiler
creating and verifying sigma protocols (zero-knowledge proofs of knowledge) using symbolic computation over elliptic curves
-
bunker
Dead simple, secure password management
-
argonautica
Idiomatic Argon2 password hashing for Rust
-
ostring_auth
A license authentication module
-
sunscreen_bulletproofs
A pure-Rust implementation of Bulletproofs using Ristretto
-
tafrah-traits
Shared traits and error types for the Tafrah PQC library
-
sqisign-core
Core types and traits for SQIsign post-quantum signature scheme
-
pakery-spake2plus
SPAKE2+ augmented PAKE protocol (RFC 9383)
-
nethsm-config
working with application configuration files for Nitrokey NetHSM devices
-
cryptirust
A flexible password generator that creates pronounceable passwords with adjustable entropy and custom patterns
-
dumb-crypto
Dumb, but easily verifiable implementations of crypto algorithms
-
ockam_vault
A software-only Ockam Vault implementation
-
bls_dkg
DKG
-
uselesskey-ecdsa
ECDSA P-256/P-384 key fixtures (PKCS#8/SPKI, PEM/DER) for tests
-
tasign
TA ELF signing utilities with CMS/PKCS#7 support
-
vrf_fun
RFC 9381 compliant Verifiable Random Function (VRF) for secp256k1
-
password_policy
A comprehensive password generator and strength analyzer with configurable policies
-
redoubt-hkdf-x86
x86_64 assembly HKDF-SHA256 implementation
-
wa-rs-appstate
Appstate for WhatsApp protocol
-
paillier
A pure-Rust implementation of the Paillier encryption scheme
-
uselesskey-core-id
Core identity and derivation primitives for uselesskey
-
turnstile
One-way encryption
-
infisical
Official Rust SDK for Infisical
-
aead-io
A wrapper around Write/Read interfaces with AEAD
-
bcrypt-no-getrandom
Easily hash and verify passwords using bcrypt without getrandom or zeroize, providing near-complete functionality without alloc or std
-
base16ct
Pure Rust implementation of Base16 a.k.a hexadecimal (RFC 4648) which avoids any usages of data-dependent branches/LUTs and thereby provides portable "best effort" constant-time operation…
-
secr
secret manager
-
anubis-vault
Post-quantum secure secrets manager with ML-KEM-1024, ML-DSA-87, zero-knowledge proofs, Shamir sharing, and memory protection. The ultimate security vault.
-
pqcrypto-mldsa
Post-Quantum Signature Scheme mldsa
-
envcipher
Encipher .env files to make accidental leaks harmless
-
kyber-rs
A toolbox of advanced cryptographic primitives for Rust
-
tfhe-csprng
Cryptographically Secure PRNG used in the TFHE-rs library
-
vitaminc-random
Secure Random Number Generation. Part of the Vitamin-C cryptographic suite.
-
webbuf_p256
Rust WASM elliptic curve P-256 (NIST) for digital signatures and Diffie-Hellman key exchange
-
fuzzytags
a probabilistic cryptographic structure for metadata resistant tagging
-
ssh-encoding-fork-arti
Pure Rust implementation of SSH data type decoders/encoders as described in RFC4251
-
logcrypt
CLI tool for encrypting private data in log files
-
ecrust-isogeny
Isogeny abstractions and scaffolding for the ecrust ecosystem
-
tafrah-abi
C ABI layer for Tafrah PQC primitives
-
cosmian_rust_nist_ec_provider
Pure-Rust NIST elliptic-curves provider
-
wasi-crypto-guest
Example WASI-Crypto guest bindings for Rust
-
signature_bls
The Ockam BLS signature impementation
-
zkinterface
An implementation of zkInterface
-
paseto-v4
PASETO/PASERK V4 based on RustCrypto
-
star-sharks
Shamir's Secret Sharing library for the STAR protocol
-
curve25519-dalek-organism
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
libhydrogen
A modern and easy to use cryptography library
-
carbon-curve25519-dalek
A pure-Rust implementation of group operations on ristretto255 and Curve25519
-
simple-encrypt
file encryption tool using AES-GCM
-
ed25519
