Note: I had to break the links here, because of silly restrictions, which prevent users from posting multiple links.
When implementing the crypto, here my suggestion for a robust and safe implementation:
The NaCL is a recent encryption library by the famous cryptographer Daniel J. Bernstein. It is based on the elliptical curve Curve25519, considered secure and - what is important - easy to implement. It tries to minify the things, which can go wrong Now a library called Libsodium makes it even easier - and failure-proof - to use the encryption.
So I’d suggest to use this when implementing crypto-stuff there (it includes a secure pseudo random nubmer generator and more). Alternatively - if you really need it - Libsodium also offers AES GCM, which is the mode you should use for AES.
Why?
- elliptical curves are fast, way faster than other algorithms - don’t know how it works for Salsa20 or so, but I think it should also be fast
- it is robust
- it offers bindings in multiple languages (so usable cross-platform)
- it is not “invent your own crypto” (you avoid the question “Which AES mode should I use?”)
- NaCl is used in famous messengers such as Signal, Threema, Allo or WhatsApp
BTW if any admin might want to add this info to hxxps://github.com/syncthing/syncthing/issues/109 - as the issue was closed there, please do as it really won’t help if someone implements this important stuff in a wrong way.