Free nist fips 140 2 encryption software for linux

Gaim-Encryption uses NSS to provide transparent RSA encryption as a Gaim plugin.
Main features:
- Automatically creates a public/private key pair for you upon loading the plugin
- Automatically transmits your public key to other users.
- Supports 512 - 4096 bit keys.
- Saves keys of known users, and warns you if their public key has changed.
- Embeds all encryption and keys inside HTML, so if the other user doesnt have the plugin, they will get a little message telling them about the plugin, and wont get a screen full of garbage.
- Stores keys in human readable files in your .gaim directory, in case you ever need to copy/edit them by hand. Which you really shouldnt have to do.
- Automatically recognizes if you are chatting with someone who has the plugin- see the Preferences dialog.
- Available for the Windows version of Gaim.
- Modular and extensible. If you want to define a different type of encryption, you can use this plugin as a wrapper to take care of transporting the encrypted binary over the IM pipe.

trfcrypt is an add-on package to the tcl-extension trf. It provides the encryption functionality which was removed from the base package to allow its inclusion on the Tcl/Tk CDROM without violating US export control laws on cryptography.
The C API is layered on top of the trf C API and provides a set of commands for the management, implementation and usage of blockciphers and stream.
Although it is possible to implement ciphers using only the trf C API the code in this package makes it much easier, as general things like the handling of blockcipher modes are done here, thus obviating the need to reimplement them every time. A new cipher just has to provide some information about itself (key sizes) and functions to:
- generate the internal keyschedule from the specified key
- encrypt/decrypt a character or a block of data

Eureka Encryption Global Edition contains file encryption, multiple encryption, merge encryption, multiple file encryption, embedded applications (Crypt Words, Steganographer, Interface) and other tools such as a file shredder and scrambler.

Eureka Encryption Global Edition is available for Windows, Mac and Linux. Other applications are available from the website.

FlexiCrypt is a universal cryptography toolkit for managing certificates and symmetric keys. FlexiCrypt can perform many kinds of encryption, decryption, signing, and several related tasks.
Main features:
- key managing (asymmetric and symmetric)
- generate certificates
- symmetric encryption
- asymmetric encryption
- hybrid encryption
- decryption
- XML-signatures
- message digest computation
- secure file deletion (wipe files)
- performance comparison

The NIST Implementation of the Ad-Hoc On Demand Distance Vector protocol is a kernel-level driver for Linux . AODV is a routing protocol for ad hoc networks designed with mobile wireless devices in mind. For a quick overview on AODVs basics, check out our Quick Guide to AODV page. If you are interested in running a simulation of AODV, NIST has developed a simulation in OPNET.
Kernel AODV is a loadable kernel module for Linux. It implements AODV routing between computers equipped with WLAN interfaces.
This software was developed at the National Institute of Standards and Technology by employees of the Federal Government in the course of their official duties. Pursuant to title 17 Section 105 of the United States Code this software is not subject to copyright protection and is in the public domain. Kernel AODV is an experimental system. NIST assumes no responsibility whatsoever for its use by other parties, and makes no guarantees, expressed or implied, about its quality, reliability, or any other characteristic. We would appreciate acknowledgement if the software is used.
This software can be redistributed and/or modified freely provided that any derivative works bear some notice that they are derived from it, and any modified versions bear some notice that they have been modified.
Enhancements:
- Corrected LINK_LIMIT #ifdefs (Fix from Peter Barron)
- aodv_neigh.c
- hello.c
- module.c
- Add Packet Queuing back in (Fix from Peter Barron)
- Send queued messages when recieving a route, aodv_route.c
- Drop packet from queue if RREQ fails, rreq.c
- Added packet_queue.c back in, packet_queue.c
- Added init and cleanup of packet_queue, module.c
- Added additional check to packet_out.c to determine if packet is going to external subnet on a gateway.
- Shouldnt be neccesary since a route should be created for the external destination anyhow. Have to look into this. (Fix from Peter Barron)
- Removed annoying message printed when signal strength can not be read. Instead only prints when can not be set. signal.c
- Fixed the undefined symbol STRCHR problem for real this time. The problem is doing strstr() with a singlecharecter results in it being converted to strchr(), but for some reason it is not properly imported. The solution it to simply use stchr() instead. module.c
- Changed it so that find_aodv_route() will return valid routes that have expired. When it didnt return expired routes two routes would sometimes be created. Also, now kernel routes are only removed when an expired route is removed. find_aodv_route() will also invalidate expired valid routes.
- Had some trouble with duplicate kernel routes. Now we are always deleting before inserting a new route. Should fix it, fingers are crossed.
- Changed delete_neighbor() so that we send out an RERR even if the route is no longer valid. Also change gen_rerr() so that is will send out a RERR even if the route is not valid. It has to be better to send out a few extra rather than not enough. Just cause you have timed a route out doesnt mean others have.
- Compared the Metrics wrong in update_route() if the seq numbers were equal.