Edwards Digital Signature Algorithm (EdDSA) over Curve25519 (as specified in RFC 8032) support library providing signature type definitions and PKCS#8 private key decoding/encoding support
-
ring-lwe
Implements the ring learning-with-errors public key encrpytion scheme
-
nostro2-signer
Nostro2 is a simple toolset for interacting with the Nostr protocol
-
lakers-shared
EDHOC crypto library constants crate
-
sunscreen_tfhe
contains the Sunscreen Torus FHE (TFHE) implementation
-
concrete-boolean
Homomorphic Boolean circuit interface for the concrete FHE library
-
awol2005ex_kerberos_constants
Constants used by different objects and actors of the Kerberos protocol
-
real_time_md_editor_api
Serves a Rust Actix‑Web backend to Implement the WebSocket sync logic,oauth2 and jsonwebtoken crates, DB
-
tsumiki
Core traits for X.509 certificate parsing and handling
-
miracl_amcl
The Apache Milagro Cryptographic Library (version 3.2)
-
aead
Traits for Authenticated Encryption with Associated Data (AEAD) algorithms, such as AES-GCM as ChaCha20Poly1305, which provide a high-level API
-
semaphore-rs-proof
Rust support library for Semaphore
-
vil_hash
VIL Expression function — hash utilities (FxHash, xxHash, SHA256)
-
iron_secrets
Secrets management and encryption for Iron Cage
-
monerochan-primitives
Monero-Chan, The Open-Source Privacy Platform (OSPP)
-
doxa-protected
Zeroize-on-drop string type with [REDACTED] Debug/Display/Serialize and OpenAPI schema. Framework-neutral, zero internal dependencies.
-
x25519-dalek-ng
fork x25519-dalek , update rand_core
-
affinidi-trust-lists
EU Trusted Lists (ETSI TS 119 612) for eIDAS 2.0 trust infrastructure
-
shipper-encrypt
State file encryption for shipper using AES-256-GCM
-
mpc-relay-server
Noise protocol websocket relay server for MPC/TSS applications
-
polyval
GHASH-like universal hash over GF(2^128) useful for constructing a Message Authentication Code (MAC)
-
cosmian_ffi_utils
Cosmian FFI tools library
-
cryptographic_primitives
that provides cryptographic primitives
-
chksum-sha2-224
SHA-2 224 hash function with a straightforward interface for computing digests of bytes, files, directories, and more
-
test-x25519-dalek
X25519 elliptic curve Diffie-Hellman key exchange in pure-Rust, using curve25519-dalek
-
wolfcrypt-ring-compat
cryptographic library using wolfSSL for its cryptographic operations. This library strives to be API-compatible with the popular Rust library named ring.
-
neo-crypto
An encryption algorithm library written in Rust
-
mls-rs-crypto-webcrypto
SubtleCrypto based CryptoProvider for supporting mls-rs in a browser
-
acme-v2
requesting certificates from an ACME V2 provider
-
hashery
A flexible and efficient async file hashing library supporting multiple hash algorithms (MD5, SHA1, SHA2, SHA3, BLAKE2, BLAKE3)
-
aes256ctr_poly1305aes
Pure Rust implementation of the AES256CTR-Poly1305AES Authenticated Encryption with optional architecture-specific hardware acceleration
-
kcr_kafka_services_k8s_aws
Kubernetes Custom Resource Bindings
-
cms
Pure Rust implementation of the Cryptographic Message Syntax (CMS) as described in RFC 5652 and RFC 3274
-
hyde-software
Software-only fallback backend for Hyde (stub)
-
animo-secure-env
secure-env is a wrapper library around the Android KeyStore and the iOS Security Framework for key creation and sign operations using the Secure Element
-
certify
Generate client cert with CA cert
-
jwt-rustcrypto
encoding, decoding, and validating JSON Web Tokens (JWTs) implemented using Rust Crypto libraries
-
chksum-sha2
SHA-2 hash functions with a straightforward interface for computing digests of bytes, files, directories, and more
-
semaphore-rs-depth-config
Rust support library for Semaphore
-
fn-dsa-vrfy
FN-DSA signature scheme
-
zvault-cli
