.svg){kind=icon}
open-source cryptographic APIs.
Welcome to the home of the Legion of the Bouncy Castle and its FIPS-certified open-source cryptographic APIs for Java and C#.
a simple protocol for decentralizing social media that has a chance of working.
a truly censorship-resistant alternative to Twitter that has a chance of working.
A better internet is possible: decentralize Twitter, eBay, IoT and other stuff.
Smart-client/dumb-server architecture that can create the free and open internet we were promised.
Send private and secure notes.
Enclosed is a minimalistic web application designed for sending private and secure notes.
All notes are end-to-end encrypted, ensuring that the server and storage have zero knowledge of the content. Users can set a password, define an expiration period (TTL), and choose to have the note self-destruct after being read.
Related contents:
A free, fun platform for learning cryptography.
Learn about modern cryptography by solving a series of interactive puzzles and challenges. Get to know the ciphers and protocols that secure the digital world by breaking them.
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis.
CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.
Sigstore is an open source project for improving software supply chain security. The Sigstore framework and tooling empowers software developers and consumers to securely sign and verify software artifacts such as release files, container images, binaries, software bills of materials (SBOMs), and more. Signatures are generated with ephemeral signing keys so there’s no need to manage keys. Signing events are recorded in a tamper-resistant public log so software developers can audit signing events.
Related contents:
Baatchit MERN end-to-end-encrypted realtime chat application with features like message reactions, typing-indicators, friend request, last seen, file/gif sharing, edit/delete messages, polling, group chats, user active status, push notifications, pwa, private key recovery, google-auth, otp-verification
CryptPad is a collaborative office suite that is end-to-end encrypted and open-source.
CryptPad is a collaboration suite that is end-to-end-encrypted and open-source. It is built to enable collaboration, synchronizing changes to documents in real time. Because all data are encrypted, in the eventuality of a breach, attackers have no way of seeing the stored content. Moreover, if the administrators don’t alter the code, they and the service also cannot infer any piece of information about the users' content.
Related contents:
Universal identity control plane for distributed systems. SPIFFE and SPIRE provide strongly attested, cryptographic identities to workloads across a wide variety of platforms.
SPIFFE and SPIRE provide a uniform identity control plane across modern and heterogeneous infrastructure. Since software and application architectures have grown substantially, they are spread across virtual machines in public clouds and private data centers. Security models for the organizations that manage them must keep up with these infrastructure technologies. And this is where SPIFFE and SPIRE come in. With SPIFFE/SPIRE, developers and operators can build software using new infrastructure technologies, while allowing security teams to step back from time-consuming security processes.
Tang binding daemon.
Tang is a server for binding data to network presence.
This sounds fancy, but the concept is simple. You have some data, but you only want it to be available when the system containing the data is on a certain, usually secure, network. This is where Tang comes in.
Automated Encryption Framework
Clevis is a pluggable framework for automated decryption. It can be used to provide automated decryption of data or even automated unlocking of LUKS volumes.
- Clevis/Tang: unattended boot of an encrypted NixOS system @ FOSDEM.
- Clevis & Tang on NixOS.
- Safe automatic decryption of LUKS partition using TPM2 @ 221b.
- Automatic LUKS 2 disk decryption with TPM 2 on Fedora @ kowalski7cc.
- Automatically decrypt your disk using TPM2 @ fedora Magazine.
- Use systemd-cryptenroll with FIDO U2F or TPM2 to decrypt your disk @ fedora Magazine.
- Episode 572: Data Security Only a Maniac Could Love @ Linux Unplugged.
snarkOS is a decentralized operating system for zero-knowledge applications. This code forms the backbone of Aleo network, which verifies transactions and stores the encrypted state applications in a publicly-verifiable manner.
A fork of Mozilla's Firefox Send.
Mozilla discontinued Send, this fork is a community effort to keep the project
up-to-date and alive.
Related contents:
Private cloud for your photos, videos and more. Fully open source, End to End Encrypted alternative to Google Photos and Apple Photos.
Ente is a service that provides a fully open source, end-to-end encrypted platform for you to store your data in the cloud without needing to trust the service provider. On top of this platform, we have built two apps so far: Ente Photos (an alternative to Apple and Google Photos) and Ente Auth (a 2FA alternative to the deprecated Authy).
File sharing made easy.
MicroBin is a feature rich, performant and secure text and file sharing web application, a "paste bin". Imagine cloud storage, but simpler, and with cool features like URL redirection, automatic file expiry , raw file serving support and 3 possible levels of encryption.
SeaweedFS is a fast distributed storage system for blobs, objects, files, and data lake, for billions of files! Blob store has O(1) disk seek, cloud tiering. Filer supports Cloud Drive, cross-DC active-active replication, Kubernetes, POSIX FUSE mount, S3 API, S3 Gateway, Hadoop, WebDAV, encryption, Erasure Coding.
Botan (Japanese for peony flower) is a C++ cryptography library released under the permissive Simplified BSD license.
Botan’s goal is to be the best option for cryptography in C++ by offering the tools necessary to implement a range of practical systems, such as TLS protocol, X.509 certificates, modern AEAD ciphers, PKCS#11 and TPM hardware support, password hashing, and post quantum crypto schemes. A Python binding is included, and several other language bindings are available. The library is accompanied by a featureful command line interface.
Open source & zero knowledge private note taking app.
Open source. End-to-end encrypted.Private. Write notes with freedom, no spying, no tracking.
A fully open source & end-to-end encrypted note taking alternative to Evernote.
Notesnook is a free (as in speech) & open-source note-taking app focused on user privacy & ease of use. To ensure zero knowledge principles, Notesnook encrypts everything on your device using XChaCha20-Poly1305 & Argon2.
Sha256 algorithm explained online step by step visually.
Sha256 algorithm explained online step by step visually sha256algorithm.com This website will help you understand how a sha256 hash is calculated from start to finish.