Keyczar – Google’s crypto for non-cryptographersAugust 12, 2008 – 5:51 AM
Google has released Keyczar, billed as a “Toolkit for safe and simple cryptography”, under an Apache 2.0 open source licence. Keyczar has been developed by members of the Google security team and aims to make cryptography more accessible to application developers.
Keyczar’s design goals were to manage the complexity of cryptography for developers who are not cryptographically aware. Keyczar’s developers point to how these developers may choose wrong cipher modes, use an obsolete algorithm or just forget they will need to rotate keys. To avoid this problem, Keyczar abstracts ways these issues with a simple programming interface and adds a key versioning system which tags output with version information and makes it easy to rotate and revoke keys.