-
rsa
Pure Rust RSA implementation
-
aes
Pure Rust implementation of the Advanced Encryption Standard (a.k.a. Rijndael)
-
aes-gcm
Pure Rust implementation of the AES-GCM (Galois/Counter Mode) Authenticated Encryption with Associated Data (AEAD) Cipher with optional architecture-specific hardware acceleration
-
aws-sdk-kms
AWS SDK for AWS Key Management Service
-
aes-gcm-siv
Pure Rust implementation of the AES-GCM-SIV Misuse-Resistant Authenticated Encryption Cipher (RFC 8452) with optional architecture-specific hardware acceleration
-
aead
Traits for Authenticated Encryption with Associated Data (AEAD) algorithms, such as AES-GCM as ChaCha20Poly1305, which provide a high-level API
-
sequoia-openpgp
OpenPGP data types and associated machinery
-
cookie
HTTP cookie parsing and cookie jar management. Supports signed and private (encrypted, authenticated) jars.
-
libcrux-ml-kem
Libcrux ML-KEM & Kyber implementations
-
aegis
authenticated ciphers (AEGIS-128, AEGIS-256, AEGIS-128X, AEGIS-256X)
-
age
[BETA] A simple, secure, and modern encryption library
-
pgp
OpenPGP implementation in Rust
-
ccm
Generic implementation of the Counter with CBC-MAC (CCM) mode
-
tfhe
TFHE-rs is a fully homomorphic encryption (FHE) library that implements Zama's variant of TFHE
-
ghash
Universal hash over GF(2^128) useful for constructing a Message Authentication Code (MAC), as in the AES-GCM authenticated encryption cipher
-
aes-siv
Pure Rust implementation of the AES-SIV Misuse-Resistant Authenticated Encryption Cipher (RFC 5297) with optional architecture-specific hardware acceleration
-
openmls
Messaging Layer Security (MLS) protocol, as defined in RFC 9420
-
idea
IDEA block cipher
-
atuin
magical shell history
-
eax
Pure Rust implementation of the EAX Authenticated Encryption with Associated Data (AEAD) Cipher with optional architecture-specific hardware acceleration This scheme is only based on a block cipher…
-
sequoia-chameleon-gnupg
Sequoia's reimplementation of the GnuPG interface
-
ssh-cipher
Pure Rust implementation of SSH symmetric encryption including support for the modern aes128-gcm@openssh.com/aes256-gcm@openssh.com and chacha20-poly1305@openssh.com algorithms as well…
-
hpke
hybrid encryption standard (RFC 9180) in pure Rust
-
ocb3
Pure Rust implementation of the Offset Codebook Mode v3 (OCB3) Authenticated Encryption with Associated Data (AEAD) Cipher as described in RFC7253
-
kem
Traits for Key Encapsulation Mechanisms (KEMs): public-key cryptosystems designed to enable a sender (a.k.a. encapsulator) to generate and encrypt a short secret key and transmit it to a receiver…
-
softaes
Fast software implementation of the AES round function in pure Rust
-
cosmian_crypto_core
Cosmian base cryptographic library
-
libsodium-rs
A comprehensive, idiomatic Rust wrapper for libsodium, providing a safe and ergonomic API for cryptographic operations
-
sequoia-octopus-librnp
Reimplementation of RNP's interface using Sequoia for use with Thunderbird
-
rustic_core
fast, encrypted, deduplicated backups that powers rustic-rs
-
encrypted-dns
A modern encrypted DNS server (DNSCrypt v2, Anonymized DNSCrypt, DoH)
-
self_encryption
Self encrypting files (convergent encryption plus obfuscation)
-
ntpd
Full-featured implementation of NTP with NTS support
-
xts-mode
XTS block mode implementation in rust
-
sequoia-sq
Command-line frontends for Sequoia
-
rusty_paseto
A type-driven, ergonomic alternative to JWT for secure stateless PASETO tokens
-
libpep
polymorphic encryption and pseudonymization
-
web-push
Web push notification client with support for http-ece encryption and VAPID authentication
-
kestrel-cli
Kestrel file encryption program
-
cosmian_cover_crypt
Key Policy attribute encryption based on subset cover
-
shavee
program to automatically decrypt and mount ZFS datasets using Yubikey HMAC as 2FA or any USB drive with support for PAM to auto mount home directories
-
sentinel-cli
Command-line interface for Cyberpath Sentinel DBMS
-
gst-plugin-sodium
GStreamer plugin for libsodium-based file encryption and decryption
-
fernet
in Rust
-
hakanai
CLI client for Hakanai, a secure secret sharing service
-
sframe
pure rust implementation of SFrame (RFC 9605)
-
ssclient
SecureStore client for managing user secrets
-
ece
Encrypted Content-Encoding for HTTP Rust implementation
-
mollysocket
allows getting signal notifications via UnifiedPush
-
libcrux-chacha20poly1305
Formally verified ChaCha20-Poly1305 AEAD library
-
libcrux-hmac
Libcrux HMAC implementation
-
mla
Multi Layer Archive - A pure rust encrypted and compressed archive file format
-
huddle
Terminal-native chat over a self-hosted Tor onion relay (opt-in LAN mDNS / direct dial), all Megolm end-to-end encrypted
-
whatsapp-rust
Rust client for WhatsApp Web
-
enc_file
Password-based file encryption tool with a versioned header, AEAD, Argon2id KDF, and streaming mode. Library + CLI + GUI.