twocrypt provides a crypto tool with a deniable encryption option.
twocrypt (2c) is a tool for the ultra-paranoid, providing a traditional crypto, but also an option of deniable (subpoena-proof) encryption. It encrypts one or two files at once.
Each file can be recovered with its respective passphrase, but the presence of more than one file cannot be demonstrated, and the presence of this option alone should not be a credible argument for data hiding.
2c2 is a simple symmetric file encryption utility. It comes with an
interesting optional feature - it is capable to embed an additional file
within an encrypted data. This is done in a way that cannot be detected
without knowing the passphrase protecting the "hidden" file, even if the
password for the primary file is disclosed. The design is such that the
fact of using this method alone does not constitute a credible evidence of
data hiding (IANALBMSUTDO). This kind of encryption is also called
"subpoena-proof" or "deniable".
There is some previous work in this area. There are two popular approaches,
one is to throw away the encryption key, but store some information that
can be used to recover the key with a considerable computation effort
(several years or so). The concept seems to be risky for obvious reasons,
and is also impractical if the data has to remain accessible before the
projected cracking date.
The other approach is to have a number of containers protected with a number of passwords, of which some but not all might be encrypted data (rubberhose does that). I think its needlessly complex, and usually applied to a storage such as a disk drive.
As such, 2c would be the first tool to implement this functionality in a
reasonable and practical fasion, at least I think so.
Enhancements:
- It was possible to tell a two-file result from a single-file output,
_statistically_. This does not mean the question can be answered for a
particular archive, but single-file archives had a tendency to result
in a slightly larger file, and if you have a number of 2c-protected
files for which the primary password has been obtained, it can be
told how you use 2c. The reason for that was slightly broken compressed
pad length logic.
Severity: medium
- As a cryptographic safeguard, the random pad stream now consists of
a random, compressed file of a random length, followed by true garbage.
This is to mimick second file scenario more closely, so that if the
encryption proves weaker than originally thought, and some statistical
properties of a stream can be deduced, theres no exposure. Version
1 always used a full-length compressed pad, which was silly in that
its not that common to store perfectly-fit secondary files.
Severity: hypotetical issue
- In v1, random chunk would seldom get compressed, because the compression
algorithm resorted to storing uncompressed data if compression would
result in output bigger than input. This is not a flaw per se, but
defeats a minor safeguard intended to mimick a file that would often
be compressible. Now, encryption of all blocks is forced, even though
it might be less efficient.
Severity: hypotetical issue
- Input blocks are now split randomly to avoid placing compression
headers and other known structures at constant locations. This is just
another arbitrary safeguard for the algorithm.
Severity: hypotetical issue
- per Jamess suggestion, I added a counter to the PRNG generator
internal state. This prevents a hypotetical (although *extremely*
unlikely) generator stall scenario. This spectacularly breaks v1
compatibility, blame James ;-)
Severity: low

Starfish Password Manager project consists of a password manager.
Starfish is a simple password manager. It stores all of its data in XML, and uses strong encryption (MD5 with DES).
Main features:
- 100% Java©
- Easy to use GUI
- Strong encryption
- Sortable columns, password hiding/unhiding
- Easy copy to clipboard
- All data stored in XML