CIPE (Crypto IP Encapsulation) is an ongoing project to build encrypting IP routers. The protocol used is as lightweight as possible. It is designed for passing encrypted packets between prearranged routers in the form of UDP packets. This is not as flexible as IPSEC but it is enough for the original intended purpose: securely connecting subnets over an insecure transit network.
Charon simplifies reselling Internet access via WiFi access points. It installs onto Linksys, ASUS, and other common WiFi access points and manages automatic price and access negotiation with local wireless customers, charging them via the mikolaj.cx micropayment system. Deposits are accepted via either cash or credit card. It will ultimately provide secure and fraud-resistant access by utilizing cash-like settlement, reputation tracking, and PKI-based non-repudiable contracts, to protect both the end-user and the access provider.
The CyaSSL embedded SSL library is a lightweight SSL library written in ANSI C and targeted for embedded and RTOS environments, primarily because of its small size, speed, and feature set. It is commonly used in standard operating environments and cloud services as well because of its royalty-free pricing and excellent cross platform support. CyaSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers such as HC-128, RABBIT, and NTRU.
FSFS is a secure, distributed, scalable, user-space file system that exports existing directories securely over the network, letting users store and retrieve encrypted data in a transparent way. FSFS is written as a pair of user space daemons that act as clients and servers. Servers export an existing file system (of virtually any kind) to clients over the network.
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP, TCP, HTTP, HTTPS, or direct 802.11 (WLAN). GNUnet supports accounting to provide contributing nodes with better service. The services built on top of the framework include anonymous file sharing and a virtual network providing IPv4-IPv6 transition via protocol translation over the P2P network.
gSTM, the Gnome SSH Tunnel Manager, is a front-end for managing SSH-tunneled port redirects. It stores tunnel configurations in a simple XML format. The tunnels, with local and remote port redirections, can be created, deleted, modified, and individually started and stopped through one simple interface. It is useful for anyone wanting to securely access private services over an encrypted tunnel.