cloak alternatives and similar packages
Based on the "Cryptography" category.
Alternatively, view cloak alternatives based on common mentions on social networks and blogs.
-
comeonin
Password hashing specification for the Elixir programming language -
nimble_totp
A tiny Elixir library for time-based one time passwords (TOTP) -
pot
POT is an Erlang library for generating Google Authenticator compatible one time passwords -
one_time_pass_ecto
No longer maintained - One-time password library with Ecto support (for Elixir) -
siphash-elixir
An Elixir implementation of the SipHash cryptographic hash family -
ntru_elixir
Elixir wrapper around libntru. NTRU is a post quantum cryptography algorithm. -
crypto_rsassa_pss
RSASSA-PSS Public Key Cryptographic Signature Algorithm for Erlang and Elixir. -
ex_bcrypt
Elixir wrapper for the OpenBSD bcrypt password hashing algorithm
Build time-series-based applications quickly and at scale.
Do you think we are missing an alternative of cloak or a related project?
Popular Comparisons
README
Cloak
Cloak is an Elixir encryption library that implements several best practices and conveniences for Elixir developers:
- Random IVs
- Tagged ciphertexts
- Elixir-native configuration
Documentation
- Hex Documentation (Includes installation guide)
- How to upgrade from Cloak 0.9.x to 1.0.x
Examples
Encrypt / Decrypt
{:ok, ciphertext} = MyApp.Vault.encrypt("plaintext")
# => {:ok, <<1, 10, 65, 69, 83, 46, 71, 67, 77, 46, 86, 49, 45, 1, 250, 221,
# => 189, 64, 26, 214, 26, 147, 171, 101, 181, 158, 224, 117, 10, 254, 140, 207,
# => 215, 98, 208, 208, 174, 162, 33, 197, 179, 56, 236, 71, 81, 67, 85, 229,
# => ...>>}
MyApp.Vault.decrypt(ciphertext)
# => {:ok, "plaintext"}
Reencrypt With New Algorithm/Key
"plaintext"
|> MyApp.Vault.encrypt!(:aes_256)
|> MyApp.Vault.decrypt!()
|> MyApp.Vault.encrypt!(:aes_256)
|> MyApp.Vault.decrypt!()
# => "plaintext"
Configuration
config :my_app, MyApp.Vault,
ciphers: [
# In AES.GCM, it is important to specify 12-byte IV length for
# interoperability with other encryption software. See this GitHub issue
# for more details: https://github.com/danielberkompas/cloak/issues/93
#
# In Cloak 2.0, this will be the default iv length for AES.GCM.
aes_gcm: {Cloak.Ciphers.AES.GCM, tag: "AES.GCM.V1", key: <<...>>, iv_length: 12},
aes_ctr: {Cloak.Ciphers.AES.CTR, tag: "AES.CTR.V1", key: <<...>>}
]
Features
Random Initialization Vectors (IV)
Every strong encryption algorithm recommends unique initialization vectors.
Cloak automatically generates unique vectors using
:crypto.strong_rand_bytes
, and includes the IV in the ciphertext.
This greatly simplifies storage and is not a security risk.
Tagged Ciphertext
Each ciphertext contains metadata about the algorithm and key which was used to encrypt it. This allows Cloak to automatically select the correct key and algorithm to use for decryption for any given ciphertext.
This makes key rotation much easier, because you can easily tell whether any given ciphertext is using the old key or the new key.
Elixir-Native Configuration
Cloak works through Vault
modules which you define in your app, and add
to your supervision tree.
You can have as many vaults as you wish running simultaneously in your project. (This works well with umbrella apps, or any runtime environment where you have multiple OTP apps using Cloak)
Ecto Support
You can use Cloak to transparently encrypt Ecto fields, using
cloak_ecto
.
Security Notes
- Cloak is built on Erlang's
crypto
library, and therefore inherits its security. - You can implement your own cipher modules to use with Cloak, which may use any other encryption algorithms of your choice.