Replicator is a highly work-in-progress library containing primitives for implementing and interacting with secure, encrypted, authenticated archives
Replicator is very intentionally not generic over the cryptography primitives used, see the author's blog for more context. The currently used set of primitives is as follows
|Balloon Hashing with Blake3
All data and metadata in a Replicator archive is authenticated with Blake3-MAC.
The author of this library has done his best to provide a curated choice of cryptographic primitives that is difficult to misuse, and to provide a misuse resistant api on top of the primitives that should, ideally, be suitable for general use.
This, however, is no guarantee of safety. Not only is the author but a fallible, error prone human, but cryptography is complicated. Complicated interactions can occur between cryptographic primitives when they are combined together, with potentially catastrophic unexpected consequences. Any analysis of the security of your cryptosystem must be holistic, and you must consider how your application interacts with this library's use of the underlying cryptographic primitives.
I have tried to compile a set of cryptographic primitives that avoid most of the common pitfalls, however, that is no guarantee of your saftey, I can not guard against every potential interaction. If you do not feel qualified to make such an analysis, it is probably wise to reconsider use of this library.
That said, I'm not here to tell you what to do, go nuts, just whatever happens, you have been warned, and the author cannot be held responsible for the results of your own hubris.