Google's security team has released an open-source cryptographic toolkit aimed at making it easier and safer for developers to use cryptography in their applications.
The toolkit, called KeyCzar, was originally developed by Steve Weis (Google) and Arkajit Dey (MIT) and is available under an Apache 2.0 license.
From Google's announcement:
Keyczar is a cryptographic toolkit that supports encryption and authentication for both symmetric and public-key algorithms. It addresses some of the aforementioned issues by choosing safe defaults, tagging outputs with key version information, and providing a simple application programming interface. Keyczar's key versioning system makes it easy to rotate and revoke keys, without worrying about backward compatibility or making any changes to source code.
Some features of KeyCzar include:
- A simple API
- Key rotation and versioning
- Safe default algorithms, modes, and key lengths
- Automated generation initialization vectors and ciphertext signatures
- Java and Python implementations (C++ coming soon)
- International support in Java (Python coming soon)