Learn when Buddy is a good fit for Clojure cryptography, how to use authenticated encryption more safely, and why key management matters more than clever crypto wrappers.
Cryptography: The use of carefully designed algorithms and keys to protect confidentiality, integrity, authenticity, or all three.
Buddy remains one of the best-known Clojure cryptography toolkits. That does not mean the hard part of cryptography is calling Buddy functions. The hard part is choosing the right primitive, protecting keys, rotating secrets, and making sure the application boundary uses the primitive for the right job.
Different problems need different tools:
One of the most expensive security mistakes is using encryption where hashing was needed, or using a fast general-purpose hash where password hashing was required.
Buddy gives you a practical API for common crypto operations. It does not solve:
That means Buddy should sit inside a wider security design, not become the entire plan.
If you encrypt application data, you usually want integrity protection too. Buddy’s high-level API supports authenticated schemes such as AES-GCM.
1(ns myapp.crypto
2 (:require [buddy.core.codecs :as codecs]
3 [buddy.core.crypto :as crypto]
4 [buddy.core.nonce :as nonce]))
5
6(defn encrypt-payload [plaintext key]
7 (let [iv (nonce/random-bytes 16)
8 ciphertext (crypto/encrypt
9 (codecs/to-bytes plaintext)
10 key
11 iv
12 {:algorithm :aes256-gcm})]
13 {:iv iv
14 :ciphertext ciphertext}))
15
16(defn decrypt-payload [{:keys [iv ciphertext]} key]
17 (-> (crypto/decrypt ciphertext key iv {:algorithm :aes256-gcm})
18 (codecs/bytes->str)))
The example is intentionally small. In production, the key should come from a secret manager, KMS, HSM-backed workflow, or similarly controlled source, not from a hardcoded string.
The most dangerous crypto bugs are often operational:
If the system encrypts real data, document:
Do not use general encryption APIs to “protect” passwords. Passwords should be verified with dedicated password-hashing libraries or delegated to an external identity system. Buddy’s broader crypto tools and password-hashing tools serve different problems.
For most teams, the biggest improvement comes from key discipline:
Good cryptography with weak key management becomes an expensive illusion of safety.
This turns encryption into a source-control problem.
Signing, encryption, password handling, and token issuance usually need distinct lifecycles.
Passwords should be verified, not reversibly encrypted for later recovery.
Examples teach mechanics. Production needs managed randomness and real key ownership.
Use Buddy as a focused Clojure crypto toolkit, but design the system around authenticated encryption, distinct key purposes, managed key sources, and explicit rotation rules. Encrypt only what needs confidentiality, hash only where one-way transformation is the goal, and never let convenience blur those boundaries. In Clojure, the strongest crypto code is usually small. The hard engineering work lives around it.