-
wdcrypt
CLI to encrypt the current working directory with Fernet encryption
-
s2n-tls
A C99 implementation of the TLS/SSL protocols
-
nitor-vault
Encrypted AWS key-value storage utility
-
libcryptsetup-rs
High level Rust bindings for libcryptsetup
-
rustls-symcrypt
rustls crypto provider model for SymCrypt
-
securestore
API for creating or decrypting user secrets
-
frank_jwt
JSON JWT
-
jose-jwk
Pure Rust implementation of the JSON Web Key (JWK) component of the Javascript Object Signing and Encryption (JOSE) specification as described in RFC7517
-
netxclient
netx client assembly
-
aws-esdk
implementing client side encryption
-
arcanum-primitives
Native cryptographic primitives for Arcanum
-
libcrux-aesgcm
Libcrux AES-GCM implementation
-
ji-cli
Encrypt dotfiles into a single .ji file for safe cross-device migration
-
libcrux-traits
Traits for cryptographic algorithms
-
rust_keylock_shell
Shell access to the rust-keylock. rust-keylock is a password manager with goals to be Secure, Simple to use, Portable and Extensible.
-
crypt_guard
CryptGuard is a post-quantum cryptography library with support for Kyber, Falcon, Dilithium in combination with AES and XChaCha20
-
saorsa-mls
Experimental Message Layer Security (MLS)-inspired library for P2P secure group communication
-
turnkey_enclave_encrypt
encrypt and decrypt data sent to and from Turnkey secure enclaves, using HPKE (RFC 9180). Used in authentication, export, and import flows.
-
lilsync
a little tool to sync your files
-
sm2
Pure Rust implementation of the SM2 elliptic curve as defined in the Chinese national standard GM/T 0003-2012 as well as ISO/IEC 14888. Includes support for the SM2DSA Digital Signature Algorithm.
-
kagi-vault
Encrypted secrets and environment variable manager for teams — a secure, team-ready dotenv alternative with per-service isolation
-
ntag424
application protocol of NTAG 424 DNA chips
-
hiae
High-throughput Authenticated Encryption (HiAE) algorithm implementation
-
hanko
Keeps your Git allowed signers file up to date with signing keys configured on software development platforms like GitHub and GitLab
-
paper-age
Easy and secure paper backups of secrets
-
cryptify
A procedural macro library to obfuscate Rust code. Provides compile-time string encryption and random flow obfuscation.
