[Cryptography] Looking for feedback on new Java crypto library

[James Yonan]

I'm releasing a new open source Java library that focuses on encryption 
of files and streams in a way that tries to integrate current crypto 
best-practices with a foolproof API, while building on the existing Java 
Cryptography Extension (JCE).

The primary use case is enabling client-side encryption of files pushed 
to the cloud with a simple API that automatically incorporates Explicit 
IV, HMAC-based integrity checking, and strong key-derivation methods to 
foil hardware-accelerated password cracking.

I would appreciate any comments or feedback, especially on the security 
model.

The library is called "Jacs" (Java augmented cipher streams) and the 
README on github includes a full security discussion:

https://github.com/jamesyonan/jacs

Rationale:

Java's CipherInputStream and CipherOutputStream classes (from the JCE) 
lack two important capabilities:

1. Support for using a randomized "Explicit IV" to ensure that identical 
plaintexts encrypt to different ciphertexts even when the same key is used.

2. Integrity checking when decrypting ciphertext, to ensure that the 
ciphertext was not forged or tampered with (Jacs uses encrypt-then-MAC 
approach, where leading IV + all ciphertext is signed).

The Jacs library adds these capabilities via the new classes 
CipherInputStreamIVMAC and CipherOutputStreamIVMAC, which are intended 
to be drop-in replacements for CipherInputStream and CipherOutputStream.

CipherInputStream and CipherOutputStream classes are often used to 
encrypt data using a password-derived key.  While the JCE supports 
PBKDF2-SHA1, the speed with which attackers can brute-force SHA1 using 
off-the-shelf hardware makes it prudent to consider other alternatives.

So in addition to PBKDF2-SHA1, Jacs integrates support for 
PBKDF2-SHA512, Bcrypt, and Scrypt.

Thanks,
James