CoreProvider  |  ECProvider  |  PQCProvider  |  NFProvider  |  ASN.1 Codec  |  Licensing

The FlexiProvider is a powerful toolkit for the Java Cryptography Architecture (JCA/JCE). It provides cryptographic modules that can be plugged into every application that is built on top of the JCA.

The goal of our project is to supply fast and secure implementations of cryptographic algorithms which are easy to use even for developers who are not well-footed in the field of cryptography.

The FlexiProvider has been developed by the Theoretical Computer Science Research Group of Prof. Dr. Johannes Buchmann at the Departement of Computer Science at Technische Universität Darmstadt, Germany.

Examples of how to use the FlexiProvider can be found in the examples section.


The CoreProvider contains well-known public key algorithms such as the RSA cipher and signature in different flavours according to PKCS #1, a multitude of symmetric block ciphers, most prominent among them the AES cipher Rijndael and 3-DES, password-based encryption (PBE) according to PKCS #5, hash functions such as MD5, SHA1, and RIPEMD, MACs such as CBC-MAC, CMAC, HMAC, plus its own pseudo-random number generator (BBS).


The ECProvider is a provider for cryptographic algorithms which are based on elliptic curves. The provider includes the digital signature schemes ECDSA and ECNR, the Elliptic Curve Diffie-Hellman (ECDH) key agreement scheme, and the Elliptic Curve Integrated Encryption Scheme (ECIES). The schemes are implemented according to following standards:

ANSI X9.62-1998: ECDSA
IEEE 1363-2000 and 1363a-2004: ECDSA, ECNR, ECDH, ECIES

EC domain parameters, keys and signatures can be ASN.1 encoded. Please see the documentation about additional information on which EC domain parameters are supported.


The PQCProvider is a provider for cryptographic algorithms which are secure even against quantum adversaries. Most of the algorithms are not standardized, but instead are topic of current research. The provider currently contains the CMSS signature scheme, the McEliece cryptosystem in four variants, the Niederreiter cryptosystem and the CFS signature scheme.


This provider has been developed as a proof of concept for the viability of Number Field Cryptography in imaginary quadratic orders (IQ) by our research group. It contains two DSA variants (IQRDSA and IQDSA) as well as the Guillou-Quisquater signature scheme (IQGQ). We have also devised an ASN.1 module for describing the domain parameters, keys, and signatures.

Note: The NFProvider should currently be considered experimental.

ASN.1 CoDec

For encoding and decoding ASN.1 data structures, we use a third party package originally written by the SeMoA group and currently hosted on SourceForge.


The FlexiProvider is open source. The Core provider module is LGPL licensed, the EC, PQC, and NF provider modules are GPL licensed. Alternative licensing options are available upon request. The SourceForge CoDec package is GPL licensed.

Druckerenglisch deutsche Flagge   Impressum