recommendations/evaluations of free / low-cost crypto libraries
Anton Stiglic
astiglic at okiok.com
Mon Jun 21 11:43:58 EDT 2004
A list can be found here
http://www.homeport.org/~adam/crypto/
There are several things that you might want to consider, other than the
language in which the library was written of course.
You might want to consider the cryptographic algorithms that are supported,
and support for standards such as various PKCS standards. For example,
although JCE is a standard framework, not all JCE providers implement the
same functionality. Some may allow you to create a PKCS#12 object or not,
some will only let you read one. And creating a PKCS#12 object can be done
in various ways, you might need to provide all of the keys that go in the
PKCS#12 object at once, or you can add them incrementally (we actually
changed a JCE provider because of this point). Some allow you to talk to a
cryptographic hardware via PKCS#11 and some not.
You also might be interested in software performance, and if operations can
be accelerated by hardware you might have in hand.
You might also be interested in FIPS accreditation. For example, Crypto++
and the NSS library are FIPS 140 accredited. OpenSSL is in the process of
being certified (there was a discussion about that in this list around
September 2003).
Architecture and OS platform compatibility is another important issue.
You might also be interested in the size of the compiled executable once it
is statically linked with the library (some libraries do much better than
others on this point).
Regards,
--Anton
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list