Go high-performance encryption utility. gohpenc highly resembles hpenc tool (https://github.com/vstakhov/hpenc). hpenc solves the problem that there is no simple tool to quickly transfer data with encryption and authentication: * openssl enc -- uses single CPU, no authentication * GnuPG -- complex key generation/management, relatively slow * OpenSSH -- uses single CPU, not very fast Why gohpenc was written? hpenc has some problems: it does not work on aarch64 and sparc64 architectures under FreeBSD (as seen in the port's Makefile) and produces incompatible output (unauthenticated after 8192 blocks) between FreeBSD and HardenedBSD systems somehow. Instead of painful debugging I decided to write something similar on the Go language, widening supported platforms. gohpenc is incompatible with hpenc and much simpler: * it uses only XChaCha20-Poly1305 algorithm * no random data generation mode * no metadata in output stream and no structure validation. Only blocks authentication * no key derivation -- new key for each block But it still satisfies most of hpenc aims: * Very simple key management -- single pre-shared key * Parallelizeable -- each block is encrypted in different thread, so all your CPUs could be utilized * Very fast -- ChaCha20-Poly1305 is fast even on relatively low-end devices like mobile devices. Despite gohpenc is written on Go, its dependent libraries contain assembly-optimized code * Built-in authentication and integrity check with small data overhead Usage is very simple: $ gohpenc -psk DTGZI5R2HS4YEDSIO56AFKPONE6KJE3Q2QETODDOH3O6UYFPROHQ $ echo "message to be transmitted" | gohpenc -k DTGZI5R2HS4YEDSIO56AFKPONE6KJE3Q2QETODDOH3O6UYFPROHQ > encrypted $ gohpenc -k DTGZI5R2HS4YEDSIO56AFKPONE6KJE3Q2QETODDOH3O6UYFPROHQ -d < encrypted How encryption/authentication is performed: * First 16 bytes of the stream contain random data -- nonce salt * XChaCha20-Poly1305 algorithm is initialized with the key and 24-byte nonce, where 16 bytes is the salt, and 8 bytes is 64-bit unsigned big-endian block number * 32-bit big-endian value with the length of the block is outputted, then an encrypted and authenticated block goes further, with authenticated data containing that 32-bit length value /----------BLOCK-------------\ /----------BLOCK------------\ +------+-----+------------+----------+-----+------------+----------+---- | SALT | LEN | CIPHERTEXT | AUTH TAG | LEN | CIPHERTEXT | AUTH TAG | ... +------+-----+------------+----------+-----+------------+----------+---- gohpenc preallocates memory for one block for each thread and one block for buffered reading from stdin. If you want to process data with 1 MiB blocks in 4 threads, then you have to have at least 5 MiBs of free memory. Moreover you have at least 1 MiB of free memory on the decrypting side. gohpenc is free software: see the file COPYING for copying conditions.