Why do I even need to choose?

When building your next app, you might realize that you need to encrypt the data. There are two main reasons for that:

Even though there are multiple tools for doing just that, not all of those tools are equal. By just taking some random algorithm from CommonCrypto and using StackOverflow example to implement it, you'll fail. Remember, cryptography is hard (read this essay and this presentation), and it's very easy to get it wrong.

Choose your destiny!

So, you need to make your choice consciously. While thinking about your cryptographic tools, it's very useful to keep your goal in mind:

protect the sensitive data in certain context from modification and 3rd party eyes, and be able to trust sender of the data.

So, how do we reach that?



click to enlarge or open in new window to see even smaller details

Professor vs developer dilemma

When designing data protection, what you will end up with is not just 'algorithm' (the good ones are already invented by professionals and delivered to you in any library), but a cryptosystem - a combination of algorithms, storage formats, protocols, etc. Remember about "the goal"?

Algorithms don't fulfil goals, cryptosystems do. Equally, algorithm weaknesses themselves are not the problem (they could be used in a form, in which their vulnerabilities cannot be exploited), cryptosystem weaknesses are the problem: if they do deliver their guarantees, they're fine, if they don't - they're not.

And this is the basis on which you might want to choose either professor-way tools or the developer-way tools.

The professor-way tools: build your own crypto.

This is the DIY approach. These frameworks give you low-level primitives and expect you to connect them wisely into a cryptographic system.

This requires you to know cryptography and computer security well. In essence, professor way is about composing cryptosystems yourself. If you know cryptography well - why not, you might come up with a specific solution for your specific goal, make it elegant and specific. But, with certain drawbacks: when new vulnerabilities are found, or new technical demands arise to security guarantees you've tried to reach, you'll have to address them yourself, maintaining and updating your code on all platforms. What if new challenges are outside of your knowledge set and nobody yet has a good formal answer? Wait for security researchers to complete their work?

The developer-way tools: boring crypto

... case in the previous paragraph is quite far from ideals of boring crypto, something you might want as a regular developer: crypto that simply works, solidly resists attacks, never needs any upgrades. Although existing products (even author of manifesto's own NaCl and it's port LibSodium went through a number of updates) don't yet completely fit the boring crypto description, aiming for minimal user friction is what should make the developer happy.

There are a few frameworks designed specifically with that requirement in mind and our library, Themis, is one of them. We believe that in most cases you're happy with the easy path: press the button and you're done. Moreover, author of aforementioned quote has designed a beautiful library NaCl, which has several iOS ports and deep respect in cryptographic and security community.

You will get there anyway

But why don't you just copy a few bits of code from StackOverflow for the first library that comes to your mind and forget about it? The text is scrambled, your job is done?

Frequently, developers have concept of "it works, so it's correct". This is definitely not the case with cryptography: you might throw good plaintext and receive randomly-looking sequences of characters, but that doesn't mean that your cryptography is correct, it only means that your cryptography does something weird to the text. This is not exactly the goal of cryptography - the goal is to resist professional attacks, who are able to use well-developed set of tools, algorithms and attacks to break your protection.

So, it's vital to get this right: only knowing that your cryptography works properly gets you there. It's either a question of trust for the tools or trust in your own knowledge to build one for yourself.

Tools to use and try

In order of appearance in the scheme.