Niels Möller nisse at
Mon Dec 9 21:48:53 CET 2013

Nikos Mavrogiannopoulos <nmav at> writes:

> Could libgcrypt and nettle share the low level algorithms so
> improvements on one project will be shared with the other?

To me, it would make sense to have gcrypt add its interfaces on top of
Nettle. I hope there should be minimal overhead (in code complexity as
well as running time overhead). It was my intention from the start that
it should be easy to build other frameworks on top of Nettle.

I'm not sure what obstacles, technical or others, there are. At least
Nettle is now LGPL licenced (v2 or later). Any pieces missing which are
essential for gcrypt? (E.g., currently Nettle has no runtime selection
of cpu-specific code).

> In the end I feel disappointed to see that because of that, even the
> gnulib people will use openssl's libcrypto because it is faster:

I totally agree.

(And OpenSSL is not always faster than Nettle. On my home machine, a
low end x86_64 AMD E-350, Nettle's AES is some 130% faster than
openssl (which surprises me), sha1 is 20% faster than openssl, ecdsa is
300% faster for signing and 75% faster for verification. But on
many machines, Nettle is a bit slower than openssl for sha1 and md5,
which might be the most important things for gnulib).


Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.

More information about the Gcrypt-devel mailing list