Cryptography

Key derivation: Argon2id

To derive an encryption key from a password, Algebraic uses Argon2id, the winner of the Password Hashing Competition. To balance interactive use with security, we reviewed recommendations from the Argon2id specification and meticulously benchmarked a matrix of parameter combinations.

The randomly-generated 16-byte salt is obtained from cryptographically-secure functions based on the getentropy(2) system call available on macOS.

Algebraic currently uses the following parameters with Argon2id.

Argon2id parameter Value Description
Memory 3072 MiB The amount of memory used
Parallelism =number of logical CPUs Threads used to fill memory
Time 1 Iterations over memory

Encryption: XChaCha20

For encryption, Algebraic uses XChaCha20-Poly1305 (header data) and XChaCha20 (file data) with a 256-bit encryption key. The extended 24-byte random nonce for these algorithms is obtained from cryptographically-secure functions based on the getentropy(2) system call available on macOS.

The ChaCha family of ciphers has been adopted by Google, Cloudflare, and other prominent companies in their systems, is standardized in TLS, and forms the basis for random number generators in security-conscious operating systems such as OpenBSD.


All of Algebraic’s encryption algorithms use vetted, open source implementations.

Read about the file format that Algebraic uses.