more on: Cross-Platform Encryption Libraries?

At 02:51 PM 04/21/2000 -0700, I wrote:

Any recommendations on cross-platform encryption libraries? Specifically, NT
and Unix / Linux / Solaris? Ideally, with source so we can compile locally?
We have a customer who is requesting that we encrypt the data we exchange
with them. Our end is NT, their end is Unix, and we’d prefer an
off-the-shelf commercial solution.

Clarification: We have software on each end of the connection, and we would
like to incorporate encryption into our existing code. I’m thinking here of
a library which accepts a pointer to allocated memory and encrypts/decrypts
it - something along those lines. A programming library with an API, not a
command-line utility from Norton .

Thanks!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I use PGP on my laptop (NT) and some of our *nix development systems.

Mcafee sells a personal PGP package for $19.99 for Windows. PGP is
freely available for most flavors of UNIX. I’m not aware of anyone
packaging it for Linux or Solaris.

Clark

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Richard
Hartman Sent: Friday, April 21, 2000 4:51 PM To: NT Developers
Interest List Subject: [ntdev] Cross-Platform Encryption Libraries?

Any recommendations on cross-platform encryption libraries?
Specifically, NT
and Unix / Linux / Solaris? Ideally, with source so we can
compile locally?
We have a customer who is requesting that we encrypt the data we
exchange with them. Our end is NT, their end is Unix, and we’d
prefer an off-the-shelf commercial solution.

Thanks!


You are currently subscribed to ntdev as: xxxxx@wirespeed.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.1

iQA/AwUBOQDSX+B0WaKgfXz5EQKwNQCdFfL7yV/tjwrILws8mxe8iANrDSgAoIGm
pmilcCc1eGyE3LbBEPvPFUzC
=PqLN
-----END PGP SIGNATURE-----

begin 666 Clark Williams.vcf
M0D5’24XZ5D-!4D0-"E9%4E-)3TXZ,BXQ#0I…E=I;&QI86US.T-L87)K#0I&
M3CI#;&%R:R!7:6QL:6%Mxxxxx@0V]M;75N:6-A=&EO;G,L($-OM96-H;FEC86P@3V9F:6-E<@T5$5,.U=/4DL[5D])0T4ZS$@#(U-BD@-S T
M+3DR-38-“E1%3#M#14Q,.U9/24-%.BLQ(”@R-38I(#4R-RTW-C8R#0I414P[
M5T]22SM&xxxxx@Z
S$@*#(U-BD@.#,W+3,X,SD-"D%$4CM73U)+.CL[,S W(%=Y
M;FX@1’)I=F4[2’5N='-V:6QL93M!3#LS-3@P-3M54T$-"DQ!0D5,.U=/4DL[
M14Y#3T1)3D<]455/5$5$+5!224Y404),13HS,#<@5WEN;B!$M04AU;G1S=FEL;&4L($%,(#,U.# U/3!$/3!!55-!#0I54DPZ#0I54DPZ:‘1T
M<#HO+W=W=RYW:7)EM87)K0’=I8-#$X5#$U-#`
end

At 05:12 PM 04/21/2000 -0500, you wrote:

Mcafee sells a personal PGP package for $19.99 for Windows.

A programming library, or a standalone utility? I didn’t know McAfee was in
the programming tools business.

At 02:51 PM 4/21/00 -0700, Richard Hartman wrote:

Any recommendations on cross-platform encryption libraries? Specifically, NT
and Unix / Linux / Solaris? Ideally, with source so we can compile locally?
We have a customer who is requesting that we encrypt the data we exchange
with them. Our end is NT, their end is Unix, and we’d prefer an
off-the-shelf commercial solution.

There is RSA’s BSAFE library. It’s about as commercial and well tested as
they come. You will have to pay license fees though. Are you looking for
algorithms that don’t require license fees? BSAFE is probably the code
that’s inside the Microsoft CryptoAPI service provider libraries.

You didn’t mention what kind of encryption. Are you looking for bulk
symetric algorithms or public key exchange or something else? A big factor
is: how do you expect to exchange keys with the other end. A digital
certificate signed by Verisign or somebody. A phone call to exchange passwords?

Also note that adding encryption has export implications. This has gotten
much easier recently. I believe you do still have to submit a product for
export approval with the US Commerce Dept.

  • Jan

At 03:40 PM 04/21/2000 -0700, you wrote:

There is RSA’s BSAFE library. It’s about as commercial and well tested as
they come. You will have to pay license fees though. Are you looking for
algorithms that don’t require license fees?

