Java Cryptography Expertise (worldwide)
Introduction
We are developing crypto solutions and middleware in Java for more than 23 years, more than 19 years in IT projects for mostly large but also medium enterprises.
Portfolio
We offer architectural, implementation and development services for tailor-made Java-based cryptography components. This can be a complete software, a middleware/library following an easy to use API for your own application or a simple proof-of-concept (PoC).
If you are just interested in an architectural or conceptual work – even independent of Java or interdisciplinary – you are welcome as well.
Our portfolio includes but is not limited to Java development of
- Symmetric encryption software
- Public Key Cryptography components like
- Asymmetric encryption software
- Digital signature middleware
- X.509v3 certificate management / certification authority (CA) software
- Other PKI related middleware
- Password-based encryption (PBE) components
- Password security like secure password hashing (e.g., using PBKDF2 from PKCS#5)
- Document Hashing / Message Digest (e.g., using the SHA families, MD5 etc.)
- Authentication and integrity protection of data using MACs
Furthermore, we support
- Tokens like SmartCards, Hardware Security Modules (HSM) and others
- Soft-tokens / key files like PKCS#12 (.p12), Java Keystore (JKS) and OpenPGP keyrings
- Token APIs like MSCAPI and PKCS#11
- One-Time-Password tokens (OTP tokens) like RSA SecurID or OATH-based tokens
- Common crypto standards like, e.g., TLS, SSL, HTTPS, e-mail encryption, S/MIME, OpenPGP
- Other standards like SAML, OAUTH, OpenID, Kerberos, Active Directory/LDAP etc. as well as Single-Sign-On (SSO) solutions
We have worked with Java crypto providers like Bouncy Castle, IAIK, Sun, Oracle and others. We have used dozens of algorithms including the most prominent like AES, Twofish, RSA, DSA, HMAC. We always use a standard implementation of the corresponding algorithm or protocol.
Java Environment
We embed tailor-made crypto components into
- Server or Web applications
- Database or backend applications
- Client applications for desktop computers using, e.g., Swing, AWT, SWT/RCP, JavaFX (Windows, Linux, Mac OS)
- Mobile apps using Android for Smartphones or tablets
- J2ME applications including Java Card
Other Services
We also offer online trainings in the above mentioned expertise.
Moreover, we offer on-demand courses or webinars to specific topics or questions. If you want to get an opinion from an IT security expert on your application security concept or if you require face-to-face question time on a certain topic, feel free to contact us for an offer.
Online courses can also be provided and licensed in the SCORM format for enterprise LMSs.
Furthermore, you can utilize our expertise in writing for specifications, concepts or online articles.
Working Examples
Besides our professional expertise from IT projects for large enterprises, we offer several freely available software:
- CrococryptLib: A Java and Android encryption library with an SDK. It does not require any cryptography know-how to integrate cryptographic operations into your own applications. It is a commercial library but offers a free-to-use trial SDK.
- CrococryptFile: An open-source encryption software for creating encrypted files and file archives on Windows and Linux.
- CrococryptMirror: A freeware encryption tool for mirroring directories to encrypted containers on Windows, e.g., for cloud backups.
- CrococryptQuerl: A open-source Java web application which could roughly be described as anonymous & encrypted Swiss safe deposit box for computer files.
CrococryptLib
CrococryptLib offers several Java-based crypto services around password hashing and password-based/symmetric encryption. If you are searching for individual components in this area, you might want to use CrococryptLib instead of custom developed components. CrococryptLib is part of our expertise - ready-to-use in a library.
Contact
To contact us visit our contact page.