CryptoXpress SDK

by CFXWorks - Product Type: Component / Java Class

Screenshot of CryptoXpress SDK - Java Class - V9.0Commercial grade, strong encryption SDK for Java programmers. CryptoXpress SDK is a Java toolkit that can be used to custom develop application layer cryptography solutions offering “strong encryption”, message digests (digital signatures), and several industry specific security features. The CryptoXpress SDK produces compatible results across many platforms including Windows, Linux (Red Hat and SUSE), HPUX, Solaris, and IBM’s xSeries, pSeries, zSeries and iSeries. Implementation of the supported cryptography algorithms is verified using test vectors published by the National Institute of Standards and Technology (NIST). The cross platform capabilities of CryptoXpress SDK allow users to encrypt data on any supported platform and decrypt it on any supported platform.

From
$2,401.00
Price in

Our regular prices are shown below. Please logon to see your discounted prices.

CryptoXpress SDK V9.0

Add to Cart $ 2,401.00 1 Developer License Verify Download (2.5 MB)
Add to Cart $ 798.70 Additional Developer License Verify Download (2.5 MB)
Add to Cart $ 480.20 Annual Developer Support License Verify Download (29 KB)

This product is available on the GSA Pricing ScheduleOur prices include ComponentSource technical support and, for most downloadable products, an online backup and a FREE upgrade to the new version if it is released within 30 days of your purchase.  All sales are made on our standard Terms and Conditions and subject to our Return Policy. Please contact us if you require any licensing option not listed above including volume licensing and previous versions.

Our regular prices are shown above. Please logon to see your discounted prices.

CryptoXpress SDK is a Java toolkit that can be used to custom develop application layer cryptography solutions offering “strong encryption”, message digests (digital signatures), and several industry specific security features. The CryptoXpress SDK produces compatible results across many platforms including Windows, Linux (Red Hat and SUSE), HPUX, Solaris, and IBM’s xSeries, pSeries, zSeries and iSeries. Implementation of the supported cryptography algorithms is verified using test vectors published by the National Institute of Standards and Technology (NIST). The cross platform capabilities of CryptoXpress SDK allow users to encrypt data on any supported platform and decrypt it on any supported platform. CryptoXpress SDK also supports several credit card security features including Luhn Formula Validation and card number masking. The LUHN formula is used to validate and verify the accuracy of credit-card numbers. CryptoXpress SDK also provides a method that masks credit card numbers for display consistent with The Payment card Industry/Cardholder Industry Security Standards (PCI/CISP). For example, only the last four digits of the account number can be displayed. CryptoXpress SDK provides a function that correctly masks this data. CryptoXpress SDK provides a HTTP gateway to the United States Postal Service’s Address Information APIs. Companies that use the USPS for shipping merchandise can use these APIs to validate address information or to complete incomplete address information. The service is useful in reducing fraud, improving customer service, eliminating shipping errors and reducing the cost of processing customer orders.

The cryptography algorithms supported include:

Multiple “strong encryption” encryption/decryption algorithms support:

  • TripleDES
  • AES 128-bit
  • AES 256-bit

Multiple message digest algorithms support:

  • MD5
  • SHA1
  • HMACMD5
  • HMACSHA1

Since there are thousands of possible ways to deploy encryption, CryptoXpress SDK simplified the selection process by reducing the selection to six “preferred” combinations:

  • AES128/PKCS5Padding/ECB                   128-bit encryption
  • AES256/PKCS5Padding/ECB                   256-bit encryption
  • AES128/PKCS5Padding/CBC                  128-bit encryption
  • AES256/PKCS5Padding/CBC                  256-bit encryption
  • TripleDES/PKCS5Padding/ECB                effectively 112-bit encryption
  • TripleDES/PKCS5Padding/CBC                effectively 112-bit encryption

CFXWorks recommends the use of AES encryption where there is a need to deploy “strong encryption”. The reasoning is as follows. On May 19, 2005, NIST announced the withdrawal of the (single) Data Encryption Standard (DES) as specified in FIPS 46-3. DES no longer provides the security that is needed to protect Federal government information. Federal government organizations are now encouraged to use FIPS 197, Advanced Encryption Standard (AES), which specifies a faster and stronger algorithm. For some applications, Federal government departments and agencies may use the Triple Data Encryption Algorithm (Triple DES) as specified in NIST Special Publication 800-67. Triple DES is also supported by CryptoXpress SDK. Although thought to be considerably less secure than even AES 128-bit encryption, Triple DES is still commonly used in some industries.

