Bright and full of new 2016 year insensibly came to an end. Writing good software is hard: absorbed in developing our main products, closed a testing round of Acra (all hail the braves who dedicated an immense amount of time giving us feedback), we’ve spent most of the year undercover. Now that we’ve shown first cues to the open public, revelatory moments are closer than ever.
This year we’ve put a lot of effort into helping Themis users understand how to better use Themis and how to build stronger apps:
- Themis undergone two releases (0.9.3, 0.9.4), increasing stability, performance, eliminating gazillion of tiny implementation errors across multiple platforms.
- Secure Comparator is now part of the mainline code. @secumod, our core scientific contributor, gave several talks on high-profile crypto conferences about it (Enforcing Web security and privacy with zero-knowledge protocols, Overview and evolution of password-based authentication schemes). Thanks to @Idolf and @Sc00bz put their best effort into pointing out possible security problems and then polishing the protocol.
- We’ve launched Themis Server, an interactive emulator/API endpoint, helping Themis users to get going with the library quicker. Just watch it, within the next months it will become something much bigger and cooler.
- We’ve launched browser-friendly port of Themis called, unsurprisingly, WebThemis. It allows you to build Themis for Google NaCl, and use strong cryptography within the browser. We’ve also shown two web apps built using WebThemis: secure end-to-end web chat 0fc, online password/secret store Sesto.
- We’ve released two database modules for Themis, for Redis and Postgres, bringing stronger security into database world in a compatible format.
This way, you can now consistently use Themis everywhere: in the browser, on mobile devices, in your middleware/application (across many popular languages and platforms) and in your database. Our goal is to provide the all-encompassing presence of cryptographic functions, allowing you to move encrypted data across platforms without any friction and build unified encryption layer.
One can’t love mobile more than we do. Both iOS and Android ports of Themis got a significant portion of attention:
- In Apple land, there’s been a lot of changes: from Swift support of Themis to CocoaPods compatibility (thanks to @valeriyvan, @bryongloden, @MatejBalantic)
- In Android, we’ve eliminated a few bugs, migrated to BoringSSL and simplified build system a bit.
- Magnificent @vixentael, our core iOS contributor, gave numerous talks about mobile security and using Themis, including a workshop in The Alps, where she showed a few tricks about using Themis.
Over the year, we’ve published a few articles, from deeply scientific, to almost purely educational: we have shown how to choose crypto for your Android or iOS app, talked about Zero Knowledge protocols, got in depths of PNaCl module building and associated challenges, talked about current and general security problems.
Looking forward, there’s a lot of new crazy challenges and plans, releases and exciting days at the labs. We enjoyed 2016 a lot. Hope you did too! Meet you in happy 2017.