The 'Standard Cryptographic Algorithm Naming' (SCAN) project is, basically, a standards add-on for Java's JCE. JCE's design is that you get an object (implementing a crypto algorithm like Blowfish or MD5 or whatever), by calling a factory method with a string. However, JCE doesn't specify what strings should be used most of the time, particularly in cases where the default JCE provider doesn't support the algorithm. In other cases, the name the Sun docs specify is inconsistent and/or doesn't make any sense and/or is way to vague to actually be useful. Basically, Sun screwed the pooch on this part of the JCE design.

So SCAN picks up where JCE leaves off, by specifying, for example, exactly what the string "CAST-128" means to a JCE provider, down to a fairly minute level. It also specifies a lot of formatting details (especially for algorithms where there is no external standard such as PKCS), and even has experimental support for algorithm types that JCE doesn't even know about.

The primary user of SCAN is, of course, the various open source JCE providers, but several other libraries (including two C++ libraries) also make use of SCAN to provide a semi-sorta JCE-like interface to their users. SCAN seems to undergo periods of extremely fast development followed by 6-18 months with nothing. At this time, it is currently in the latter state, having not been updated since October 22, 2002.

This wonder of wonders may be found on that Internet thing you danged kids is always usin' at

Log in or register to write something here or to contact authors.