OpenSignature is a project for the digital signature of documents. It works with all cards supported by OpenSC, and focuses on adding support for cards from accredited Italian CAs. The goal is to provide the first single product capable of supporting cards from multiple vendors/countries. This contrasts the approach taken by card vendors/providers whose software follows an exclusive single-vendor approach. OpenSignature attempts to make a major contribution to interoperability in the digital signature domain, and aims to greatly facilitate the setup of public access points that are currently the objective of several projects in Italy.
FastFlex is a cryptographic function, which uses a new approach to construct a secure cryptographic function which performs quite fast on processors of varying word length and architectures. FastFlex uses only four basic operations, word additions, word XORs, word rotations, and word multiplications, found in instruction sets of almost all processor architectures. FastFlex also has a manageable internal state size of 256 bits. A single 1KB s-box is used. The function accepts 8 words as inputs and as output produces 8 words.
Trustix™ Enterprise Firewall is a WYSIWYG firewall for iptables. It provides drag and drop security policy deployment and allows you to visualise DMZs, integrate branch offices with 3DES encrypted VPN tunnels, accelerate Internet access times with proxy caching server, and authenticate remote workers with PKI X.509 certificates. The unique GUI also allows you to manage traffic for all your zones (up to 24) as well as port forwarding and network address translation (NAT).
Password Manager Daemon serves clients data via a Unix domain socket or over a remote TLS connection. The data is stored in an (optionally) encrypted XML file, and the client must provide the key to modify it. It has the option to use gpg-agent for key management (including smartcards). It is multi-threaded, allowing more than one client to be connected at the same time. Key retrieval may be done via a key file or a pinentry program. A key cache is used, so a client won't need to enter a passphrase each time one is required. It is very configurable. Libpwmd is also available as a separate project and is a library making it easy for applications to use Pwmd.
Raiden is an extremely lightweight and fast block cipher, developed using genetic programming. Its aims are to be simple enough to be remembered by heart and to be compact, highly portable, and light enough to be implemented in resource constrained environments. It was developed with the intention of being an alternative to TEA, with the same speed and without any of its known weaknesses.
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
OpenXPKI is a Web and CLI-based enterprise-grade PKI/trust center system (X509 public key infrastructure) complete with CA, Web interfaces, offline support, and support for well established infrastructure components like RDBMS and Hardware Security Modules. Flexibility and modularity are the project's key design objectives. Unlike many other PKI solutions, it offers powerful features necessary for professional environments. However, small scale installations are also targeted by providing quick-start configuration examples that allow you to get a usable PKI running quickly.