RFC 2015 defines a proposed Internet standard for sending PGP-encrypted email. This PGP/MIME has been incorporated into several MUAs such as Mutt and (with the AEGYPTEN project) KMail. However, a lot of email clients still don't support it. pgp-mime-handler can decrypt/verify such messages via a pipe, so it can be used as an email filter in many programs or scripts.
Come And Go Encryption (CAG) is a simple program to encrypt files with a special key. This key is a random garbage file, and it is XOR-ed with the file to render it unusable by normal methods. It uses the principle of the one-time pad, but it is not unbreakable. It can stream the decrypted file to STDOUT for use in pipes (i.e., mplayer movie viewing, xv image viewing, etc.).
GPGlist is a Perl script to implement gpg encrypted alias lists in a mail server such as Sendmail or Postfix. It uses one XML config file to store information about lists. It backs up messages if an error occours, and sends out error messages to the sender of the mail. You can decide whether or not a list only accepts encrypted messages.
OpenXPKI is a Web and CLI-based enterprise-grade PKI/trust center system (X509 public key infrastructure) complete with CA, Web interfaces, offline support, and support for well established infrastructure components like RDBMS and Hardware Security Modules. Flexibility and modularity are the project's key design objectives. Unlike many other PKI solutions, it offers powerful features necessary for professional environments. However, small scale installations are also targeted by providing quick-start configuration examples that allow you to get a usable PKI running quickly.
Crypt::IDA is a Perl module that implements Rabin's Information Dispersal Algorithm. This is what's known as a "threshold system": a secret is divided into n shares with the property that any k (the "quorum" or "threshold") of those shares (with k <= n) can be combined at a later time to reconstruct the secret. The algorithm should be cryptographically secure in the sense that if fewer shares than the quorum k are presented, no information about the secret is revealed. The module uses Math::FastGF2 to efficiently implement the algorithm, making it suitable for securely sharing and distributing even large files. The Crypt::IDA::ShareFile module implements a file format for creating, storing, and distributing shares created with Crypt::IDA.
Caume Data Security Engine is a REST API platform for storing and processing files in uncontrolled environments. It provides a Free Software solution which allows the creation of reasonably secure and isolated workspaces to process and store sensitive data within uncontrolled environments. With concepts such as "the cloud" and "bring your own device", as well as an increasing demand for mobile devices, it has become clear that the way in which companies operate is changing dramatically, and, with it, the way in which we secure information and the infrastructure which supports business processes. CaumeDSE has been designed as a service platform which provides security to data by using free, well-known, and robust cryptographic software, as well as open and simple data structures and interfaces to make portability and extensibility easy.
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, lots of other hashes and ciphers are added in the community-enhanced version (-jumbo), and some are added in John the Ripper Pro.
Owl (Openwall GNU/*/Linux) is a small security-enhanced Linux distribution for servers. Owl also makes a good base system for customized virtual machine images and embedded systems, and Owl live CDs with remote SSH access are good for recovering or installing systems (whether with Owl or not). A single Owl CD includes the full live system, installable packages, the installer program, as well as full source code and the build environment capable of rebuilding the entire system from source. Owl supports multiple architectures (x86, x86-64, SPARC, and Alpha) and offers some compatibility for packages developed for other Linux distributions. The primary approaches to security are proactive source code review, privilege reduction, privilege separation, careful selection of third-party software, safe defaults, and "hardening" to reduce the likelihood of successful exploitation of security flaws.
The Open-Transactions project is a collaborative effort to develop a robust, commercial-grade, fully-featured, free-software toolkit implementing a full-strength financial cryptography library, API, CLI, and prototype server. Open-Transactions democratizes financial and monetary actions. You can use it for issuing currencies/stock, paying dividends, creating asset accounts, sending/receiving digital cash, writing/depositing cheques, cashier's cheques, creating basket currencies, trading on markets, scripting custom agreements, recurring payments, escrow, etc. Strong crypto is used. Balances are unchangeable (even by a malicious server). Receipts are destructible and redundant. The transactions are unforgeable. The cash is untraceable. The cheques are non-repudiable.
gpgdir is a script that encrypts and decrypts directories using a GPG key specified in ~/.gpgdirrc. It supports recursively descending through a directory in order to make sure it encrypts or decrypts every file in a directory and all of its subdirectories. All file mtime and atime values are preserved across encryption and decryption operations. In addition, gpgdir is careful not to encrypt hidden files and directories.