News

Encryption Made Easy with New Security Library

9Rays.Net releases new encryption security library.

In a perfect world, hackers could be locked out of business applications through rigorous secure development practices. In the real world, though, it makes sense to also build encryption functionality into apps to protect sensitive data and intellectual property -- just in case.

Obfuscation vendor 9Rays.Net Inc. aims to make the job easier for developers with a new cryptographic toolkit released recently. The CryptoSharp security library will include the standard crypto-suite ciphers and hash functions, but goes further by including modular, high-level functionality that developers can plug directly into their apps, says Mark Sochan, a business development consultant working with 9Rays.

Ready-to-Use
The company's headquarters is in Virginia, but its development offices are in Russia and Ukraine. 9Rays was formed in 2001 and initially sold obfuscation technology to help protect .NET source code from malicious de-compiling. That technology, the Spices.Net suite, is still its flagship product. But 9Rays founder Victor Victorov later saw the need for a better encryption security library based on the company's own internal development work, Sochan says.

"Most of the cryptographic libraries on the market offer a hodgepodge of stuff: secret-key encryption, public-key encryption and some compression components. The problem is that typical libraries offer rather low-level components so the developer still has to do a lot of work to convert them into real applications," Sochan says.

9Rays' approach is to provide complete cryptographic functionality modules ready for use in applications without much additional coding, such as password dialogues and encrypted storage capabilities, he says.

No Consistency
While that approach likely will be helpful for developers, Gartner Inc. analyst Eric Ouellet argues that enterprises are crying out for a fully integrated, top-to-bottom system of encryption technology for everything from apps to databases. As it stands, some enterprises have to juggle a number of different encryption products and keep up with their respective keys.

"It's kind of tricky for developers because there are nice tools that allow you to leverage all this stuff in many ways, but there's no consistency," Ouellet says, later adding, "It's hard to come up with a standard policy of how to manage cryptography and how to manage keys."

The work that's been done on standardizing the process largely has been undermined by the major vendors' reluctance to open up their technology to be managed by competitors' products. "No one's willing to expose their own API," Ouellet says. "It's kind of a useless standard."

A public beta of CryptoSharp is available for download now at the 9Rays Web site, and the company was expected at press time to begin selling the first official release of the security library sometime this month for $395.
comments powered by Disqus

Featured

  • Compare New GitHub Copilot Free Plan for Visual Studio/VS Code to Paid Plans

    The free plan restricts the number of completions, chat requests and access to AI models, being suitable for occasional users and small projects.

  • Diving Deep into .NET MAUI

    Ever since someone figured out that fiddling bits results in source code, developers have sought one codebase for all types of apps on all platforms, with Microsoft's latest attempt to further that effort being .NET MAUI.

  • Copilot AI Boosts Abound in New VS Code v1.96

    Microsoft improved on its new "Copilot Edit" functionality in the latest release of Visual Studio Code, v1.96, its open-source based code editor that has become the most popular in the world according to many surveys.

  • AdaBoost Regression Using C#

    Dr. James McCaffrey from Microsoft Research presents a complete end-to-end demonstration of the AdaBoost.R2 algorithm for regression problems (where the goal is to predict a single numeric value). The implementation follows the original source research paper closely, so you can use it as a guide for customization for specific scenarios.

  • Versioning and Documenting ASP.NET Core Services

    Building an API with ASP.NET Core is only half the job. If your API is going to live more than one release cycle, you're going to need to version it. If you have other people building clients for it, you're going to need to document it.

Subscribe on YouTube