Keyczar, a Reliable Open Source Cryptography Tool

A Google-MIT team has just launched an open source encryption toolkit that can be used with both symmetric and asymmetric keys. In the first case, the same key helps both the encryption and decryption of a program. In order to decrypt the message, programmers must know what the secret key is. Decryption is usually made by a different user than the one who encrypts a program, so sharing the secret key must be made perfectly secure. Asymmetric keys are used to ensure a safe transport of the message from the sending programmer to the receiving one.

The features brought by the cryptography tool, namely Keyczar, make it of real help to coders in distress. One of these features is a simple Application Programming Interface that enables some applications use the services of another. Also, Keyczar brings a key rotation and versioning, which enables programmers with the possibility of assigning numbers to and keeping track of the latest versions of an application.

Safe default algorithms, modes (settings that enable user inputs to have more functions, depending on the settings provided by the coder) and key lengths are other features of the new Google open source product. Initialization vectors, used to produce different streams, by using the same encryption key, are automatically generated to give users a helpful hand. Ciphertext signatures are automatically generated, as well.

The tool can be used by both Java and Python programmers, while C++ fans have to wait a while, until the version to allow C++ implementation is developed. The team promises that this specific language will also be compatible with Keyczar in the near future. Java programmers are offered international support, which is expected for Python as soon as possible.

"Cryptography is easy to get wrong. Developers can choose improper cipher modes, use obsolete algorithms, compose primitives in an unsafe manner, or fail to anticipate the need for key rotation. Keyczar abstracts some of these details by choosing safe defaults, automatically tagging outputs with key version information, and providing a simple programming interface," says the team on the official webpage of the product.