JAVA Toolkit
| home | contact



News Menu

Latest News

IAIK-JCE 5.52 and iSaSiLk 5.2 released!

27/08/2018

The new versions of IAIK-JCE and iSaSiLk follow up the recently released new version of IAIK-ECCelerateTM (5.0). IAIK-JCE 5.52 brings some fixes and additions, and iSaSiLk 5.2 adds support for x25519 and x448 ECDHE key exchange and EdDSA signing using Curve25519 and Curve448. Furthermore iSaSiLk now supports RSA-PSS signatures.

ECCelerate 5.0 released!

12/07/2018

We proudly present a new maintenance release of our IAIK ECCelerate™ elliptic curve library! Version 5.0 adds support EdDSA using Curve25519 and Curve448, ECDH using X25519 and X448, and RFC6979. IAIK ECCelerate™ is based on Java 6 technology and has been thoroughly optimized for speed. Currently, it supports ECDSA, EdDSA, ECDH, X25519/448, ECIES and optionally ECMQV.

References

Our Clients


Main Features

  • Written entirely in Java™ language guaranteeing cross platform portability
  • Works on all JDK versions 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.8 and compatible
  • Centralized security policy configuration
  • Stream based CMS implementation for supporting one-pass processing making it possible to handle large amounts of data without running into memory problems
  • S/MIME library compatible with the javax.mail architecture from SUN
  • Supports ESS TripleWrapping and arbitrary nesting of S/MIME entities

 Protocol Standards Compliance: 

  • Implements the IETF CMS, S/MIMEv3 and ESS specifications ( RFC 5652; 5751; 2634, 5053)
  • Implements all CMS content types:
    • Data
    • Signed-data
    • Enveloped-data
    • Digested-data
    • Encrypted-data
    • Authenticated-data
      and
    • Authenticated-Enveloped-Data ( RFC 5083)
    • Compressed-data ( RFC 3274)
  • Implements all CMS RecipientInfo types:
    • KeyTransRecipientInfo
    • KeyAgreeRecipientInfo
    • KEKRecipientInfo
    • PasswordRecipientInfo ( RFC 3211)
    • OtherRecipientInfo (user plugable)
  • Supports all algorithms required and recommended for the implemented content types: SHA-1 (also SHA-224, SHA-256, SHA-384, SHA-512), MD5 (digest), RSA (PKCS#1v1.5 and PKCS#1v2.1 PSS signature, PKCS#1v1.5 and PKCS#1v2.1 OAEP key transport), DSA (signature), X9.42 Ephemeral Static and Static Static Diffie Hellman - RFC 2631 (key agreement), AES Key Wrap, Triple-DES Key Wrap, RC2 Key Wrap, HMACwith3DESwrap and HMACwithAESwrap (key encryption), AES, Triple-DES CBC and RC2 CBC (content encryption), PBKDF2 with PWRI-KEK (RFC 3211, password-based encryption for CMS)
  • Can be used with any alternative algorithm fulfilling the requirements of the CMS / S/MIME protocols and supported by an installed security provider
  • Supports Elliptic Curve Cryptography (ECDSA, ECDH)
  • Supports DSA with SHA-2 according to FIPS 186-3
  • Supports Camellia Encryption and Key Wrap algorithm ( RFC 3657)
  • Supports X.509 public key and attribute certificates
  • Supports all content types of S/MIMEv3 and ESS:
    • multipart/signed with application/pkcs7-signature
    • application/pkcs7-mime
      • signed-data
      • enveloped-data
      • certs-only
      • signed-receipt ( ESS)
      • application/pkcs10 from S/MIMEv2 respectively CMC (Certificate Management Messages over CMS)
      • compressed-data (from S/MIMEv3.1)
  • Supports ESS TripleWrapping and arbitrary nesting of S/MIME parts
  • Supports all Enhanced Security Services specified by ESS: ( RFC 2634, 5035):
    • Signing Certificates (+ V2 Signing Certificates)
    • Security Labels
    • Signed Receipts
    • Secure Mailing List

 Application Extensible Design: 

  • Pluggable custom content-type implementations
  • Pluggable custom certification path verification
  • Pluggable custom cryptographic algorithm implementations
  • Pluggable custom canonicalization policies (S/MIME)
  • Pluggable custom security label policies (S/MIME ESS)
  • Allows application defined crypto methods

 Proven Interoperability: 

  • Interoperates with any CMS and S/MIMEv3 implementation
  • Backwards compatible to PKCS#7v1.5 and S/MIMEv2
  • Interoperability tested among others with clients Microsoft Outlook Express, Microsoft Outlook, Netscape,Mozilla Messenger and Thunderbird
  • Listed in the IETF CMS Draft Standard Implementation Report ( see http://www.ietf.org/iesg/implementation/: pdf, txt)

 Cryptographic Provider Independence: 

  • Can be used with any JCA/JCE 1.2 (or later) compliant cryptography provider
  • Can use several different cryptography providers at the same time
  • Provisions for easy integration of smartcards and other secure hardware devices
  • Allows plug-in of user written JCA/JCE engines
  • Allows plug-in of user written non JCA/JCE compliant crypto code
  • Comes with the IAIK-JCE provider by default (included in license)
 

 
print    tip a friend
back to previous page back  |  top to the top of the page