Security software house Baltimore Technologies Ltd of Dublin, Ireland is shipping what it claims is the first commercial cryptography library written entirely in Java, J/Crypto. The company says that cryptography is essential for Java developers wishing to add confidentiality, authentication and validation of any form of data to their applications. J/Crypto was developed by Baltimore’s own cryptographers and Java crypto engineers. According to the company, the task was not made any easier by what it describes as Java’s potential memory management and virtual memory systems security weakness. Secret keys and other sensitive data are claimed to be undetectable by other applications as a result of its ‘obfuscation class’. J/Crypto includes a range of Java classes including multi-precision arithmetic modules, cryptographically secure pseudo-random number generation, RSA key generation and encryption, SHA-1 and MD5 hashing, and DES and Triple-DES encryption. It plugs into the JCA Java Crytography Architecture and will comply with Sun Microsystems Inc’s JCE Java Cryptography Extension. An implementation for the Secure Sockets Layer is set for a future release.
