Google has released KeyCzar - an easier to use and potentially safer to use cryptographic toolkit, as open source under the Apache License 2.0.
Key points (pun intended :) I could gather about KeyCzar (from reading some of the links about it below), are:
- Since cryptography is a complex subject, one of the main goals of KeyCzar is to make at least some of the common crypto operations easier for developers - this is a good idea, IMO.
- It has a simple API
- Uses some safe defaults
- Has support for Python and Java, with C++ support coming
- Supports authentication and encryption with both symmetric and asymmetric keys
- It is not meant to replace some of the existing cryptographic libraries such as OpenSSL, PyCrypto, and the Java JCE libraries, but builds upon them. I've always felt that this is one way in which many developers can add value in software - build something upon something that already exists. Of course, this already happens all the time when anyone uses a library in their app, but what I mean here is something like what Google has done with KeyCzar - they've built another toolkit upon existing crypto toolkits, to add some value in terms of easier and safer use for the average developer who is not a crypto expert.
- It was originally developed by members of the Google Security Team.
Here is their blog post about it.
So this looks like a good move by Google and should help many developers who need to include cryptographic capabilities in their apps.
Here are some links about it:
The KeyCzar.org site.
KeyCzar on the Google Code site
An article on CNET's News.com:
Google's Keyczar designed to make cryptography easier.
- Vasudev Ram