OpenPGP?
Open-PGP software uses a combination of strong public-key and symmetric cryptography to provide security services for electronic communications and data storage. These services include confidentiality, key management, authentication, and digital signatures (even more as development goes on!).
What is Cryptix OpenPGP?
Cryptix OpenPGP is a Java implementation of the OpenPGP standard as defined in RFC 2440 and its predecessor RFC 1991. Cryptix OpenPGP is not a user application. Instead its intended audience are developers who want to add PGP encryption or signatures to their application.
It can:
- Encrypt/decrypt documents
- Create and verify signatures on documents
- Create and verify signatures on keys
- Decrypt and encrypt secret keys (using a passphrase)
- Generate keys
- Read and write Keyrings
- Supported public-key algorithms: DSA, ElGamal, RSA
- Supported symmetric-key algorithms: IDEA, TripleDES, CAST5, Blowfish, Twofish
- Supported message digests: MD5, SHA-1, RIPEMD160, MD2, Tiger
And futured, but not yet supported are:
- Key/Signature revocations
- Compression
- Key servers
- Full RFC1991 compliance
- ElGamal signatures
The main author for Cryptix OpenPGP is Edwin Woudt.
It depends on:
- Cryptix JCE(you need this for the crypto bits)
- JDK 1.2 or higher
Cryptix OpenPGP does not work on JDK 1.1 because it uses part of the Collection framework that was added to JDK 1.2, and Cryptix OpenPGP does not work on JDK 1.4, because Cryptix JCE (woll get to this soon) does not work on JDK 1.4 yet.
Cryptix JCE (Java Cryptography Extension)
JCE provides a framework and implementations for encryption, key generation, key agreement and message authentication code algorithms. Support for encryption includes symmetric, asymmetric, block and stream ciphers. There is also secure streams and sealed objects support.
Cryptix JCE is a complete clean-room implementation of the official JCE 1.2 API published by Sun. Cryptix JCE is expected to be 100% compatible with Sun's implementation.
Cryptix JCE currently supports:
- JDKs: 1.1, 1.2 and 1.3
- Ciphers: Blowfish, CAST5, DES, IDEA, MARS, RC2, RC4, RC6, Rijndael, Serpent, SKIPJACK, Square, TripleDES, Twofish
- KeyAgreements: Diffie-Hellman
- Modes: CBC, CFB-(8, 16, 24, ..., blocksize), ECB, OFB-(blocksize), openpgpCFB
- Hashes: MD2, MD4, MD5, RIPEMD-128, RIPEMD-160, SHA-0, SHA-1, SHA-256/384/512, Tiger
- MACs: HMAC-MD2, HMAC-MD4, HMAC-MD5, HMAC-RIPEMD-128, HMAC-RIPEMD-160, HMAC-SHA-0,
- HMAC-SHA-1, HMAC-Tiger
- Signatures: RawDSA, RSASSA-PKCS1, RSASSA-PSS
- Assymetric ciphers: RSA/PKCS#1, ElGamal/PKCS#1
- SecureRandom SPIs´: /dev/urandom on systems that support it (FreeBSD, Linux, OpenBSD and possibly other UNIXen)
You can get it from the Cryptix website.
As Cryptix OpenPGP uses RFC2440 specification, it might be good to
know the main confidentiality method defined in it:
OpenPGP uses two encryption methods to provide confidentiality: symmetric-key encryption and public-key encryption. With public-key encryption, the object is encrypted using a symmetric encryption algorithm. Each symmetric key is used only once. A new session key is generated as a random number for each message. Since it is used only once, the session key is bound to the message and transmitted with it. To protect the key, it is encrypted with the receiver's public key.
For more info about RFC2440: http://www.ietf.org/rfc/rfc2440.txt
More info about Cryptix OpenPGP: http://www.cryptix.org
I tried not to get much into details but bring out the main things.. a short preview. Any comments welcome, because I know I'm not that good of a writer!
Details can all be read from the URLs I have here...in the RFC2440 text you get more detailed info about the methods and detailed info about algorithms that are used in OpenPGP. I suggest you read that, and as always, Google to get more :)
Also, Cryptix is looking for contributions on several areas; so, there are some "challanges" for coders there.
Melborp
This article was originally written by Melborp |
Copyright Open Source Institute, 2006 
