Encryption Algorithms
Over the last few months the project has developed an implementation of IDTrans which depends on two encryption algorithms. Those are Rijndael (AES) and RSA. We may add other algorithms as required, such as a signing algorithm.

The reason we currently use only two algorithms is simplicity. Adding further algorithms would make the system more complex, but not add anything to the security. Also included on this page is a Specification, now in draft number 2. This provides more detail about the specific implementation being used. This page also provides information about other algorithms under consideration.
Why do we need encryption?
  • Prevent unauthorized interception of business documents.
  • Prevent unauthorized alterations to business documents.
  • Provide a means to ensure business documents are geniune.
    •
    Requirements
  • Since the project will be Open Source, ideally the Encryption Algorithms used should not be patented.
  • There should be existing libraries for working with the Algorithms, ideally Open Source libraries for the supported languages (Delphi, C, C++, Java).
  • They should be cryptographically well known and trusted.
    •
    Secure Email Specification
    The Secure Email Specification is the current incarnation of a description of the implementation we are currently working towards. It includes the use of Rijndael and RSA.

    Secure Email Specification - version 2
    AES - Rijndael
    In October 2000 the Advanced Encryption Standard was announced in the US by the National Institute of Standards and Technology. The winning encryption algorithm was Rijndael. The Rijndael developers are Belgian cryptographers Joan Daemen and Vincent Rijmen (pronounced Rye'-mun) of Katholieke Universiteit Leuven.

    Rijndael does not have any patents against it or any of the optimized maths required to implement it. It stacks up well against other algorithms in performance, security and scaleability. It has implementations written in at least C, Java and Delphi, all of which are now public domain or shareware.
    Blowfish / Twofish
    Blowfish and Twofish are fast and it is not patented. It is also supported by Open Source libraries already, including Java, Delphi, C++, and C. It is not as old as some more well known systems however. Twofish is a more modern version of Blowfish. I have found free implementations of Blowfish in Java, C, C++, and Delphi.
    MD5
    MD5 is one of the most common hash functions available. It is also very widly implemented in libraries, including Open Source Libraries. I have found implementations of MD5 in C, C++, Delphi and Java.
    ElGamel
    ElGamel is a Public Key Algorithm. It is not patented, which makes it attractive. It has been implemented in C++, Delphi and Java, but the Java code to this is still not stable.
    Elliptic Curve
    Elliptic Curve is a another Public Key Algorithm. Like Elgamel, it is not patented. There is an implementations available in C, C++, Delphi and Java.
    RSA
    RSA is currently the most popular form of public key cryptography. This algorithm was patented until September 2000 when it was released into the Public Domain. There are many implementations of RSA for most languages.
    Home