Announcing CompliaShield File Checksum
February 14, 2016
Do you know your 4th parties?
May 31, 2016

Open Source Encryption & Certificate Management

Mission Statement

Our goal is to create a freely available, open source, and easy to use set of libraries to address the challenges of common data exchange and encryption needs.

This project is being launched to provide free, peer reviewed, open source code that properly and safely implements existing Microsoft .NET encryption algorithms combined with PGP and X509 RSA certificate generation and use.

Background

A key requirement of compliance for HIPAA, PCI and many other security requirements is that encryption and key generation must be reviewed by a second person competent to ensure that no vulnerabilities exist.

We think it would be great if a free, open-source core code framework existed that safely wraps the functions of certificate generation and encryption.

Features

  • Certificate generation and validation implements wrappers for the Legion of Bouncy Castle’s broadly adopted .NET framework (https://www.bouncycastle.org) including X509 and PGP private/public key pairs.
  • Symmetric encryption with wrappers for AES-256 with assignable iterations for added hardening.
  • Asymmetric encryption with RSA-2048+ key encryption keys (KEK’s) with randomly generated, strong and secure symmetric keys enabling encryption for large amounts of data.
  • Common encryption formats for third-party encryption and decryption algorithms to enable data exchange.

X509 & PGP Certificate Generation

The Legion of Bouncy Castle (https://www.bouncycastle.org) is a widely-adopted, free and open source project available via GitHub and as a NuGet package.

Unfortunately, using Bouncy Castle requires quite a bit of research and work to get to a point where there is a clean, easy to understand and safe implementation for certificate generation.

This project aims to provide a free, open-source, and publicly available .NET C# framework and command line console that simplifies certificate generation.

Encryption Frameworks

Having looked through hundreds of tutorials, suggestions, StackOverflow.com threads and a great number of books, there are many good recommendations for implementing encryption. Unfortunately, there is a void regarding open source, freely available, peer reviewed wrappers that ensure proper implementation of the Microsoft .NET encryption libraries.

Our solution is to offer just such a framework, wrapping trusted, commonly approved .NET encryption libraries to help ensure the proper encryption strength and proper implementation of accepted encryption techniques.

This solution also offers several benefits in creating common data structures to store necessary information about the encrypted object, including:

  • Store public key thumbprints used when implementing asymmetric encryption.
  • Asymmetrically encrypt using two RSA public keys to fulfill split knowledge requirements.
  • Expedite a common wrapper for asymmetric encryption of large data sets using RSA key encryption keys (KEK’s) and secure random symmetric encryption key bytes.
  • Automate PGP encryption and decryption of files.
  • Encrypt and decrypt files with a single utility.
  • Ensure consistent implementation and storing of encryption strategy and version information along with encrypted objects.
John Fager
John Fager
John is an expert .NET programmer with extensive experience in encryption, HIPAA and PCI compliance. John specializes in data storage, cloud applications, SQL, and big data storage of secure data with various encryption and auditing requirements.

Leave a Reply

Your email address will not be published. Required fields are marked *