Obviously, the cheaper the better . This is a low-quantity deployment
between specific customers and us - not a broad-based public access thing.
Total deployments will probably be in the low dozens.

>You didn’t mention what kind of encryption. Are you looking for bulk
>symetric algorithms or public key exchange or something else? A big factor
>is: how do you expect to exchange keys with the other end. A digital
>certificate signed by Verisign or somebody. A phone call to exchange passwords?

A phone call is probably sufficient. The keys won’t change very often, so it
can be handled manually. No third-party handling (i.e. Verisign) is required
whatsoever. Our application is: Given a block of allocated memory full of
data, encrypt it, transmit it, receive it at the other end into another
allocated block, decrypt it, done.

>Also note that adding encryption has export implications. This has gotten
>much easier recently. I believe you do still have to submit a product for
>export approval with the US Commerce Dept.

Hmmm… I’d forgotten about that. Thanks for bringing it up.

RLH

> ----------

From: Richard Hartman[SMTP:xxxxx@realresume.com]
Reply To: NT Developers Interest List
Sent: Saturday, April 22, 2000 04:27
To: NT Developers Interest List
Cc: xxxxx@pmatrix.com
Subject: [ntdev] Re: Cross-Platform Encryption Libraries?

At 03:40 PM 04/21/2000 -0700, you wrote:
>There is RSA’s BSAFE library. It’s about as commercial and well tested as
>they come. You will have to pay license fees though. Are you looking for
>algorithms that don’t require license fees?

Obviously, the cheaper the better . This is a low-quantity
> deployment
> between specific customers and us - not a broad-based public access thing.
> Total deployments will probably be in the low dozens.
>
Take a look on RFC 2040 which describes RC5 implementation. It is easy to
implement and verify this encryption algorithm according to this paper.

Best regards,

Michal Vodicka
RKK Informationssysteme s.r.o.
:We support your Future
[WWW: http://www.rkk.cz , http://www.skytale.com]

Ack! I missed that he wanted a library. Sorry.

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Richard Hartman
Sent: Friday, April 21, 2000 5:30 PM
To: NT Developers Interest List
Subject: [ntdev] RE: Cross-Platform Encryption Libraries?

At 05:12 PM 04/21/2000 -0500, you wrote:
>Mcafee sells a personal PGP package for $19.99 for Windows.

A programming library, or a standalone utility? I didn’t know
McAfee was in
the programming tools business.


You are currently subscribed to ntdev as: xxxxx@wirespeed.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)

begin 666 Clark Williams.vcf
M0D5’24XZ5D-!4D0-"E9%4E-)3TXZ,BXQ#0I…E=I;&QI86US.T-L87)K#0I&
M3CI#;&%R:R!7:6QL:6%Mxxxxx@0V]M;75N:6-A=&EO;G,L($-OM96-H;FEC86P@3V9F:6-E<@T5$5,.U=/4DL[5D])0T4ZS$@#(U-BD@-S T
M+3DR-38-“E1%3#M#14Q,.U9/24-%.BLQ(”@R-38I(#4R-RTW-C8R#0I414P[
M5T]22SM&xxxxx@Z
S$@*#(U-BD@.#,W+3,X,SD-"D%$4CM73U)+.CL[,S W(%=Y
M;FX@1’)I=F4[2’5N='-V:6QL93M!3#LS-3@P-3M54T$-"DQ!0D5,.U=/4DL[
M14Y#3T1)3D<]455/5$5$+5!224Y404),13HS,#<@5WEN;B!$M04AU;G1S=FEL;&4L($%,(#,U.# U/3!$/3!!55-!#0I54DPZ#0I54DPZ:‘1T
M<#HO+W=W=RYW:7)EM87)K0’=I8-#$X5#$U-#`
end

Richard,

I’d suggest looking at:

Crypto++ at http://www.eskimo.com/~weidai/cryptlib.html
Cryptlib at http://www.cs.auckland.ac.nz/~pgut001/cryptlib/

They are both cross-platform.

For licensing terms, see:
Crypto++: http://www.eskimo.com/~weidai/license.txt
Cryptlib: http://www.cs.auckland.ac.nz/~pgut001/cryptlib/download.html

There is a page comparing crypto libraries, but I cannot get to it. I don’t
know whether it’s gone or whether there’s just some DNS weirdness going on.
In any case, the URL is:

http://www.homeport.org/~adam/crypto/

You could also try OpenSSL, which includes a crypto library. It’s at
http://www.openssl.org/.

  • Danilo