themis: open-source high-level cryptographic services library

by ddos ·

themis

Themis is an open-source high-level cryptographic services library for mobile and server platforms, which provides secure data exchange and storage.

 

Themis provides four important cryptographic services:

  • Secure Message: a simple encrypted messaging solution for the widest scope of applications. Exchange the keys between the parties and you’re good to go. Two pairs of the underlying crytosystems: ECC + ECDSA / RSA + PSS + PKCS#7.
  • Secure Session: session-oriented, forward secrecy datagram exchange solution with better security guarantees, but more demanding infrastructure. Secure Session can perfectly function as socket encryption, session security, or (with some additional infrastructure) as a high-level messaging primitive. ECDH key agreement, ECC & AES encryption.
  • Secure Cell: a multi-mode cryptographic container suitable for storing anything from encrypted files to database records and format-preserved strings. Secure Cell is built around AES in GCM (Token and Seal modes) and CTR (Context imprint mode).
  • Secure Comparator: a Zero-Knowledge based cryptographic protocol for authentication and comparing secrets.

Themis was designed to provide complicated cryptosystems in an easy-to-use infrastructure, with modern rapid development in mind:

  • EASY: Themis does not require users to obsess over parameters, cipher combination, and yet it provides high levels of security.
  • DO YOUR THING: Themis allows developers to focus on doing the necessary: developing their applications.
  • BEST PRACTICE: Themis is based on the best modern practices in implementing complicated security systems.

What’s inside Themis:

  • Soter: core crypto library: the underlying cryptographic primitive layer in Themis.
  • On cryptographic donors: making sure our solutions are based only on high-quality verified code through utilising the existing open-source cipher implementations.
  • Cryptosystems: what they are and how they create Themis Objects (a general explanation).
    • Secure Message: asymmetric encryption for data transfer.
    • Secure Session: asymmetric encryption based on ephemeral keys.
    • Secure Cell: container for symmetric/storage encryption.
    • Secure Comparator: Zero-Knowledge Protocol (ZKP) implementation (comparing shared secret, without revealing it to the potentially dishonest party).

Download && Use

Copyright 2015 Cossack Labs Limited

Tags: cryptographic services