Welcome to WebmasterWorld Guest from 54.226.25.231

Forum Moderators: goodroi

Message Too Old, No Replies

Google releases keyCzar - open source cryptographic toolkit

     

Tastatura

3:52 pm on Aug 12, 2008 (gmt 0)

5+ Year Member



Keyczar is a cryptographic toolkit that supports encryption and authentication for both symmetric and public-key algorithms. It addresses some of the ... issues by choosing safe defaults, tagging outputs with key version information, and providing a simple application programming interface. Keyczar's key versioning system makes it easy to rotate and revoke keys, without worrying about backward compatibility or making any changes to source code.

Suppose an application needs to encrypt a URL parameter value with a symmetric key. Normally, a developer would need to decide which algorithm to use, the key length to use, the mode of operation, how to handle initialization vectors, how to rotate keys, and how to sign ciphertexts. Keyczar simplifies these choices. Using an existing keyset, a Java developer would just need to call the following:

Crypter crypter = new Crypter("/path/to/your/keys");
String ciphertext = crypter.encrypt("Secret message");

Similarly a Python developer would just call the following:

crypter = Crypter.Read("/path/to/your/keys");
ciphertext = crypter.Encrypt("Secret message");

[googleonlinesecurity.blogspot.com...]
[code.google.com...]

engine

4:03 pm on Aug 12, 2008 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month




System: The following message was spliced on to this thread from: http://www.webmasterworld.com/goog/3721190.htm [webmasterworld.com] by engine - 5:27 pm on Aug. 12, 2008 (utc +1)


Google's Cryptographic Toolkit: Keyczar [googleonlinesecurity.blogspot.com]
Cryptography is notoriously hard to get right and if improperly used, can create serious security holes. Common mistakes include using the wrong cipher modes or obsolete algorithms, composing primitives in an unsafe manner, hard-coding keys in source code, or failing to anticipate the need for future key rotation. With these risks in mind, we're pleased to announce the open-source release of Keyczar.

Keyczar is a cryptographic toolkit that supports encryption and authentication for both symmetric and public-key algorithms.

[keyczar.org...]

 

Featured Threads

Hot Threads This Week

Hot Threads This Month