◈ crypto::compare← Algorithm Reference

About & Methodology

What this is, who it's for, how the data is sourced, and what it is not.

This is an educational reference, not a substitute for a cryptographic review. Use it to shortlist and understand algorithms — then validate any production decision against current standards, your own threat model, and, for high-stakes systems, a qualified cryptographer.

What it is

crypto::compare is a curated, side-by-side reference for 97 cryptographic algorithms across 17 categories — symmetric encryption, KEMs, signatures, hashes, KDFs, MACs, threshold and multi-party schemes, and more. Every entry carries security estimates, recommendation level, known attacks, deployment notes, and primary-source citations. It pairs with companion tools: an algorithm advisor, safe defaults, migration guides, implementation maps, and interactive labs.

Who it's for

Engineers, architects, and students who need to choose cryptography — not implement primitives from scratch. If you are deciding “which KEM,” “is PBKDF2 still acceptable,” or “what does a post-quantum migration look like,” this is built for you.

Threat model & scope

  • Recommendations assume a standard adversary: a well-resourced attacker bounded by publicly known cryptanalysis, including a future large-scale quantum computer for post-quantum labels. They do not model nation-state implementation backdoors, supply-chain compromise, or physical coercion.
  • Security estimates reflect known attacks and public literature at review time. They are guidance, not certification, and can change as cryptanalysis advances.
  • Scope is algorithm selection and tradeoffs — not protocol design, key management operations, or constant-time implementation, each of which can undo a sound algorithm choice.

How the data is sourced & verified

Every algorithm cites primary sources — NIST FIPS/SP, IETF RFCs, ISO, CRYPTREC, KPQC, GB/T, GOST, DSTU, and peer-reviewed Eurocrypt/CRYPTO proceedings. A build-time check rejects entries lacking primary-source citations, and a separate job keeps the linked interactive labs in sync with the live catalog. The dataset and its full provenance are open source.

Update cadence & freshness

Each algorithm's lastReviewed date records when its claims and citations were last re-verified against primary sources. On June 2026 all 97 entries were re-verified in a single pass (dataset v1.1.0), so they share that date — a genuine source-verification stamp, not a claim that each was independently re-derived on a different day. That pass confirmed primary-source citations resolve and support each claim, refreshed post-quantum standardization status, and corrected stale or broken references.

What that review is and is not: it is automated primary-source re-verification and a cryptanalysis scan — not an expert cryptographer's sign-off. Automated freshness checks flag entries older than 180 days so reviews don't silently lapse. Treat research-grade entries as a prompt to verify more aggressively against your own threat model.

What it is not

  • Not a crypto library — do not copy parameters into production without verifying against current standards.
  • Not a compliance attestation or a security audit of your system.
  • Not exhaustive — niche, deprecated, or regional schemes may be missing or summarized.

Source & contributions

The project is open source. Corrections, citations, and new algorithms are welcome via pull request.

Source & dataset on GitHub ↗ · Security policy ↗ · Interactive lab catalog ↗