Gnome-keyring is a program that keep password and other secrets for
users. It is run as a damon in the session, similar to ssh-agent, and
other applications can locate it by an environment variable.
The program can manage several keyrings, each with its own master
password, and there is also a session keyring which is never stored to
disk, but forgotten when the session ends.
The library libgnome-keyring is used by applications to integrate with
the gnome keyring system. However, at this point the library hasn't been
tested and used enought to consider the API to be publically
exposed. Therefore use of libgnome-keyring is at the moment limited to
internal use in the gnome desktop. However, we hope that the
gnome-keyring API will turn out useful and good, so that later it
can be made public for any application to use.
-- Gnome-keyring README
Hpenc is a fast encryption command line tool with the following features:
* Authenticated encryption - your data cannot be forged or corrupted without
detection.
* Parallel processing - hpenc uses block IO and you can process multiple blocks
simultaneously, which is extremely useful if you have multi-core environment.
* Strong ciphers - hpenc uses the state-of-art aes-gcm and chacha20 ciphers
* Easy interface
* Hardware acceleration - hpenc can utilize all its
advanced cryptography functions defined for AES-NI and PCLMULQDQ instructions
(that must be supported by openssl). For those with old or embedded CPU (such
as ARM), hpenc provides portable and fast chacha20 cipher.
* Simple key management
* Secure random numbers generator - hpenc can work as pseudo-random numbers
generator. In a set of standard tests (diehard) on the generated sequences
hpenc generates secure sequences of pseudo-random numbers on a very high
speed (gigabytes per second).
NCrypt is intended to give you security in an insecure environment.
If you are wanting to encrypt files (particularly on a multi-user
system where you don't have root), wishing to hide your activites
from prying eyes, and want to "cover your tracks", then NCrypt is
for you. It is a symmetrical file encryptor/decryptor that gives
you the choice of the top three candidates for AES as the encryption
algorithm (Rijndael, Serpent, Twofish), tries to minimize exposure
of the plaintext password in memory, and can safely erase the
plaintext version from the hard drive. It compiles without any extra
crypto libraries, making it ideal for systems where you just have
a compiler and basic libraries (such as an ISP's shell server).
This module is a Perl-only implementation of the ECB mode. In
combination with a block cipher such as DES, IDEA or Blowfish, you can
encrypt and decrypt messages of arbitrarily long length. Though for
security reasons other modes than ECB such as CBC should be preferred.
See textbooks on cryptography if you want to know why.
The functionality of the module can be accessed via OO methods or via
standard function calls. Remember that some crypting module like for
example Blowfish has to be installed. The syntax follows that of
Crypt::CBC meaning you can access Crypt::ECB exactly like Crypt::CBC,
though Crypt::ECB is more flexible. For example you can change the key
or the cipher without having to create a new crypt object.
This module implements Ueli Maurer's algorithm for generating large
provable primes and secure parameters for public-key cryptosystems.
The generated primes are almost uniformly distributed over the set of
primes of the specified bitsize and expected time for generation is
less than the time required for generating a pseudo-prime of the same
size with Miller-Rabin tests. Detailed description and running time
analysis of the algorithm can be found in Maurer's paper[1].
Crypt::Primes is a pure perl implementation. It uses Math::Pari for
multiple precision integer arithmetic and number theoretic functions.
Random numbers are gathered with Crypt::Random, a perl interface to
/dev/u?random devices found on modern Unix operating systems.
arpCounterattack is a program for detecting and remedying "ARP attacks." It
monitors traffic on any number of Ethernet interfaces and examines ARP replies
and gratuitous ARP requests. If it notices an ARP reply or gratuitous ARP
request that is in conflict with its notion of "correct" Ethernet/IP address
pairs, it logs the attack if logging is enabled, and, if the Ethernet
interface that the attack was seen on is configured as being in aggressive
mode, it sends out a gratuitous ARP request and a gratuitous ARP reply with
the "correct" Ethernet/IP address pair in an attempt to reset the ARP tables
of hosts on the local network segment. The corrective gratuitous ARP request
and corrective gratuitous ARP reply can be sent from an Ethernet interface
other than the one that the attack was seen on.
BeeCrypt is an open source cryptography library that contains highly
optimized C and assembler implementations of many well-known algorithms
including Blowfish, MD5, SHA-1, Diffie-Hellman, and ElGamal. Unlike
some other crypto libraries, BeeCrypt is not designed to solve one
specific problem, like file encryption, but to be a general purpose
toolkit which can be used in a variety of applications.
The BeeCrypt library currently includes:
- Entropy sources for initializing pseudo-random generators
- Pseudo-random generators: FIPS-186, Mersenne Twister
- Block ciphers: Blowfish
- Hash functions: MD5, SHA-1, SHA-256
- Keyed hash functions: MD5/HMAC, SHA-1/HMAC, SHA-256/HMAC
- Multi-precision integer library, with assembler-optimized routines
- Probabilistic primality testing, with optimized small prime trial
division
- Discrete logarithm parameter generation over a prime field
- Diffie-Hellman key agreement
- DHAES encryption scheme
- ElGamal signature scheme (two variants)
- Basic RSA primitives and key pair generation
Crypt::xDBM_File encrypts/decrypts the data in a gdbm, ndbm, sdbm (and
maybe even berkeleyDB, but I didn't test that) file. It gets tied to a
hash and you just access the hash like normal. The crypt function can
be any of the CPAN modules that use encrypt, decrypt, keysize, blocksize
(so Crypt::IDEA, Crypt::DES, Crypt::Blowfish, ... should all work)
***IMPORTANT*** Encryption keys (the key you pass in on the tie line)
will be padded or truncated to fit the keysize(). Data (the key/values of
the hash) is padded to fill complete blocks of blocksize().
The padding is stripped before being returned to the user so you shouldn't
need to worry about it (except truncated keys). Read the doc that comes
with crypt function to get an idea of what these sizes are. If keysize
or blocksize returns a zero the default is set to 8 bytes (64 bits).
This is an alpha release of a PGP module for Perl5.This module will allow
for an easy interface to both Phil Zimmermann'sPGP (v2.6.2) program and the
international version of PGP (v2.6.2i).
PGP.pm will allow you to sign, encrypt (w/signature), decrypt and perform
key management. The only requirement being that you alreadyhave PGP
installed on your system to utilize this module.There are sure to be many
changes in the structure of this module overthe next couple of months--at
least until a standard interface is acheived.
If you find this module useful and wish to see future developments of it,
the contribute to Phil Zimmermann's legal defense fund. Ifyou don't know
anything about the government's attempt to wrongfully prosecute Phil, then
go to Yahoo and search for "Zimmermann." After reading for a little while,
you will be wondering how the governmentis getting away with it's criminal
act.
The Heartbeat program is one of the core components of the Linux-HA
(High-Availability Linux) project. Heartbeat is highly portable,
and runs on every known Linux platform, and also on FreeBSD and
Solaris. Ports to other OSes are also in progress.
Heartbeat is the first piece of software which was written for the
Linux-HA project. It performs death-of-node detection,
communications and cluster management in one process.
The Heartbeat program has been around for a while. It has a great
many strengths, and yet there were a few weaknesses in version 1
that needed to be addressed:
- limitation on two nodes for cluster size
- inability to monitor resources for their correct operation
- minimal ability to express dependency information
This release removes these limitations.