Roll Your Own Crypto Services (Using Open Source and Free Cryptography)

This paper surveys the open source software available to secure the most common applications: email and file encryption, web access and server oriented services, IPsec and VPNs, and finally, remote session encryption. We first give an overview of the software available, and what platforms it runs on. Second, we address how to provide the resources assumed by the securing application, such as a source of unpredictable bits to use as keys, and to use to generate public key parameters such as an RSA modulus. We find that the open source cryptographic software community has produced applications that fill most every need, and, indeed, that there are GIAC student papers detailing how to solve a wide variety of problems creatively with this software. However, we also find that choosing and implementing cryptographic packages requires attention to the details, such as the protocol version to implement, the random number source, and recent cryptographic breakthroughs.