ZVault CLI — AI-native secrets manager. Import .env files, inject secrets at runtime, MCP server for AI coding assistants
-
openpgp-cert-d
Shared OpenPGP Certificate Directory
-
srp-conflux
Secure Remote Password (SRP) protocol implementation
-
crypter_project_sk
A secure file encryption tool using AES-GCM and Argon2
-
no-way-jose-ecdsa
ECDSA JWS algorithms (ES256, ES384, ES512) for no-way-jose
-
shadow-messaging
End-to-end encrypted messaging with secure channels and offline queues for Shadow Network
-
simple_comms
communication protocol for AH
-
sha2-compress
SHA2 compress function
-
zkboo-profiling
Profiling backend for ZKBoo circuits
-
auths-id
Multi-device identity and attestation crate for Auths
-
secret_integers
Wrapping around Rust's integers to allow only constant-time operations
-
tor-relay-crypto
Cryptography types and helpers for a Tor relay
-
stegosaurust
A steganography tool, written in rust
-
libcrux-curve25519
Formally verified curve25519 ECDH library
-
sirr-server
Sirr server library — axum HTTP server with redb storage and ChaCha20Poly1305 encryption
-
tectonic-fn-dsa
FN-DSA signature scheme
-
cosmian_abe_gpsw
ABE GPSW scheme for BLS pairing implemented in rust
-
enigma-protocol
High-level orchestrator that composes the Enigma crates into a production-ready messaging protocol
-
no-way-jose-aes-cbc-hs
AES-CBC + HMAC-SHA JWE content encryption for no-way-jose
-
fdh
Full Domain Hash (FDH) for extending the size of a hash digest to an arbitrary length
-
primeorder
Pure Rust implementation of complete addition formulas for prime order elliptic curves (Renes-Costello-Batina 2015). Generic over field elements and curve equation coefficients
-
redoubt-hkdf-arm
aarch64 assembly HKDF-SHA256 implementation
-
ockam_transport_ble
Bluetooth Low Energy (BLE) Transport for the Ockam Routing Protocol
-
zvault-core
Core library for ZVault — AES-256-GCM barrier, Shamir seal, token auth, policy engine, audit logging
-
babyjubjub-rs
BabyJubJub elliptic curve implementation
-
nonce-extension
Derive-Key-AES and Double-Nonce-Derive-Key-AES nonce extension mechanisms (DNDK-GCM)
-
ecdsa_verify
ECDSA signature verification
-
dusk-hades
Hades252 permutation algorithm over the Bls12-381 Scalar field
-
hpke_pq
Fork of hpke that adds PQ modes
-
secure-vault
A secure memory vault that protects sensitive data from memory dumps and swap disk attacks
-
uselesskey-core-negative-pem
PEM-focused negative fixture corruption helpers for test fixtures
-
dcap-provider
DCAP quote provider using the Intel Trusted Services API as a backend. This crate compiles into
libdcap_quoteprov.so, which is needed as a backend when usinglibsgx_dcap_ql. To use this library… -
dcrypt-common
Common implementations and shared functionality for the dcrypt library
-
chksum-sha2-384
SHA-2 384 hash function with a straightforward interface for computing digests of bytes, files, directories, and more
-
cosmian_rust_curve25519_provider
Pure-Rust Curve25519 provider
-
novault
vaultless password management cli
-
lupine-core
Core types, traits, and error handling for the Lupine PQC suite
-
jh-x86_64
Portable JH with optimizations for x86-64 cpus
-
sqisign-lvl3
SQIsign post-quantum signature scheme - NIST Security Level 3
-
sumatradigest
A Memory-Safe Hash Digest Tool Written In Rust
-
sshd-openpgp-auth
Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys
-
hashes
cryptographic hash function algorithms
-
rust_mobile_secrets_vault
A secure, encrypted secrets vault for mobile-backend or embedded Rust services with versioning and key rotation
-
arcanum-symmetric
Symmetric encryption algorithms for the Arcanum cryptographic engine
-
zhc_crypto
Cryptographic primitives for homomorphic encryption
-
sigillum-daemon
Sigillum vault daemon with web UI and REST API
-
libpaillier
