[Cryptography] Looking for feedback on new Java crypto library
James Yonan
james at openvpn.net
Tue Nov 12 22:14:45 EST 2013
On 12/11/2013 14:12, Steve Weis wrote:
> Hi James. Have you checked out Keyczar? It has similar goals and Google
> has been maintaining it for use in some Android libraries:
> https://code.google.com/p/keyczar/
> One main difference I see on quick inspection is that JACS uses
> InputStream and OutputStream interfaces and derives keys from
> user-entered passwords. Keyczar works on ByteBuffers, byte[], and String
> inputs, and handles key versioning and rotation. Plus, it has been
> ported to Python and C++.
JACS is more narrowly focused on the problem of symmetric
encryption/decryption of streamed data with password-derived keys.
A typical use case would be client-side encryption of data to be stored
in the cloud. In fact, the initial motivation for JACS was to provide a
jgit backend for client-encrypted git repositories that back to cloud
storage (jgit is a Java-based git implementation). JACS is also fairly
lightweight in the sense that there are no additional dependencies
beyond the JCE and the jar size is only ~ 52 KB.
I did take a look at the Java implementation of Keyczar and it doesn't
appear to have a great deal of overlap with JACS such as providing
streaming classes or password-based key derivation methods.
James
More information about the cryptography
mailing list