Skip to content

Modern Cryptography 
for C++

Actively maintained fork of Crypto++ with modern algorithms, 
better organisation, and regular security updates.

Get Started View on GitHub

Why cryptopp-modern?

🔐 Modern Algorithms

Post-quantum cryptography (ML-KEM, ML-DSA, SLH-DSA, LMS/HSS), BLAKE3 hash function, and Argon2 password hashing (RFC 9106) - algorithms built for current and future security requirements.

🔄 Active Maintenance

Regular releases with security patches. Calendar versioning (2026.6.0) for clear release tracking.

📦 Drop-in Compatible

Full backward compatibility with Crypto++ 8.9.0. Same namespace, same APIs. Easy migration.

🏗️ Better Organisation

Source files organised in categorised directories. Easier to navigate and understand.

✅ Thoroughly Tested

45+ build configurations across Windows, Linux, and macOS. Sanitizer testing for memory safety.

🆓 Free & Open Source

Boost Software License 1.0. All code is public. No restrictions on commercial use.

What’s New in 2026.6.0

  • LMS/HSS (SP 800-208) - Stateful hash-based signatures with durable state management (guide)
  • FileStateStore - Reference durable backend for signing state persistence
  • PK_StatefulSigner - Explicit stateful signing framework (not interchangeable with PK_Signer)
  • PQC Save/Load coverage - DER round-trip validation tests added for ML-KEM, ML-DSA, and SLH-DSA keys
  • Android CI - Build coverage extended to x86_64 and x86 ABIs alongside the existing ARM lanes

Previously in 2026.5.2

  • ASN.1 DERReencode depth cap - 32-level recursion limit matching OpenSSL ASN1_MAX_CONSTRUCTED_NEST; prevents stack exhaustion on nested constructed indefinite BER
  • Ed25519 scalar canonicality - Donna and NaCl verifiers reject signatures with S >= L per RFC 8032
  • Ed25519 small-order public keys - ed25519PublicKey::Validate rejects small-order keys at validation level 2 or higher

Previously in 2026.5.1

  • BLAKE3 AArch64 correctness - Removed broken fork-local NEON single-block path; AArch64 now matches the BLAKE3 reference implementation
  • Android CMake - Restored automatic staging of cpu-features.h for NDK builds
  • armv7 NEON build - Fixed AArch64-only intrinsic that broke 32-bit ARM NEON builds

Previously in 2026.5.0

  • CVE-2023-50980 hardening - Strict trinomial/pentanomial ordering and field-degree cap in BERDecodeGF2NP
  • CVE-2023-50981 hardening - Rabin private-key primality checks now throw BERDecodeError; ModularSquareRoot iteration cap at 10,000

Previously in 2026.3.0

  • ML-KEM (FIPS 203) - Post-quantum key encapsulation (ML-KEM-512, ML-KEM-768, ML-KEM-1024)
  • ML-DSA (FIPS 204) - Post-quantum digital signatures (ML-DSA-44, ML-DSA-65, ML-DSA-87)
  • SLH-DSA (FIPS 205) - Stateless hash-based signatures (all 12 parameter sets)
  • X-Wing - Hybrid KEM combining ML-KEM-768 and X25519

View Full Changelog

Quick Example 

#include <cryptopp/blake3.h>
#include <cryptopp/hex.h>
#include <iostream>

int main() {
    CryptoPP::BLAKE3 hash;
    std::string message = "Hello, cryptopp-modern!";
    std::string digest;

    CryptoPP::StringSource(message, true,
        new CryptoPP::HashFilter(hash,
            new CryptoPP::HexEncoder(
                new CryptoPP::StringSink(digest))));

    std::cout << "BLAKE3: " << digest << std::endl;
    return 0;
}