The Paillier cryptosystem is a public key crytosystem based on composite degree residuosity classes. Paillier ciphertexts are homorphic in that the can be added
-
cargo-sealed
CLI for storing encrypted environment variables in .env files
-
kcr_gateway_networking_x_k8s_io
Kubernetes Custom Resource Bindings
-
lupine-kem
KEM implementations (ML-KEM, hybrid X25519+ML-KEM) for the Lupine PQC suite
-
foodshare-crypto
Cryptographic utilities for webhook verification and HMAC
-
cmac
Generic implementation of Cipher-based Message Authentication Code
-
krow
key derivation function
-
picnic-bindings
Bindings for the Picnic digital signature scheme
-
lit-frost-schnorrkel25519
A Schnorr signature scheme over the prime-order Ristretto group that supports FROST
-
sequoia-gpg-agent
interacting with GnuPG's gpg-agent
-
ockam_multiaddr
multiformats.io/multiaddr
-
ockam_node
Ockam [Ockam][main-ockam-crate-link] Node and is intended for use by crates that provide features and add-ons to the main [Ockam][main-ockam-crate-link] library. The main [Ockam][main-ockam-crate-link]…
-
ironcrypt
secure password hashing, RSA key generation, and managing the encryption and verification of passwords and binary files
-
rand_hash
Cryptographically-secure pseudo-random generator based on cryptographic hash function
-
rfc6979
Pure Rust implementation of RFC6979: Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)
-
xoodyak
/ Xoodoo - A versatile cryptographic scheme that can be used for hashing, encryption, MAC computation and authenticated encryption
-
phenotype-cipher
safe cryptography
-
cthash
const fn implementation of hash functions including MD4, MD5, SHA-1, SHA-2, SHA-3, Keccak
-
scp-core
Core protocol implementation for SCP (Shared Context Protocol)
-
mux_circuits
contains the Sunscreen Torus FHE (TFHE) implementation
-
crabcrypt
A work in progress cryptographic library that currently supports hashing
-
wa-rs-libsignal
Signal Protocol implementation for the WhatsApp platform
-
rustls-pemfile
Basic .pem file parser for keys and certificates
-
oberon
multi-factor zero-knowledge capable token without requiring email, SMS, or authenticator apps. The proof of token validity is only 96 bytes while the token itself is only 48 bytes
-
obfustr
compile-time obfuscation of string literals (also byte and C strings)
-
ed448-goldilocks
A pure-Rust implementation of Ed448 and Curve448 and Decaf. This crate also includes signing and verifying of Ed448 signatures
-
redoubt-aead-aegis-x86
x86_64 assembly AEGIS-128L AEAD implementation
-
zkboo-circuit-hash
Cryptographic fingerprinting for ZKBoo circuits
-
sealed-env
Read and decrypt sealed environment variables
-
sequoia-sop
Stateless OpenPGP Interface using Sequoia
-
blahaj
Fast, small, and secure Shamir's Secret Sharing
-
lit-p384
Pure Rust implementation of the NIST P-384 (a.k.a. secp384r1) elliptic curve as defined in SP 800-186 with support for ECDH, ECDSA signing/verification, and general purpose curve arithmetic support.
-
wolfcrypt-conformance
Cross-validation and trait conformance tests for wolfcrypt
-
block-buffer
Buffer types for block processing of data
-
libcrux-psq
Libcrux Pre-Shared post-Quantum key establishement protocol
-
pqcrypto-classicmceliece
Post-Quantum Key-Encapsulation Mechanism classicmceliece
-
semaphore-rs-keccak
Rust support library for Semaphore
-
pakery-core
Shared utilities for PAKE protocol implementations
-
hips
Manage secrets alongside your code
-
aes-kw
NIST 800-38F AES Key Wrap (KW) and Key Wrap with Padding (KWP) modes
-
scp-primitives
Shared low-level primitives for SCP (Shared Context Protocol)
-
affinidi-messaging-didcomm-service
Shared DIDComm service framework for always-online DIDComm client. Manages mediator connection, message lifecycle, and handler dispatch.