The NIST published test vectors for the following modes of operation. Therefore CryptoXpress also supports these additional modes but does not recommend their use for production environments.

  • AES128/NoPadding/ECB                         128-bit encryption
  • AES256/NoPadding/ECB                         256-bit encryption
  • AES128/NoPadding/CBC                         128-bit encryption
  • AES256/NoPadding/CBC                         256-bit encryption

CryptoXpress SDK also supports several credit card security features including Luhn Formula Validation and card number masking. The LUHN formula (also known as the Modulus 10 or Mod 10 algorithm) is used to generate, validate and verify the accuracy of credit-card numbers. CryptoXpress SDK provides a function that validates that a value passed to the function passes the Luhn formula test. The Payment card Industry/Cardholder Industry Security Standards (PCI/CISP) require that credit card numbers be masked when they are displayed. For example, only the last four digits of the account number can be displayed. CryptoXpress SDK provides a function that correctly masks this data. CryptoXpress SDK supports the following credit card industry processing functions:

LUHN formula (Mod 10) validation The LUHN formula, created in the late 1960s by a group of mathematicians, was adopted by credit card companies shortly thereafter. Because the algorithm is in the public domain, it can be used by anyone. The LUHN formula (also known as the Modulus 10 or Mod 10 algorithm) is used to generate, validate and verify the accuracy of credit card numbers. Almost all institutions that create and require unique account or identification numbers use the Mod 10 algorithm. For example, the LUHN formula is widely used to validate many different forms of account numbers. CryptoXpress SDK provides a function that validates whether or not a value passed to the function passes the Luhn formula test.

Account number masking as per credit card processing industry standards The Cardholder Industry Security Standard (CISP) and Payment Card Industry Data Security Standard (PCI) both limit the number of digits that can be displayed when displaying the credit card account number. CryptoXpress SDK provides a function that masks all but the last “n” number of digits of the account number. The programmer can control the value of “n”.

CryptoXpress SDK provides an HTTP gateway to the United States Postal Service’s Address Information APIs. Companies that use the USPS for shipping merchandise can use these APIs to validate address information or to complete incomplete address information. The Address Information APIs are useful in reducing fraud, improving customer service, eliminating shipping errors and reducing the cost of processing customer orders. CryptoXpress SDK provides a gateway to the USPS Address Information server. CryptoXpress SDK performs the following tasks:

  • Requested information passed to CryptoXpress SDK is validated against the USPS guidelines. If an error is found, CryptoXpress SDK rejects the request and returns an error code
  • If the request is valid, CryptoXpress SDK constructs an XML document, as per the USPS specification, and forwards this document to the USPS Server using HTTP
  • CryptoXpress SDK reads the XML response from the USPS server
  • CryptoXpress SDK parses the XML response and extracts the response values from the document

The CryptoXpress SDK gateway adds value to the process by:

  • Automating the address validation and lookup process
  • Formatting the XML document and parses the values from the USPS response. No XML skills are required by users of CryptoXpress SDK
  • Sending the request to the USPS and reads the response. No Internet programming skills are required by users of CryptoXpress SDK

Why use CryptoXpress SDK:

  • Encryption complexity reduced to 6 best practices deployment scenarios
  • Message digest complexity reduced to 4 best practices deployment scenarios
  • IBM Certified across numerous IBM and non-IBM H/W & S/W platforms
  • Consistency verified across all supported environments
  • Correctness of SDK implementation verified using NIST test vectors
  • Resource & skill level minimized by use of “best practices” scenarios

Product Search

Enter search words:

Development Savings

Read our White Paper on
calculating ROI

Lines of Code: 30,000
Person Months: 30
Labor Cost: $150,000

Functions Required:

Effort per 1,000 LoC:

Labor Cost per Month:

Quick Links

Publisher

Primary Category

Related Products

Related Categories