Slashdot Mirror

← Back to Stories (view on slashdot.org)

Easy Encryption In Java and Python With Keyczar

Posted by kdawson on from the clear-program-take-note dept.

rsk writes "Keyczar is an encryption toolkit born out of the Google Security Team and released under the Apache 2 license. Keyczar's purpose is to make managing encryption of secured data much easier than it has been, with the following features: a simple API; key rotation and versioning; safe default algorithms, modes, and key lengths; automated generation of initialization vectors and ciphertext signatures; Java and Python implementations (C++ coming soon); and international support in Java (Python coming soon). The example on the website is only 2 lines long, and a more fully worked out example is also provided for folks wanting to get started 'for reals.'"

3 of 19 comments (clear)

  1. standard API as well ? by johnjones · · Score: 3, Interesting

    does it implement the java crypto api (JCE) and how does it compare to The Legion of the Bouncy Castle ?

    can it do PGP otherwise its just another api wrapper essentially because its not a standard i.e. it is no good locking something up if you cant give someone else the keys...

    regards

    John Jones
    http://www.johnjones.me.uk

    1. Re:standard API as well ? by bratgitarre · · Score: 4, Interesting

      It's waaaay smaller than Bouncy Castle. The focus of Keyczar seems to be on usability, to the point that it's seems rather black-boxy. Here's an encryption example from their page: Crypter crypter = new Crypter("/path/to/your/keys"); String ciphertext = crypter.encrypt("Secret message"); Notice that it's not at all clear what this does. Is it symmetric or asymmetric encryption? Deterministic or nondeterministic? Authenticated? It's all under the hood. If you don't care to look, you don't have to know. They try to provide safe defaults, but it won't the developer from understanding some basic crypto concepts. Bouncy Castle is a lot more comprehensive and (most likely) mature.

    2. Re:standard API as well ? by Seakip18 · · Score: 2, Interesting

      http://www.keyczar.org/javadocs/index.html

      From what I gathered (and I'm probably wrong. I'm not the best when it comes to understanding cryptography.), you've got a private/public key or symmetric key setup, depending on your choice.

      Sorry I couldn't be more helpful.

      --
      import system.cool.Sig;