-
akv-cli
Azure Key Vault CLI (unofficial) can read secrets from Key Vault, securely pass secrets to other commands or inject them into configuration files, encrypt and decrypt secrets, and managed keys and secrets in Key Vault
-
hctr2-rs
HCTR2 and HCTR3 length-preserving encryption with format-preserving variants
-
mnemo-mcp-server
Mnemo MCP memory server — runnable binary; install as
cargo install mnemo-mcp-server, run asmnemo -
ascon-aead
authenticated encryption schemes Ascon-AEAD128
-
bevy-dlc
DLC (downloadable content) management for Bevy games
-
crymap
secure IMAP server with encrypted data at rest
-
ssh-vault
encrypt/decrypt using ssh keys
-
linguafranca
LLM API format converter — convert between OpenAI, Anthropic, and Open Responses formats
-
age-plugin-yubikey
YubiKey plugin for age clients
-
fluxencrypt
A high-performance, secure encryption SDK for Rust applications
-
product-os-security
Product OS : Security provides a suite of helper tools to easily perform cryptographic operations including generating hashes, encrypting and decrypting content
-
ipcrypt-rs
IP address encryption and obfuscation methods in pure Rust
-
aws-db-esdk
implementing client side encryption with DynamoDB
-
bergshamra
— Pure Rust XML Security library (XML-DSig, XML-Enc, C14N)
-
gencrypt
Personal usage hashing utility
-
cts
Generic implementation of the ciphertext stealing block modes of operation
-
nest-data-source-api
NEST Data Source API Service
-
rust-keylock-ui
A password manager with goals to be Secure, Simple to use, Portable and Extensible
-
aws-sdk-workmail
AWS SDK for Amazon WorkMail
-
cqrs-es-crypto
Transparent PII encryption and GDPR crypto-shredding for cqrs-es
-
dotlock-bin
Encrypted project-local environment variables manager
-
matrix-sdk-store-encryption
Helpers for encrypted storage keys for the Matrix SDK
-
murk-cli
Encrypted secrets manager for developers — one file, age encryption, git-friendly
-
cosmian_findex
Symmetric Searchable Encryption
-
caesar_cipher_enc_dec
can easily use caesar cipher
-
fnox
A flexible secret management tool supporting multiple providers and encryption methods
-
uricrypt
Hierarchy-preserving deterministic URI encryption
-
crabapple
iOS backup decryption and encryption
-
tzap
Fast encrypted archive CLI with built-in recovery and safe restores
-
aliyun-oss
aliyun oss sdk
-
cryptostream
Transparent encryption and decryption for Read and Write streams
-
arkana
A modern CLI tool for password-based encryption with human-readable output
-
unarc-rs
Universal archive extraction & decompression library for retro + modern formats (7z, ZIP, RAR, LHA/LZH, TAR, ARJ, ARC/PAK, ZOO, HA, UC2, SQ/SQ2, SQZ, HYP, gz, bz2, Z)
-
deoxys
Pure Rust implementation of the Deoxys Authenticated Encryption with Associated Data (AEAD) cipher, including the Deoxys-II variant which was selected by the CAESAR competition as the first choice for in-depth security
-
rs-clip-bridge-client
Cross-platform clipboard sync client for rs-clip-bridge. Monitors local clipboard changes and synchronizes them with a remote server via WebSockets. All clipboard data is encrypted using ChaCha20-Poly1305.
-
aws-sdk-paymentcryptography
AWS SDK for Payment Cryptography Control Plane
-
git-simple-encrypt
Encrypt/decrypt files in your git repo using only one password
-
huddle-protocol
The Huddle wire protocol and pure cryptographic constructions — the runtime-free core that both the huddle client and relay speak
-
aead-stream
Generic implementation of the STREAM online authenticated encryption construction
-
kagi-app
CLI application for Kagi secrets manager
-
lib-q-hpke
HPKE implementation for lib-q
-
nym-lp
Lewes Protocol session and transport layer for the Nym network
-
ntrulp
Pure implementation of high-security prime-degree large-Galois-group inert-modulus ideal-lattice-based cryptography
-
saorsa-gossip-groups
MLS group management wrapper for Saorsa Gossip (RFC 9420 compliant)
-
wecanencrypt
OpenPGP library for encryption, signing, and key management
-
rustack-s3-core
S3 service implementation for Rustack
-
macarunes
macaroons
-
hayro
A rasterizer for PDF files
-
crypt-io
AEAD encryption (ChaCha20-Poly1305, AES-256-GCM), hashing (BLAKE3, SHA-2), MAC (HMAC, BLAKE3 keyed), and KDF (HKDF, Argon2id) for Rust. Algorithm-agile. RustCrypto-backed primitives with REPS discipline…
-
challenge_response
Perform HMAC-SHA1 and OTP challenges with YubiKey, OnlyKey and NitroKey, in pure Rust
-
sop
Rust Interface for the Stateless OpenPGP Interface
-
ironhide
easily encrypt and decrypt files to users and groups. Similar to GPG, but usable at scale.
-
lwbc
Compact implementations of small block ciphers (SPECK, SIMON, SIMECK)
-
ferrocrypt
Recipient-oriented file and directory encryption: passphrase (Argon2id) and X25519 public-key recipients, XChaCha20-Poly1305 STREAM payloads, HKDF-SHA3-256 / HMAC-SHA3-256 key derivation and authentication
-
exaf-rs
Extensible archiver format
-
orderable-bytes
Canonical, order-preserving fixed-length byte encodings for plaintext types — feed into ORE or OPE schemes that compare encrypted values lexicographically
-
tibet-trust-kernel
Zero-trust security foundation — AES-256-GCM encryption, SHA-256 integrity, sandboxed execution, cross-machine memory transport. For finance, IoT, AI, databases, anything zero-trust.