-
generic-ec-zkp
ZK-proofs and primitives built on top of
generic-eccrate -
block-padding
Padding and unpadding of messages divided into blocks
-
cose-rust-plus
COSE Rust implementation
-
libcrux
The Formally Verified Cryptography Library
-
hpke-rs-libcrux
Crypto backend for HPKE using formally verified code from libcrux
-
bergshamra-keys
Key management for Bergshamra XML Security library
-
paseto-v4-sodium
PASETO/PASERK V4 based on libsodium
-
ecrust
Umbrella crate re-exporting the ecrust field, curve, isogeny, and protocol crates
-
aead-gcm-stream
Pure Rust implementaion of AES GCM cipher for data streams
-
uselesskey-core-negative-der
DER-focused negative fixture builders for deterministic corruption in uselesskey
-
freebird-crypto
Cryptographic primitives for the Freebird privacy-preserving authentication system, including VOPRF implementation
-
age-plugin-openpgp-card
Age plugin for using ed25519 on OpenPGP Card devices (Yubikeys, Nitrokeys)
-
tafrah-slh-dsa
SLH-DSA (FIPS 205) implementation for the Tafrah PQC library
-
kcr_kms_services_k8s_aws
Kubernetes Custom Resource Bindings
-
sequoia-keystore-softkeys
A soft key (in-memory key) backend for Sequoia's private key store
-
lockboxer
Configurable fork of Lockbox encryption library
-
uselesskey-core-keypair-material
PKCS#8/SPKI key-material helpers shared by key fixture crates
-
envvault
A secure environment variable management tool with encryption and team collaboration features
-
zkp
A toolkit for auto-generated implementations of Schnorr proofs
-
lit-frost-ed25519
A Schnorr signature scheme over Ed25519 that supports FROST
-
sqisign-lvl5
SQIsign post-quantum signature scheme - NIST Security Level 5
-
uselesskey-rustcrypto
RustCrypto adapter traits for uselesskey RSA/ECDSA/Ed25519/HMAC fixtures
-
sn_bulletproofs
A pure-Rust implementation of Bulletproofs using Ristretto
-
zkboo-ecc
Elliptic curve cryptography primitives for the ZKBoo ecosystem
-
chksum-sha2-512
SHA-2 512 hash function with a straightforward interface for computing digests of bytes, files, directories, and more
-
sigma-protocols
SIGMA zero-knowledge proof protocols
-
sec-store
encrypted storage
-
ocb3
Pure Rust implementation of the Offset Codebook Mode v3 (OCB3) Authenticated Encryption with Associated Data (AEAD) Cipher as described in RFC7253
-
threatflux-hashing
High-performance async file hashing library supporting MD5, SHA256, SHA512, and BLAKE3
-
seekable-stream-cipher
Seekable stream cipher and encryption/decryption
-
libcrux-digest
Digest library
-
redoubt-aead-aegis-arm
aarch64 assembly AEGIS-128L AEAD implementation
-
tfhe-cuda-backend
Cuda implementation of TFHE-rs primitives
-
layer-crypto
Cryptographic primitives for Telegram MTProto: AES-IGE, RSA, SHA-1/256, auth key derivation
-
wot-network-rpgpie
Transform OpenPGP certificate sets into a wot-network structure
-
salsa20
Pure Rust implementation of the Salsa20 stream cipher
-
tsumiki-pkcs
PKCS standards (PKCS#1, PKCS#8, PKCS#9, SEC1) for cryptographic key handling
-
sh-secgen
secret key generator
-
uselesskey-x509
X.509 self-signed and chain certificate fixtures with negative variants for tests
-
pqcrypto-ntru
Post-Quantum Key-Encapsulation Mechanism ntru
-
p384
Pure Rust implementation of the NIST P-384 (a.k.a. secp384r1) elliptic curve as defined in SP 800-186 with support for ECDH, ECDSA signing/verification, and general purpose curve arithmetic support.
