SKCE Features

Home

Features

Main

Information

Other

SKCE Features

The StrongKey CryptoEngine^TM (SKCE) has the following features. It:

Is a Simple Object Access Protocol (SOAP)-based web-service riding atop HTTPS; (view the WSDL and the XSD);

Runs on any platform where Sun/Oracle Java (JDK6U27 at the time of writing) is supported - Windows, Linux, Solaris, OS-X, etc.;

Works with AWS S3, Azure and Eucalyptus Walrus cloud-storage;

Escrows/retrieves encryption keys to/from the StrongAuth KeyAppliance^TM which is a secure "black-box" appliance on the network that provides encryption, tokenization and key-management services for structured data-objects. Note that the default implementation of the SKCE requires a KeyAppliance on your network to work. However, you can modify the SKCE core to use another key-management service if you choose to;

Supports the use of AES and Triple-DES algorithms to encrypt data - the choice can be made through a property setting or requested dynamically in the web-service request; the default is the AES algorithm, using a 256-bit key with Cipher Block Chaining (CBC) and ISO10126 padding;

Supports the use of SHA1, SHA256, SHA384 and SHA512 digest algorithms - the default is SHA256;

Encrypts/decrypts at the rate of one (1) gigabyte per minute; the test machine was a physical box with an AMD Opteron Quad-Core CPU at 2.6 Ghz with 4GB of DRAM at 1333 Mhz. Your mileage may vary based on your machine's speed and capabilities;

Uses the W3C XMLEncryption standard to store meta-data about cryptographic information making it completely portable;

Can be integrated to a FIPS 140-2 Hardware Security Module (HSM) for faster cryptographic processing; default implementation uses CPU and main memory for encryption/decryption;

Authenticates and authorizes user-requests against an LDAP-based directory - either Active Directory or OpenDS; but, it can, technically, be configured to work with almost any LDAP-based directory service;

Includes free Java client programs to use the core-engine directly, and to use the web-service;

Does not maintain state, other than logs and temporary files; no encryption keys or unencrypted files are stored locally after the request is completed;

Download and try it today!