-
gday
Command line tool to securely send files (without a relay or port forwarding)
-
pqfile
Quantum-resistant file encryption: ML-KEM (512/768/1024), hybrid X25519+ML-KEM-768, ML-DSA-65 signing, multi-recipient, Shamir sharing
-
mountpoint-s3-client
High-performance Amazon S3 client for Mountpoint for Amazon S3
-
lib-q-aead
Post-quantum Authenticated Encryption for lib-Q
-
cose-rust
COSE Rust implementation
-
giant-spellbook
cryptographic multi-tool with file analysis, encoding, bitflipping, splitting, hashing, encryption, signing, and more
-
rufendec
lightweight CLI tool for AES-256 encryption and decryption, preserving file names and directory structure. With support for ECB/GCM modes, it simplifies securing and restoring files with ease, all powered by Rust.
-
s-zip
High-performance streaming ZIP library with AES-256 encryption and async/await support - Read/write ZIP files with minimal memory footprint. Supports password protection, cloud storage, and Tokio runtime.
-
algae-cli
Lightweight age profile for user-friendly encryption (CLI tool and library)
-
rustic-rs
rustic - fast, encrypted, deduplicated backups powered by Rust
-
tiny-encrypt
tiny file encrypt tool
-
honzo-cli
Honzo ebook format CLI tools
-
sequoia-autocrypt
Autocrypt support
-
playfair_cipher
Playfair, Two square and Four square cipher
-
confidential-ml-transport
Attestation-bound encrypted tensor transport for confidential ML inference
-
seshcookie
Stateless, encrypted, type-safe session cookies for Rust web applications
-
rs-clip-bridge-server
WebSocket server for rs-clip-bridge clipboard synchronization. Relays encrypted clipboard events between clients within the same channel.
-
kagi-server
HTTP server for Kagi remote sync
-
envbroker
Secure your
.envfile from coding agent doing stupid execution -
rgp
Enabling E2EE for a range of applications
-
libsm
China's Standards of Encryption Algorithms (SM2/3/4)
-
toolkit-zero
A feature-selective Rust utility crate — a modular collection of opt-in utilities spanning encryption, HTTP networking, geolocation, and build-time fingerprinting. Enable only the features your project requires.
-
dfh
Human-readable disk usage with colorized bars, physical disk grouping, and system volume annotations
-
poulpy-ckks
A backend-agnostic crate implementing the CKKS FHE scheme
-
ensync
A flexible ENcrypted file SYNChroniser suitable for uses where the central location is not fully trusted
-
dotenvage
Dotenv with age encryption: encrypt/decrypt secrets in .env files
-
mlar
A wrapper around the MLA library for common use cases
-
rsecure
file encryption and decryption tool using AES-GCM
-
aef
An encrypted file archiver
-
asymcrypt
Encrypt anything with a key that cannot decrypt what it just wrote
-
encrypt_config
manage, persist and encrypt your configurations
-
aranya-daemon-api
IPC API between the Aranya client and daemon
-
hayate
High-performance completion-based QUIC transfer engine
-
kagi-sync
Remote sync client and protocol types for Kagi
-
lora-snapshot
LoraDB — efficient column-oriented graph snapshots with compression and encryption
-
miou
A Matrix bot for Terraforming Mars game notifications
-
rustls-openssl
Rustls crypto provider for OpenSSL
-
frodo-kem
Pure Rust implementation of FrodoKEM and eFrodoKEM
-
hpke-ng
Clean, fast, RFC 9180 HPKE implementation
-
cuaimacrypt
symmetric hybrid cipher engine — block cipher and stream cipher combined
-
kyomi-datasource
Database provider implementations for Kyomi Connect
-
tangy
Tang server implementation
-
serde-encrypted-value
A Serde Deserializer wrapper which transparently decrypts encrypted values
-
svault-ai
Secret access layer for cooperative AI agents — structured, policy-gated, audited credential access
-
cryptocol
cryptographic library that includes big number arithmetic operations, hash algorithms, symmetric-key encryption/decryption algorithms, asymmetric-key (public-key) encryption/decryption algorithms…
-
pyx
High-performance reverse proxy with h2o configuration compatibility
-
native-ossl
Native Rust idiomatic bindings to OpenSSL
-
seekable-stream-cipher
Seekable stream cipher and encryption/decryption
-
magi-rs
Magi Agent: a terminal AI assistant in Rust with sandboxed tool execution, OAuth login, and encrypted local memory (Argon2 + AES-256-GCM-SIV + Reed-Solomon FEC)
-
dotling
A dotfiles management CLI — track, link, and sync your config files across machines
-
cachekit-core
LZ4 compression, xxHash3 integrity, AES-256-GCM encryption for byte payloads
