trying to understand how keyring encrypt/decrypt keys and what sort of algorithm it uses. Is that different among the operating system? And, would like to know whether keyring package allow to use the new encryption algorithm?

Yes, it is different, and it uses whatever the OS credential store uses.

The encrypted file backend uses libsodium through the sodium R package, which uses the crypto_secretbox_easy() API: https://libsodium.gitbook.io/doc/secret-key_cryptography/secretbox#algorithm-details

You cannot easily use a new encryption algorithm for the OS level credential stores. But you can implement a new backend, that is similar to the current encrypted file backend, and your new backend can use any algorithm you like. (Hopefully you can do this without modifying the keyring package, if not, then we can fix that.)

Hi, thanks a lot! i think this info will help a lot. however we have to use some standard algorithm for managing the credentials. but is there anyway to check what sort of algorithm OS credential store uses especially in Linux and windows.

On Linux, you can use various backends, the secret service backend uses the libsecret library available on the machine, so you can see its documentation. Or you can use the encrypted file backend, see above.

On Windows, you'll need to see if Microsoft has documented the details of the encryption of the credential store, on the various versions of Windows. keyring uses these functions:
https://docs.microsoft.com/en-us/windows/win32/api/wincred/
here: https://github.com/r-lib/keyring/blob/master/src/keyring_wincred.c

Great. thanks. want to have some more clarity on the encrypted backend file. Is this feature different between libsodium and keyring package? if not, can we just use keyring package?

I am not sure what you mean, sorry.

which package (either keyring or sodium) we should use for encrypted file backend

You use keyring, which uses sodium internally, which uses libsodium.

Thanks.