Free Encryption library for Delphi [closed]

Answer 1

Daniele Teti has released a collection of DataSnap filters for Delphi 2010, which includes hash, cipher and compression. He mentions that he may also implement asymmetric ciphers in the future.

http://www.danieleteti.it/

This is open source, so please feel free to contribute.

Answer 2

The RSA algorithm is not necessarily out of date, but the key size is important. It is still used regularly all over the place. An RSA key length of 3072 bits should be used if security is required beyond 2030. This is just a function of the improvements in computing power and not a weakness in the algorithm.

I was looking at the LockBox prior to SongBeamer starting to maintain it (Delphi 2007) I found the RSA unstable - just crashing or producing wrong results from time to time. It may have been fixed since then though. If you are going to use it, make sure it supports the key lengths you need, and then create some automated tests with known inputs and outputs. Make sure it runs stable. If it does, then use it by all means.

You can also use the Microsoft Crypto API to do your RSA encryption. I wrote a wrapper for Delphi 2007, but have not updated it for Unicode (I know, shame on me). Someone else might be able to update it to work with Unicode easily.

Another option would be to use the .NET Framework cryptography functions via COM interoperability or something.

Answer 3

For sample code LockBox may be ok, but I would not use it in production any longer. Encryption does go "long in the tooth". Algorithms become old. Previously undiscoverd flaws, improved cryptoanalysis techniques, mathematical advancements, increasing processor power make once secure algorithms and key sizes no longer enough secure. 3DES, MD5, SHA-1 are already considered not enough. Attacks against AES have been recently published (http://eprint.iacr.org/2009/374). The minum recommended RSA key size is now 1024 bits, while 2048 and 3072 keys are recommended if data needs to be protected for years. Lockbox offers only keys of 1024 bits or less. The right block cipher mode has to be selected too. And LockBox TLbRijndael (AES) class by default uses ECB which has known flaws, and don't offer anything more than CBC. Due to the importance electronic security gained in these years, and the consequent researches both by good and bad guys, a seven years old library is really old - just recompiling it and adding support for UTF-16 strings is not enough. Be aware that false security is worse than no security at all. If a system administrator is told "we don't have any security in place" he will work to implement security himself (say IPSec, VPNs or the like). If he's told "yes, we have RSA and AES!" he will feel ok, even if your implementation of AES and RSA is outdated and no longer secure.

Answer 4

It seems like there are lots of free Delphi AES implementations. Feel free to add your favourites here.

There don't seem to be as many free RSA implementations, and very few libraries that offer both.

It looks like LockBox is still a pretty reasonable option. Especially since I don't need encryption that will take literally years to crack.

I think using Microsoft's Crypto API directly might be the most practical option.