Google on Tuesday announced Keyczar, an open source project to help developers select and use safe cryptography in their applications.
Built on OpenSSL, PyCrypto, and the Java JCE libraries, Keyczar supports authentication and encryption with both symmetric and asymmetric keys. It simplifies some of the details by choosing safe defaults and automatically tagging outputs with key version information. Keyczar also provides a simple interface.
The project provides developers with a simple API, key rotation and versioning, and safe default algorithms, modes, and key lengths.
A "nongoals" page proclaims what KeyCzar is not. For example, KeyCzar is not designed to work with legacy crypto output formats.
The project was developed as part of the Google Security Team by Steve Weis (Google) and Arkajit Dey (MIT), with additional help from Ben Laurie, Neil Daswani, Marius Schilder, Sarvar Patel, Loren Kornfelder, Manuel Marquez Garrido, Rafael Castro, and Laura Krotowski.
This article was first published as a blog on CNET News.com.
Play video
There are currently no comments for this post.