-
redoubt-secret
High-level Secret wrapper with automatic zeroization
-
capy_kem
ML-KEM with MAL-BIND Security
-
aranya-aqc-util
Aranya QUIC Channels
-
keyden
CLI and library for managing, rotating, and generating secret keys safely
-
chacha20-poly1305-stream
A pure Rust implementation of the ChaCha20-Poly1305 AEAD from RFC 7539
-
libsignal-protocol-syft
Vendored libsignal protocol crate for syft
-
cloudproof_fpe
Cosmian Cloudproof FPE library
-
pakery-spake2
SPAKE2 balanced PAKE protocol (RFC 9382)
-
rust-config-secrets
encrypting and decrypting secrets within configuration files
-
sunscreen_gpu_runtime
GPU support for Sunscreen's Torus FHE (TFHE) implementation
-
uselesskey-tonic
tonic transport TLS adapters for uselesskey X.509 certificate fixtures
-
penis
Protocol
-
zkboo-hmac
HMAC primitives for the ZKBoo ecosystem
-
vitaminc-kms
AWS KMS implementation for Vitamin C traits
-
perfgate-sha256
Minimal SHA-256 implementation for perfgate fingerprinting
-
uselesskey-jose-openid
JOSE/OpenID focused conversion helpers for uselesskey fixtures
-
monerochan-core-machine
Monero-Chan, The Open-Source Privacy Platform (OSPP)
-
fluxencrypt-async
Async/await support for FluxEncrypt encryption SDK
-
pake-cpace
CPace, a balanced PAKE
-
sop
Rust Interface for the Stateless OpenPGP Interface
-
jwt-simple-no-nbf-fork
Easy to use, secure, non opinionated JWT (JSON Web Tokens) implementation for Rust
-
bcrypt-pbkdf
password-based key derivation function
-
softaes
Fast software implementation of the AES round function in pure Rust
-
paseto-v3
PASETO/PASERK V3 based on RustCrypto
-
spake2
password-authenticated key-exchange algorithm
-
ssh-cipher
Pure Rust implementation of SSH symmetric encryption including support for the modern aes128-gcm@openssh.com/aes256-gcm@openssh.com and chacha20-poly1305@openssh.com algorithms as well as legacy support for older…
-
ark-ed-on-bn254-zypher
A Twisted Edwards curve defined over the scalar field of the BN254 curve
-
uselesskey-core-x509-negative
X.509 negative-fixture policy helpers for uselesskey
-
chksum-sha2-256
SHA-2 256 hash function with a straightforward interface for computing digests of bytes, files, directories, and more
-
sqisign-lvl1
SQIsign post-quantum signature scheme - NIST Security Level 1
-
dsa
Pure Rust implementation of the Digital Signature Algorithm (DSA) as specified in FIPS 186-4 (Digital Signature Standard), providing RFC6979 deterministic signatures as well as support for added entropy
-
primefield
Generic implementation of prime fields built on
crypto-bigint, along with macros for writing field element newtypes including ones with formally verified arithmetic usingfiat-crypto -
p384_rs
NIST P-384 (secp384r1), with correct arithmetic
-
pkcs1
Pure Rust implementation of Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.2 (RFC 8017)
-
affinidi-crypto
Cryptographic primitives and JWK types for Affinidi TDK
-
chksum-sha1
SHA-1 hash function with a straightforward interface for computing digests of bytes, files, directories, and more
-
uselesskey-token
API key, bearer, and OAuth access-token fixture generator for tests
-
cryptojs_rust
CryptoJS encryption/decryption functionality
-
vk-separate
A CLI tool to remove Committer key from Verification key in Nova protocol
-
md-5
MD5 hash function
-
pvss
Publicly verifiable secret sharing implementations
-
vios_app
Small JSON vaults: Argon2id + AES-GCM, with optional AAD binding
-
bulletproofs-bls
A pure-Rust implementation of Bulletproofs
-
bulletproof-kzen
Bulletproofs and Bulletproofs+ aggregated range proofs with multi-exponent verification
-
aes-siv
Pure Rust implementation of the AES-SIV Misuse-Resistant Authenticated Encryption Cipher (RFC 5297) with optional architecture-specific hardware acceleration
-
lit-frost-ristretto255
A Schnorr signature scheme over the prime-order Ristretto group that supports FROST
-
sequoia-net
Network services for OpenPGP
-
pakery-cpace
CPace balanced PAKE protocol (draft-irtf-cfrg-cpace)
-
no-way-jose-eddsa
EdDSA (Ed25519) JWS algorithm for no-way-jose
-
tsumiki-asn1
ASN.1 object representation and parser for X.509 certificates
