CryptographyDEV
Text encoding, cryptographic hashing, symmetric & asymmetric encryption.
About Cryptography Toolkit
Overview
This toolkit integrates 20+ industry-standard cryptographic algorithms, covering four major categories: text encoding, cryptographic hashing, symmetric encryption, and asymmetric encryption.
100% Client-Side Processing—
Zero Network Transmission:
All cryptographic operations are performed locally on your device. All sensitive data (plaintext, ciphertext, keys, etc.) never leaves your device, ensuring complete privacy and security.
Select a specific algorithm to view detailed technical documentation, including algorithm history, security analysis, recommended parameters, and professional guidance.
100% Client-Side Processing—
Zero Network Transmission:
All cryptographic operations are performed locally on your device. All sensitive data (plaintext, ciphertext, keys, etc.) never leaves your device, ensuring complete privacy and security.
Select a specific algorithm to view detailed technical documentation, including algorithm history, security analysis, recommended parameters, and professional guidance.
Argon2
Argon2 is the winner of the 2015 Password Hashing Competition, designed by Alex Biryukov, Daniel Dinu, and Dmitry Khovratovich. It's currently the most secure password hashing algorithm, specifically designed for password storage and key derivation.
Algorithm Features: Argon2 has three variants:
• Argon2d: Resistant to GPU cracking, but may be vulnerable to side-channel attacks
• Argon2i: Resistant to side-channel attacks, suitable for password hashing
• Argon2id (Recommended): Combines advantages of both, the best choice
Argon2 uses memory-hard design, requiring large amounts of memory to compute, significantly increasing the cost of cracking with specialized hardware like GPUs, ASICs, and FPGAs. It also supports adjustable time cost, memory cost, and parallelism.
Output Format Description: Argon2 uses the PHC String Format (Password Hashing Competition String Format), which is the standard format for password hashing algorithms, unlike regular hash algorithms (like MD5, SHA-256) that only output hash values.
Output format:
• $argon2id - Algorithm variant (argon2d/argon2i/argon2id)
• v=19 - Version number (0x13 = 19)
• m=19456,t=2,p=1 - Parameters (memory cost/time cost/parallelism)
• salt - Base64-encoded random salt
• hash - Base64-encoded password hash
Advantages of this self-contained format: Each hash generation is different (random salt), contains all information needed for verification, can adjust parameters to enhance security, prevents rainbow table attacks.
Why Strongly Recommended: Argon2 is the cryptographic community's recognized best practice for password storage. It far exceeds bcrypt, scrypt, and PBKDF2 in security, being the only algorithm specifically designed to resist modern attacks (GPU clusters, cloud computing brute-force).
Security Advantages:
• GPU Resistance: Memory-intensive design greatly reduces GPU advantages
• ASIC Resistance: Custom hardware cost-effectiveness far lower than traditional algorithms
• Side-Channel Resistance: Argon2i/id variants provide protection
• Adjustability: Can adjust security parameters based on hardware upgrades
Application Scenarios:
• User Password Storage: Password hashing for web and mobile applications
• Key Derivation: Deriving encryption keys from passwords
• High-Security Scenarios: Financial, healthcare, government systems
Parameter Recommendations: OWASP recommended configuration (2023):
• Memory: 19 MiB (19456 KiB)
• Iterations: 2
• Parallelism: 1
Password Verification: In "decode" mode, passwords can be verified with input format
Strongly recommended for all new project password storage, existing systems should migrate from bcrypt/PBKDF2 to Argon2 as soon as possible.
Algorithm Features: Argon2 has three variants:
• Argon2d: Resistant to GPU cracking, but may be vulnerable to side-channel attacks
• Argon2i: Resistant to side-channel attacks, suitable for password hashing
• Argon2id (Recommended): Combines advantages of both, the best choice
Argon2 uses memory-hard design, requiring large amounts of memory to compute, significantly increasing the cost of cracking with specialized hardware like GPUs, ASICs, and FPGAs. It also supports adjustable time cost, memory cost, and parallelism.
Output Format Description: Argon2 uses the PHC String Format (Password Hashing Competition String Format), which is the standard format for password hashing algorithms, unlike regular hash algorithms (like MD5, SHA-256) that only output hash values.
Output format:
$argon2id$v=19$m=19456,t=2,p=1$salt$hash• $argon2id - Algorithm variant (argon2d/argon2i/argon2id)
• v=19 - Version number (0x13 = 19)
• m=19456,t=2,p=1 - Parameters (memory cost/time cost/parallelism)
• salt - Base64-encoded random salt
• hash - Base64-encoded password hash
Advantages of this self-contained format: Each hash generation is different (random salt), contains all information needed for verification, can adjust parameters to enhance security, prevents rainbow table attacks.
Why Strongly Recommended: Argon2 is the cryptographic community's recognized best practice for password storage. It far exceeds bcrypt, scrypt, and PBKDF2 in security, being the only algorithm specifically designed to resist modern attacks (GPU clusters, cloud computing brute-force).
Security Advantages:
• GPU Resistance: Memory-intensive design greatly reduces GPU advantages
• ASIC Resistance: Custom hardware cost-effectiveness far lower than traditional algorithms
• Side-Channel Resistance: Argon2i/id variants provide protection
• Adjustability: Can adjust security parameters based on hardware upgrades
Application Scenarios:
• User Password Storage: Password hashing for web and mobile applications
• Key Derivation: Deriving encryption keys from passwords
• High-Security Scenarios: Financial, healthcare, government systems
Parameter Recommendations: OWASP recommended configuration (2023):
• Memory: 19 MiB (19456 KiB)
• Iterations: 2
• Parallelism: 1
Password Verification: In "decode" mode, passwords can be verified with input format
plain_text|phc_result (password and hashed result separated by vertical bar).Strongly recommended for all new project password storage, existing systems should migrate from bcrypt/PBKDF2 to Argon2 as soon as possible.