Google’s recently announced open source cross-platform cryptographic toolkit, Keyczar, is an excellent time-saver for security application developers. 

Keyczar simplifies implementing of cryptographic functions in applications which typically involves selecting a cryptographic algorithm along with the key length and operation mode, handling of initialization vectors, rotation of keys and the signing of ciphertexts. Keyczar selects “safe defaults” for all these options resulting in fewer mistakes from the developer.

Examples from Google:

Java
Crypter crypter = new Crypter(“/path/to/your/keys”);
String ciphertext = crypter.encrypt(“Secret message”);

Python
crypter = Crypter.Read(“/path/to/your/keys”);
ciphertext = crypter.Encrypt(“Secret message”);

Other open source security projects from Google include RATproxy and Flayer

Share / Save

Canadian wireless device company, Research in Motion (RIM), maker of the popular Blackberry handheld communication device, has finally broken the silence surrounding Indian Government’ demands to handover the “keys” to decrypt secure email communications.

RIM claims that it not possible to handover the decryption keys and claims setting up a local datacenter would serve no purpose given the end-to-end security deployed in its solution. RIM further declared that its solution architecture is designed in a way that does not allow any third party including RIM to read the email data under any circumstances. (more…)

Share / Save