-
affinidi-sd-jwt
SD-JWT (Selective Disclosure JWT) implementation per IETF SD-JWT specification
-
bergshamra-pkcs12
PKCS#12 parser for Bergshamra XML Security library
-
chksum-reader
A convenient interface for calculating hash digests on the fly while reading data from a reader
-
ferogram-crypto
Cryptographic primitives for Telegram MTProto: AES-IGE, RSA, SHA-1/256, auth key derivation
-
vitaminc-traits
Vitamin C traits
-
concrete-commons
Common tools for the concrete FHE library
-
wolfcrypt-rs
Low-level FFI bindings for wolfSSL/wolfCrypt cryptographic library
-
ctutils
Constant-time utility library with selection and equality testing support targeting cryptographic applications. Supports
const fnwhere appropriate. Built on thecmovcrate which provides… -
monerochan-verifier
Verifier for MONEROCHAN Groth16 and Plonk proofs
-
rudric
CLI tool for managing secrets in a secure way
-
signature_ps
The Ockam PS signature impementation
-
ml-kem
Pure Rust implementation of the Module-Lattice-Based Key-Encapsulation Mechanism Standard (formerly known as Kyber) as described in FIPS 203
-
lit-frost-decaf377
A Schnorr signature scheme over the Decaf377 curve that supports FROST
-
ssh-encoding
Pure Rust implementation of SSH data type decoders/encoders as described in RFC4251
-
ark-ed-on-bls12-381-zypher
A Twisted Edwards curve defined over the scalar field of the BLS12-381 curve
-
tsumiki-der
DER (Distinguished Encoding Rules) parser for ASN.1 structures
-
ghash
Universal hash over GF(2^128) useful for constructing a Message Authentication Code (MAC), as in the AES-GCM authenticated encryption cipher
-
uselesskey-core-token-shape
Token shape generation primitives shared across uselesskey token crates
-
chksum-writer
A convenient interface for calculating hash digests on the fly while writing data to a writer
-
uselesskey-cli
Deterministic fixture generation and export helpers for local secret handoff formats
-
blowfish
block cipher
-
vitaminc-async-traits
Vitamin C async traits
-
sha1-checked
SHA-1 hash function with collision detection
-
rustcrypto-group
Elliptic curve group traits and utilities
-
libcrux-blake2
Formally verified blake2 hash library
-
sigillum-server
Sigillum vault server library for custom deployments
-
yubihsm
Pure Rust client for YubiHSM2 devices with support for HTTP and USB-based access to the device. Supports most HSM functionality including ECDSA, Ed25519, HMAC, and RSA.
-
best-encrypt
A top-level secrets orchestrator. Not just another .env tool — this one encrypts, locks, and sets you up for secure local and team dev.
-
sha2-asm
Assembly implementation of SHA-2 compression functions
-
ockam_entity
Ockam is a library for building devices that communicate securely, privately and trustfully with cloud services and other devices
-
uselesskey-rustls
rustls-pki-types and rustls config adapters for uselesskey X.509/key fixtures
-
hash2curve
algorithm implementation
-
lit-frost-secp256k1
A Schnorr signature scheme over the secp256k1 curve that supports FROST
-
monerochan-cuda
Monero-Chan, The Open-Source Privacy Platform (OSPP)
-
libcrux-rsa
Formally verified RSA signature library
-
keccak
Pure Rust implementation of the Keccak sponge functions
-
sequoia-keystore-backend
Traits for private key store backends
-
ccm
Generic implementation of the Counter with CBC-MAC (CCM) mode
-
md4
MD4 hash function
-
pasta-tokens
Platform Agnostic SEcurity TOkens (PASETO) is a secure alternative to JOSE/JWT
-
evercrypt
Crypto library using formally verified code from HACL/Evercrypt
-
concrete_lib
Concrete is a fully homomorphic encryption (FHE) library that implements Zama's variant of TFHE
-
ockam_vault_test_suite
Ockam Vault test suite
-
rocca
ROCCA-S authenticated cipher
-
vsss-rs-std
Verifiable Secret Sharing Schemes for splitting, combining and verifying secret shares
-
kcr_appprotect_f5_com
Kubernetes Custom Resource Bindings
-
universal-hash
Traits which describe the functionality of universal hash functions (UHFs)
-
serdect
Constant-time serde serializer/deserializer helpers for data that potentially contains secrets (e.g. cryptographic keys)
