Tools and Open Source
See also local files:
Contents
Overview
- CryptTool Wikipedia
- CryptTool.org
- CrypTool 1 (CT1) was released in 1998 and runs under Windows and has two successors: CT2 and JCT.
- CrypTool 2 (CT2) supports visual programming and execution of cascades of cryptographic procedures.
CT2 contains a large number of cryptanalysis methods and also runs under Windows.
- JCrypTool (JCT) is platform-independent and runs under Linux, Mac and Windows.
One focus are post-quantum (signature) algorithms.
- CrypTool-Online (CTO) was released in spring 2009. Runs in a browser
HSM
See also local files:
Products:
TPM
Trusted Platform Module (ISO/IEC 11889) is a standard for a secure cryptoprocessor, to secure hardware through integrated cryptographic keys. Each TPM chip has a unique and secret Endorsement Key (EK) burned in as it is produced.
See also local files:
Basics
- TPM - Wikipedia
- Trusted Platform Module provides
- Hardware random number generator
- Facilities for the secure generation of cryptographic keys for limited uses
- Remote attestation: Creates a hash key summary of the hardware and software configuration. This allows a third party to verify that the software has not been changed.
- Binding: Encrypts data using the TPM bind key, a unique RSA key descended from a storage key
- Sealing: Similar to binding, but in addition, specifies the TPM state for the data to be decrypted
- Other Trusted Computing functions for the data to be decrypted
- TPM 2 tools for Debian Buster
- TPM 2 tools documentation
Microsoft Windows
PDF security
Tutanota
Basics
German start-up, Hannover. Works on PQmail as well.
Services
PGP - GPG
Basics
Pretty Good Privacy (PGP) introduced a decentralised model of trust based on public keys and certificates.
PGP is software built as an e-mail encryption tool by Phil Zimmermann, where parties are represented by their public key.
Its message format is described in RFC 4880.
- gnupg.org - GPG/GnuPG
- GnuPG is a command line tool without any graphical user interface. It is an universal crypto engine
which can be used directly from a command line prompt, from shell scripts, or from other programs.
On Linux
- Gnome Keyring
- a collection of components in GNOME that store secrets, passwords, keys, certificates and make them available to applications
- integrated with the user's login, so that secret storage can be unlocked when the user logs in
- based on PKCS#11
- Gnome Seahorse - an application for managing PGP and SSH keys and passwords in the GNOME Keyring
- GPG in Evolution
- Key generation either through Seahorse or by 'gpg2 –full-gen-key'
On Windows
- gpg4win.org - GPG for Windows - email and file encryption
- Installs locally at C:\Program Files (x86)\GnuPG\bin
- Sign files or folders from Windows Explorer with GpgEX or Kleopatra
- Comes with Microsoft Outlook plugin GpgOL to sign and encrypt emails and attachments. Verification and decrytion directly in Outlook.
- Executable gpg4win-3.1.11.exe exists separately but is also part of Libre Office
- gpg4win's Kleopatra - a tool for managing X.509 and OpenPGP certificates also on Windows
Libraries
EU DSS - essentially an open-source library
CEF Digital wiki
EU DSS on Github
EU DSS seminars and info
EU Sign
VeraCrypt - TrueCrypt
OpenSSH OpenSSL OpenDnsSect
PKI
IRMA
IRMA is a set of free and open source software projects implementing the Idemix attribute-based credential scheme, allowing users to safely and securely authenticate themselves as privacy-preserving as the situation permits. Users receive digitally signed attributes from trusted issuer, storing them in their IRMA app, after which the user can selectively disclose attributes to others.
Other