sexta-feira, 7 de setembro de 2018

REUSE: Cryptographic library from Google

Quoting:
"Tink is a multi-language, cross-platform cryptographic library developed by a group of cryptographers and security engineers at Google to help developers implement cryptography correctly without being cryptographic experts. Under development for the last two years, version 1.2 adds support for Cloud, Android, and iOS platforms, and C++ and Objective-C."
More at:
https://www.infoq.com/news/2018/09/google-tink-cryto-ios-android

Current implementation details:
"Tink currently provides four cryptographic operations, implemented by specific primitives:

authenticated encryption with associated data (primitive: AEAD)


message authentication codes (primitive: MAC),


digital signatures (primitives: PublicKeySign and PublicKeyVerify)


hybrid encryption (primitives: HybridEncrypt and HybridDecrypt).


Each operation has an associated set of minimal properties and a guarantee. A primitive can have multiple implementations and the user chooses the actual implementation to use by instantiating a key of a corresponding type. (...)


In addition to cryptographic operations, Tink provides support for key management, including key versioning, key rotation, and support for remote key management systems (KMS). Currently, the following KMSes are supported:


Google Cloud KMS


Amazon KMS


Android Keystore


Apple iOS KeyChain (planned)


Tink currently supports Java, C++, and Objective-C. Support for C#, Go, and JavaScript/Node is planned for version 1.3, tentatively scheduled for December 2018."