Domain: cryptix.org
Stories and comments across the archive that link to cryptix.org.
Comments · 11
-
Re:Time for some coding
Cryptix has an implementation of ECC already.
-
Re:No GPG?
There are more than a few out there already (not surprisingly!):
RSA Crypto-J
BouncyCastle
Cryptix
Flexiprovider
There's a bunch more too - just google for them.
Some of these are free, some are Free and some are neither. Personally, I've written banking software using the RSA libs (I tried to get use BouncyCastle but management didn't like the name!). -
Why are key formats so complex?
Why are there so many variants of crypto key formats?
Not only the PKCS series, but also the various encoding methods. And clearly these are inadequate for everyone, so we get PGP formats, SSH/OpenSSH/PuTTY formats, etc.
If there had been a much smaller, more universal set of key formats, interoperable crypto would have been far easier.
On my paranoid days, I begin to suspect the TLA agencies on the standards committees deliberately introduced complexity to limit take-up.
Late posting moderation multiplier=2 -
Since my submission...
The Cryptix site was actually updated since my submission to announce an updated snapshot of OpenPGP. You can download it here.
-
Java
I sure hope the pending SDK has support for the latest version of Java. I have yet to get the latest version of Cryptix OpenPGP to work with the J2SE v 1.4.1.
-
Re:Security export rules
There is already a clean room, open source (BSD License) implementation of the JCE. It's called Cryptix, and simply put is one of the best libraries ever written for Java.
I don't trust black box cryptography... especially when Sun goes the extra mile to obfuscate their default implementation of the JCE crypto modules.
-
support non-usa open source encryption softwareEven more ominously, a proposal to require government back doors in encryption software has already appeared.
another good reason to use the cryptix library.
There is a bunch of good info on open source crypto and how US govt restrictions on crypto will simply mean that the rest of the world has better crypto than they do at cpsr.org.
europe has gone open source crypto mad. the germans are keen, the eu has just busted eschelon wide open and their conclusion is that everyone in the eu should be using oscrypto. you can bet your ass that everyone will use the strongest cheapest crypto they can - and that will be open, free and so tough you'll need a quantum computer to crack it.
still, thinking about it, quantum computers are so small they'll probably be spray on everywhere things . - so perhaps all this talk is already redundant. software based encryption is already redundant.
dave
-
Public domain Java implementation
Cryptix releases it's Java implementation of Rijndael in the public domain. The BSD licensed Cryptix is also the first crypto toolkit that officially supports the AES.
Open source rules!
-
A few ideas
(Speaking only for myself!!!)
For starters, I'd get my idea to http://cryptome.org/, even though that's guaranteed to get it law enforcement attention, because John Young is a better and more trustworthy newsman as a part-timer (he's really an architect!) than 99.9% of the full timer$. Good people look at Cryptome, and I'm guessing if it upsets authority your project will interest him. You might also post it to cypherpunks, or Usenet, as has already been suggested here.
Of course, you may need to find a way to pay for it somehow, and there's a pretty good chance that some of what you're thinking of has already been done, anyway. Good luck!
JMR -
OOPS: Re:Cryptix - Java encryption libraryOops, pressed the wrong thing at the wrong time
:/Anyways, as I was saying, there have been a bunch of people complaining about getting software to run on different machines. Now, I know this is a bit of a utopian view of Java, as I'm well aware of the problems of "Write Once, Run Anywhere", but surely the use of something like Cryptix 3.1.2 alongside a standard such as JavaMail would be a good basis for dealing with all these problems. The Cryptix code has interoperability with PGP 2.x (which may not be enough for everyone, but it shows it's been moving in the right direction), and it links in with the cryptography hooks that Sun has defined. As for JavaMail, well, that speaks for itself.
-
Suggestion: Focus on commerce & (smart) contracts
First let me say that I'm not a programmer (I'm a mouth) and that the following could easily be interpreted as totally self-interested, and to top it off they aren't even Linux-specific. Moderate me down, see if I care.
:)
The guys at http://www.cryptix.org/ are my favorites. Cryptix(tm) is an international volunteer effort to produce robust, open-source cryptographic software libraries. Cryptix products are free, both for commercial and non-commercial use and are being used by developers all over the world. Development is currently focused on Java. Without them, the cool stuff that's happening at: http://www.webfunds.org/ Webfunds (some of it indirectly involving my company) would not be possible.
Along some of the same lines, what's going on at: http://www.erights.org/ E involving a secure distributed object platform and scripting language for writing Capability-Based Smart Contracts is also exceptionally cool, and somewhat related is Tyler's http://www.waterken.com/ Waterken (which isn't a charity, but which is very cool IMO). Disclaimer: I like all the principals of these 4 groups as friends, and all 4 groups tend to "get" what I sell, which is e-gold, which currently uses too much closed-source stuff (that may change in the future, /. assistance appreciated). Obligatory Commercial: Anybody on Slashdot who wants to try e-gold today can e-mail me with an account number.
Something to keep in mind is the old adage "follow the money." It's as true in trying to supplant M$ as it is in politics, IMO. Good luck, choose well, and above all have fun.
JMR
[Speaking only for myself, YMMV, etc. etc.]