Minisign is a dead simple tool to sign files and verify signatures. It is portable, lightweight, and uses the highly secure Ed25519 public-key signature system. Signature written by minisign can be verified using OpenBSD's signify tool: public key files and signature files are compatible. However, minisign uses a slightly different format to store secret keys. Minisign signatures include trusted comments in addition to untrusted comments. Trusted comments are signed, thus verified, before being displayed.

stoken is a token code generator compatible with RSA SecurID 128-bit (AES) tokens. This package contains a standalone command-line program that allows for importing token seeds, generating token codes, and various utility/testing functions.

Asignify offers public cryptographic signatures and encryption with a library or a command-line tool. The tool is heavily inspired by signify as used in OpenBSD. The main goal of this project is to define a high level API for signing files, validating signatures and encrypting using public-key cryptography. Asignify is designed to be portable and self-contained with zero external dependencies. Asignify can verify OpenBSD signatures, but it cannot sign messages in OpenBSD format yet.

This package provides a crate to sign files and verify signatures.

The Olm library implements the Double Ratchet cryptographic ratchet. It is written in C and C++11, and exposed as a C API.

ssss-split and ssss-combine are utilities that split and combine secrets securely using Shamir's secret sharing scheme. This implementation allows for a threshold scheme where the minimum number of shares can be less than the total number of shares generated.

RHash is a console utility for calculation and verification of magnet links and a wide range of hash sums like CRC32, MD4, MD5, SHA1, SHA256, SHA512, SHA3, AICH, ED2K, Tiger, DC++ TTH, BitTorrent BTIH, GOST R 34.11-94, RIPEMD-160, HAS-160, EDON-R, Whirlpool and Snefru.

Tomb is an application to manage the creation and access of encrypted storage files: it can be operated from commandline and it can integrate with a user's graphical desktop.

ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a fast pseudo-random number generator. It is suitable for applications where a significant amount of random data needs to be produced quickly, such as solving using the Monte Carlo method or for games. The results are uniformly distributed, unbiased, and unpredictable unless you know the seed.

This package implements the same interface as Math::Random::ISAAC.

libxcrypt is a modern library for one-way hashing of passwords. It supports a wide variety of both modern and historical hashing methods: yescrypt, gost-yescrypt, scrypt, bcrypt, sha512crypt, sha256crypt, md5crypt, SunMD5, sha1crypt, NT, bsdicrypt, bigcrypt, and descrypt.

The Olm library implements the Double Ratchet cryptographic ratchet. It is written in C and C++11, and exposed as a C API.

This package provides b3sum, a command line checksum tool based on the BLAKE3 cryptographic hash function.

ccrypt is a utility for encrypting and decrypting files and streams. It was designed as a replacement for the standard unix crypt utility, which is notorious for using a very weak encryption algorithm. ccrypt is based on the Rijndael block cipher, a version of which is also used in the Advanced Encryption Standard (AES, see http://www.nist.gov/aes). This cipher is believed to provide very strong security.

This package provides a cryptographic hash function that is fast, secure, parallelizable, capable of incremental updates.

BLAKE2 is a cryptographic hash function faster than MD5, SHA-1, SHA-2, and SHA-3, yet is at least as secure as SHA-3.

Crypto++ is a C++ class library of cryptographic schemes.

CryFS encrypts your files, so you can safely store them anywhere. It works well together with cloud services like Dropbox, iCloud, OneDrive and others. CryFS creates an encrypted userspace filesystem that can be mounted via FUSE without root permissions. It is similar to EncFS, but provides additional security and privacy measures such as hiding file sizes and directory structure. However CryFS is not considered stable yet by the developers.

This package provides architecture-specific implementations of the CRC32C algorithm, which is specified in RFC 3720, section 12.1.

mkp224o generates valid ed25519 (hidden service version 3) onion addresses. It allows one to produce customized vanity .onion addresses using a brute-force method.

Botan is a cryptography library, written in C++11, offering the tools necessary to implement a range of practical systems, such as TLS/DTLS, PKIX certificate handling, PKCS#11 and TPM hardware support, password hashing, and post-quantum crypto schemes. In addition to the C++, botan has a C89 API specifically designed to be easy to call from other languages. A Python binding using ctypes is included, and several other language bindings are available.

Cryptsetup is a utility used to conveniently set up disk encryption based on the dm-crypt Linux kernel module. It is most often used to manage LUKS volumes but also supports plain dm-crypt volumes and loop-AES, TrueCrypt (including VeraCrypt extension), and BitLocker formats.

LUKS is the standard for hard disk encryption with the kernel Linux. It provides a standard on-disk-format compatible amongst distributions as well as secure management of multiple user passwords. LUKS stores all necessary setup information in the partition header to facilitate data transport and migration.

The package also includes the veritysetup and integritysetup utilities to conveniently configure the dm-verity and dm-integrity block integrity kernel modules.

Cryptsetup is a utility used to conveniently set up disk encryption based on the dm-crypt Linux kernel module. It is most often used to manage LUKS volumes but also supports plain dm-crypt volumes and loop-AES, TrueCrypt (including VeraCrypt extension), and BitLocker formats.

LUKS is the standard for hard disk encryption with the kernel Linux. It provides a standard on-disk-format compatible amongst distributions as well as secure management of multiple user passwords. LUKS stores all necessary setup information in the partition header to facilitate data transport and migration.

The package also includes the veritysetup and integritysetup utilities to conveniently configure the dm-verity and dm-integrity block integrity kernel modules.

Cryptsetup is a utility used to conveniently set up disk encryption based on the dm-crypt Linux kernel module. It is most often used to manage LUKS volumes but also supports plain dm-crypt volumes and loop-AES, TrueCrypt (including VeraCrypt extension), and BitLocker formats.

LUKS is the standard for hard disk encryption with the kernel Linux. It provides a standard on-disk-format compatible amongst distributions as well as secure management of multiple user passwords. LUKS stores all necessary setup information in the partition header to facilitate data transport and migration.

The package also includes the veritysetup and integritysetup utilities to conveniently configure the dm-verity and dm-integrity block integrity kernel modules.

Hewlett-Packard printer drivers and PostScript Printer Descriptions (PPDs).