Implementing cryptography

Bouncy Castle is one of the most widely used FIPS-certified open source cryptographic APIs for Java and C#. It implements a broad set of resources spanning major security areas, including cryptography, public key infrastructure, digital signatures, authentication, secure communication, and even post-quantum cryptography. 

Do you need cryptography support in your applications? Let us help you!

About Bouncy Castle support To bouncycastle.org

bouncy_castle_logo

The Bouncy Castle APIs

The Bouncy Castle APIs allow developers to easily integrate security into their application code.

BouncyCastleSetup

Java and C#

Language support in Bouncy Castle is primarily in Java and C#. The APIs are used on everything from servers running operating systems, like Windows and Linux, to smaller devices such as those based on Android and iOS. 

FIPS-certified version

The Bouncy Castle APIs are also available as FIPS releases and they are certified across all supported platforms. 

Supports common standards

How you use the Bouncy Castle APIs is really only limited by your imagination. A wide variety of core standards, protocols and algorithms are supported

Implement-Crypto-Library-PrimeKey

What are the challenges with implementing cryptography solutions?

Finding a trusted solution 

Cryptography is complex. Finding a solution that is both proven and covers many use cases today and tomorrow can be difficult.  

Lack of expertise

Most organizations are not experts in cryptography and therefore need support when implementing cryptography in their applications and maintaining it over time.   

Future-proof security

The cybersecurity landscape is constantly evolving with new cryptographic algorithms, protocols, compliance requirements etc. and thus choosing a reliable partner, that is in it for the long run, is key for continuous trust. 

Efficient development of security services with Bouncy Castle APIs

Encryption and corresponding security services such as the usage of digital certificates and TLS are fundamental to today’s connected applications and business processes. Being able to implement and maintain these security services costs effectively and securely over time is important for long-term trust. Bouncy Castle was designed for developers by developers. Bouncy Castle offers open source code with well trodden paths of implementation throughout its supporting APIs.  

We are in it for the long run!

The team behind Bouncy Castle has almost 20 years of experience in cryptography solutions, and they are all PrimeKey employees, working full time on development of Bouncy Castle in close contact with the BC user community. 

Support for common standards

How you use the Bouncy Castle APIs is really only limited by your imagination. In addition to fundamental algorithm support for ciphers like AES, Elliptic Curve, and RSA, and a range of message digest and MAC algorithms, the Bouncy Castle APIs also support protocols like ASN.1 and OpenPGP. Building on core protocols and algorithms has enabled support for a range of standards, including, Time Stamp Protocol (TSP), Cryptographic Message Syntax (CMS), Certificate Management Protocol (CMP), Transport Layer Security (TLS) and a variety of protocols for requesting and generating X.509 certificates.  

Expert help is available

If you lack the internal expertise, and need help to build cryptographic solutions into your applications, PrimeKey offers first-class support directly from the developers of Bouncy Castle. We offer help to implement and customize your cryptography use cases. Everything is covered, from basic support questions and assistance, up to doing your own certifications based on the Bouncy Castle FIPS APIs.  

Crypto agility and post-quantum cryptography

The broad support for common standards and protocols together with the highly skilled team working on developing Bouncy Castle, help you achieve future-proof and crypto agile solutions. As an example, quantum-safe algorithms are already supported and the team follows the post-quantum cryptography field closely to be ready for more new algorithms and other updates.  

bouncy-castle-history

A bit of history

The APIs are open source under a flexible licensing model and are owned by an Australian based software charity, Legion of the Bouncy Castle Inc. A reasonable question to ask about Bouncy Castle would be: 'Can I be sure it is sustainable?' The original Bouncy Castle team asked themselves this question as well. By 2010 it had become rather obvious that the project and its developers had very little future if the effort was going to stay part time. Not long after that saw the creation of a consulting company alongside the BC charity called Crypto Workshop.

Crypto Workshop was set up to specialize in providing Bouncy Castle support and was made up of both founders and long term committers to the BC project, with funding from support contracts allowing participants to work full time on the Bouncy Castle Project as well as more closely with the BC user community. In December 2019, Crypto Workshop was acquired by Prime Key who have also continued to invest in the project. As of June 2021, PrimeKey is a part of Keyfactor

Bouncy Castle customers

We value our customers' privacy, so this list is not complete. However, the following companies and organizations are some of the current and past customers that have chosen to use Bouncy Castle: 

Related resources

primekeypki-admir-e1632144884130
Blog post
Community software
Cryptography Solution
EJBCA Enterprise

The (not so) new normal – ubiquity of applied cryptography

Cryptographic ubiquity is the final side of the triangle alongside robustness and agility. And in many ways, it is the area with the most room for growth. Perhaps only for me because I'm an IT nerd, but it has become normal to read bad news every week a...
primekeypki-admir-e1632144884130
Blog post
Cryptography Solution

How do we deliver on agility as an IT security vendor?

In previous blog posts, we touched on how important IT infrastructure is for our modern society and why IT security vendors need to deliver robustness . It would appear that notions of agility and robustness go against each other. After all, if somethin...
primekeypki-admir-e1632144884130
Blog post
Cryptography Solution

Why IT security vendors need to deliver robustness

For mission critical IT systems, robustness is simply a must. This is nothing new or specific to IT industry. Take a bridge for example - engineers calculate maximum loads, look into specifics of the surrounding environment (geological formation, earthq...

Contact us

Fill in your contact information below and we will get in touch with you.