-
sigillum-sdk
Embeddable SDK for Sigillum vault integration
-
eax
Pure Rust implementation of the EAX Authenticated Encryption with Associated Data (AEAD) Cipher with optional architecture-specific hardware acceleration This scheme is only based on a block cipher…
-
sealed_box
Libsodium sealed_box construction for Rust/WebAssembly
-
monerochan-build
Build an MONEROCHAN program
-
sequoia-keystore-server
Sequoia keystore daemon
-
nettle-sys
Low-level Rust bindings for the Nettle cryptographic library
-
uselesskey-core-x509-spec
X.509 fixture spec models and stable encoders for uselesskey
-
sequoia-keystore-openpgp-card
An OpenPGP card backend for Sequoia's private key store
-
ascon-aead
authenticated encryption schemes Ascon-AEAD128
-
uselesskey-jwk
Compatibility facade re-exporting typed JWK/JWKS models and builders
-
lit-frost-rerandomized
Types and traits to support implementing a re-randomized variant of Flexible Round-Optimized Schnorr Threshold signature schemes (FROST)
-
whirlpool
hash function
-
uselesskey-aws-lc-rs
aws-lc-rs adapter traits for uselesskey RSA/ECDSA/Ed25519 fixtures
-
ockam_executor
Ockam async executor crate
-
lit-frost-p256
A Schnorr signature scheme over the NIST P-256 curve that supports FROST
-
xaes-256-gcm
Pure Rust implementation of the XAES-256-GCM extended-nonce Authenticated Encryption with Associated Data (AEAD)
-
redoubt-vault
Encrypted vault with field-level access and automatic zeroization
-
crypto_secretbox
Pure Rust implementation of the XSalsa20Poly1305 (a.k.a. NaCl crypto_secretbox) authenticated encryption cipher as well as the libsodium variant of XChaCha20Poly1305
-
sequoia-keystore-gpg-agent
A gpg-agent backend for Sequoia's private key store
-
cfb-mode
Cipher Feedback (CFB) block cipher mode of operation
-
sequoia-keyring-linter
A linter for keyrings
-
sparx
block ciphers implementations
-
sigillum-cli
Command-line interface for Sigillum vault management
-
signatory
Multi-provider elliptic curve digital signature library with ECDSA and Ed25519 support
-
sm3
SM3 (OSCCA GM/T 0004-2012) hash function
-
concrete-npe
Noise parameter estimator for the concrete FHE library
-
rc4
Pure Rust implementation of the RC4 stream cipher
-
password-auth
Password authentication library with a focus on simplicity and ease-of-use, including support for Argon2, PBKDF2, and scrypt password hashing algorithms
-
uselesskey-core-x509
Deterministic X.509 policy helpers shared by uselesskey fixture crates
-
uselesskey-ring
ring 0.17 adapter traits for uselesskey RSA/ECDSA/Ed25519 fixtures
-
monerochan-recursion-core
Monero-Chan, The Open-Source Privacy Platform (OSPP)
-
lit-frost-p384
A Schnorr signature scheme over the NIST P-256 curve that supports FROST
-
idea
IDEA block cipher
-
pkcs5
Pure Rust implementation of Public-Key Cryptography Standards (PKCS) #5: Password-Based Cryptography Specification Version 2.1 (RFC 8018)
-
p224
Pure Rust implementation of the NIST P-224 (a.k.a. secp224r1) elliptic curve as defined in SP 800-186
-
libcrux-ecdsa
Formally verified ECDSA signature library
-
uselesskey-pgp-native
Native OpenPGP key type adapters for uselesskey fixtures
-
amcl-milagro
The Apache Milagro Cryptographic Library (version 3)
-
ml-dsa
Pure Rust implementation of ML-DSA (formerly known as CRYSTALS-Dilithium) as described in FIPS-204 (final)
-
camellia
block cipher
-
base32ct
Pure Rust implementation of Base32 (RFC 4648) which avoids any usages of data-dependent branches/LUTs and thereby provides portable "best effort" constant-time operation and embedded-friendly no_std support
-
monerochan-prover
Monero-Chan, The Open-Source Privacy Platform (OSPP)
-
kem
Traits for Key Encapsulation Mechanisms (KEMs): public-key cryptosystems designed to enable a sender (a.k.a. encapsulator) to generate and encrypt a short secret key and transmit it to a receiver…
-
twofish
block cipher
-
streebog
(GOST R 34.11-2012) hash function
-
uselesskey-core-rustls-pki
rustls-pki-types adapters for uselesskey fixture crates
-
sequoia-tpm
Machinery for working with TPM from Sequoia