<iframe src="//www.googletagmanager.com/ns.html?id=GTM-KXSCJR" height="0" width="0" style="display:none;visibility:hidden">

A new, free cryptography service for developers

Kunal Anand on Feb 18, 2015

keys

A recent Wall Street Journal article outlines that health insurer Anthem did not encrypt its data and that this was one of the major factors resulting in the very public theft of masses of personal identifiable information (PII).

There has been some discussion around the method of penetration with stolen credentials meaning that the value of encryption would have been nullified.  Without knowing the details, I don’t feel qualified to reach a conclusion on that but it seems hard to fathom that a single user would have had access to the keys to decrypt everything.

It’s clear in talking with application development and security teams across various large enterprises that encryption is hard. Actually, let me correct that: encryption itself might not be so difficult, but standardizing encryption across multiple developers, in multiple teams, using multiple programming languages can be seriously error prone and introduce unnecessary risk.

A developer ultimately has to weigh the merits of various algorithms, select a particular algorithm, ensure its implementation is verifiably correct and pass the correct arguments for execution. 

This, combined with the realization that the average developer is unlikely to be aware of exactly how cryptographic functions actually work, has resulted in secure information not being properly encrypted or data breaches exposing plain-text passwords.  

In the words of Jamil Farshchi, CISO of Time Warner:

“…a key challenge to realizing the value of encryption is standardizing the implementation and use of cryptographic functions across the entire suite of business applications.”

Prevoty’s runtime monitoring and protection service makes extensive use of cryptography and we are announcing today that we will make our cryptography service available to developers everywhere for free.  

The Prevoty Cryptography Service (PCS) provides applications a cloud interface with the ability to simply encrypt, decrypt, hash, and generate keys and random numbers in a manner that is both secure and verifiable. 

Instead of becoming security experts, developers can trust that the supported cryptographic functions within PCS are always maintained and updated with the latest security guidance. 

Applications developed in C#, Go, Java, node.js, PHP, Python and Ruby can take advantage of this service by including the appropriate Prevoty SDK and invoking the desired functions.

PCS allows developers to:

  • Hash content via MD4, MD5, SHA1, SHA224, SHA256, SHA384, SHA512 and RIPEMD-160
  • Encrypt and decrypt strings via AES and Triple DES with various modes (CBC, CFB, CTR, OFB, etc.)
  • Generate a private key/public key pair using RSA and EC-DSA
  • Sign and verify messages via the RSA-PSS, RSA-PKCS, EC-DSA algorithms
  • Generate random numbers

To reduce complexity, PCS has pre-built aliases for developers to accurately hash passwords and encrypt content without having to specify an encryption key, cipherkey or initialization vector. 

We sincerely hope that this initiative will improve the consistency and efficacy of cryptography in applications and lead to fewer opportunities for hackers to access unencrypted data.

If you are a developer and would like to get access to the Prevoty Cryptography Service for free, just sign up here.


Back to blog





Kunal Anand

Kunal Anand is the co-founder and CTO of Prevoty, a next-generation web application security platform. Prior to that, he was the Director of Technology at the BBC Worldwide, overseeing engineering and operations across the company’s global Digital Entertainment and Gaming initiatives. Kunal also has several years of experience leading security, data and engineering at Gravity, MySpace and NASA’s Jet Propulsion Laboratory. His work has been featured in Wired Magazine and Fast Company. He continues to develop the patented security technologies that power Prevoty’s core products. Kunal received a B.S. from Babson College.

Find me on:

Topics: Feature Updates