-
kagi-store
Local storage and key management for Kagi
-
fecr
FerrumCrimper - A fast, Rust-powered CLI tool for efficient file management, compression, and archival with support for multiple formats and secure data handling
-
card-cli
FIDO(U2F, WebAuthn), YubiKey, OpenPGP command line tool
-
rustic_backend
supporting various backends in rustic-rs
-
citadeldb
Citadel: encrypted-first embedded database engine that outperforms unencrypted SQLite
-
sendcipher
Command line interface for encrypted file sharing at sendcipher.com
-
concryptor
A multi-threaded AEAD encryption engine
-
libcrux-psq
Libcrux Pre-Shared post-Quantum key establishement protocol
-
signet-eval
Deterministic authorization for AI agent tool calls
-
paas-client
PEP Authorization API Service client
-
mqdb-core
Core types, storage, schema, and protocol for MQDB
-
ejson
Manage encrypted secrets using public key encryption
-
fsqlite-pager
Page cache and journal management
-
s2-simple-secrets
Secrets — inject secrets into subprocesses without ambient environment exposure
-
gxt-extism-types
Minimal, encrypted, signed and copy-pasteable tokens for manual data exchange between games
-
appdb
Lightweight SurrealDB helper library for Tauri embedded database apps
-
atuin-pty-proxy
a PTY proxy for atuin
-
sad-rsa
Hardened pure Rust RSA implementation with Marvin attack mitigation
-
crab-cryptor
file cryptor
-
huddle-gui
Native desktop GUI (egui/eframe) for huddle — end-to-end-encrypted chat over a Tor onion relay
-
aria
Pure Rust implementation of the ARIA Encryption Algorithm
-
passless-core
Core types and configuration for Passless
-
signedpulse-client
SignedPulse client: periodically proves its source IP to the server with a signed pulse
-
tap-agent
Transaction Authorization Protocol (TAP)
-
paranoid
Misuse-resistant application security and Postgres-backed distributed systems primitives
-
rc5
RC5 block cipher
-
rc6
RC6 block cipher
-
opensecret
Rust SDK for OpenSecret - secure AI API interactions with nitro attestation
-
prolock
securely storing secrets like passwords and plain text snippets in a password-protected file
-
fpe
Format-preserving encryption
-
nethsm-cli
A CLI for the Nitrokey NetHSM
-
Mademoiselle_Entropia
Extremely strong, stupidly simple and relatively fast symmetric cipher.. check out the Readne for explanation. Have a great day, Dear User 💯❤️
-
dpibreak
fast and easy-to-use DPI circumvention tool in Rust
-
sillad-sosistab3
A scramblesuit-like obfuscation protocol within the sillad framework
-
ncryptf-rs
Secure API authentication and end to end encryption
-
tindercrypt
Data encryption with symmetric cryptographic keys or passwords/passphrases, and self-contained encryption metadata
-
rsa_heapless
Pure Rust RSA implementation - heapless fork
-
mdk-core
A simplified interface to build secure messaging apps on nostr with MLS
-
oboron-cli
CLI for the oboron protocol — string-in/string-out symmetric encryption with obtext encoding. Produces the
obandobzbinaries. -
gxt-cli
Minimal, encrypted, signed and copy-pasteable tokens for manual data exchange between games
-
mnemo-core
Core storage, data model, query engine, and indexing for Mnemo
-
snapcast-proto
Snapcast binary protocol implementation
-
kagi-domain
Core domain types and traits for Kagi secrets manager
-
opentalk-roomserver-module-e2ee
End-to-end encryption module for the OpenTalk RoomServer
-
clin-rs
Encrypted terminal note-taking app
-
kk-crypto
KK (Keeney Kode), A novel cryptographic primitive where symbol values are temporal functions of universal entropy
-
stormdrain
A BitTorrent client library
-
key-vault
Enterprise-grade key management vault for Rust. 9-layer defense-in-depth: fragmentation, decoy bytes, codex transform, mlock + zeroize, constant-time ops, security monitoring. Pluggable key fetchers (TPM…
-
atuin-history
The history crate for Atuin
-
chacha20-blake3
Secure, Simple and Fast encryption for any CPU
-
libvault
modified from RustyVault
-
keyrex
Secure, lightweight key-value vault for managing secrets locally using AES-256-GCM encryption
-
heliosdb-nano
PostgreSQL-compatible embedded database with TDE + ZKE encryption, HNSW vector search, Product Quantization, git-like branching, time-travel queries, materialized views, row-level security, and 50+ enterprise features
-
llm-secrets
Workload identity for AI agents — prove who you are, access only what you should, for only as long as you need
Try searching with DuckDuckGo.