{"id":36418667,"url":"https://github.com/mgrand/crypto-shuffle","last_synced_at":"2026-01-11T17:01:32.938Z","repository":{"id":57726479,"uuid":"85639959","full_name":"mgrand/crypto-shuffle","owner":"mgrand","description":"Very secure symmetric encryption algorithm with unlimited key length.","archived":false,"fork":false,"pushed_at":"2019-05-21T01:51:21.000Z","size":227,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-07-27T18:02:30.395Z","etag":null,"topics":["encryption","encryption-algorithm","plaintext","shuffle","symmetric-encryption-algorithm"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mgrand.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-03-21T00:10:11.000Z","updated_at":"2025-03-25T17:39:20.000Z","dependencies_parsed_at":"2022-09-26T21:50:47.829Z","dependency_job_id":null,"html_url":"https://github.com/mgrand/crypto-shuffle","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/mgrand/crypto-shuffle","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mgrand%2Fcrypto-shuffle","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mgrand%2Fcrypto-shuffle/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mgrand%2Fcrypto-shuffle/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mgrand%2Fcrypto-shuffle/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mgrand","download_url":"https://codeload.github.com/mgrand/crypto-shuffle/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mgrand%2Fcrypto-shuffle/sbom","scorecard":{"id":639528,"data":{"date":"2025-08-11","repo":{"name":"github.com/mgrand/crypto-shuffle","commit":"5acd33e76ab9f47ff851e442b3ce7024c3c5280f"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T10:18:10.236Z","repository_id":57726479,"created_at":"2025-08-21T10:18:10.236Z","updated_at":"2025-08-21T10:18:10.236Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28314259,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-11T14:58:17.114Z","status":"ssl_error","status_checked_at":"2026-01-11T14:55:53.580Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["encryption","encryption-algorithm","plaintext","shuffle","symmetric-encryption-algorithm"],"created_at":"2026-01-11T17:01:32.854Z","updated_at":"2026-01-11T17:01:32.929Z","avatar_url":"https://github.com/mgrand.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# crypto-shuffle 0.7\n\nThis is a symmetric encryption algorithm for use in applications like\nprotecting the secrecy of blockchain contents where the encryption needs\nto be very strong. The algorithm has these properties:\n\n* It is necessary to decrypt the entire text at once, rather than\n  decrypt in pieces, as with a block cypher.\n* The key can as as long as the plaintext message or \nlonger.\n* All wrong plain texts the same length as the correct\nplain text can be generated by wrong keys. This Ensures \nthat too many plausible plaintext's that can be generated to\ntell by brute force which is the correct one.\n\nThe encryption algorithm is very simple:\n1. If the plaintext is longer then the key, fail.\n2. If the plaintext is shorter than the key, pad it to\nthe length of the key with null bytes (0).\n3. XOR the key with the padded plain text. The result\nis the encrypted text.\n\nThe decryption algorithm is the same.\n\n## Key Management\n\nEach plaintext that is encrypted should be encrypted with a different\nkey. If it is known that two encrypted texts were encrypted with the\nsame key, then it becomes easier to guess the key. For this reason, the\ncrypto-shuffle library includes a `RandomKeyGenerator` class to generate\nrandom keys.\n\nThe most secure way to share the key to decrypt a message is to keep it\nsomewhere different than the encrypted message. However this creates the\nchallenge of creating a mechanism to manage all of the random key and\nkeeping track of which key goes with which encrypted text. The\ninconvenience of having to do this may be unacceptable.\n\n### Sharing Keys on the Blockchain\n\nIf the encrypted message is stored on a blockchain, it may be considered\nconvenient to store the crypto-shuffle key on the same blockchain.  In\nthese cases, it is recommended that the key be encrypted with the public\nkeys of the parties that you want to share the plaintext with.\n\nThe crypto-shuffle package includes a convenient mechanism for creating\na single JSON object that contains versions of crypto-shuffle keys\nencrypted by each of a set of public keys. This is the `MultiEncryption`\nclass.\n\nTo create a `MultiEncryption` object, you pass the constructor a plain\ntext crypto-shuffle key and a collection of one or more public keys. The\nconstructed object contains versions of the crypto-shuffle key encrypted\nby each of the public keys.\n\nTo decrypt the contents of a `MultiEncryption` object, pass a public key\nand its corresponding private key to the `MultiEncryption` object’s\n`decrypt` method. If the `MultiEncryption` object contains an encrypted\ncrypto-shuffle key that was encrypted with the given public key, it uses\nthe corresponding private key to decrypt the crypto-shuffle key.\n\nYou can generate a JSON representation of a `MultiEncryption` object by\ncalling its `toJson` method. Provide JSON version of the\n`MultiEncryption` object as a field value in the same transaction as\nyou have encrypted values. If someone wants to convert the JSON into a\n`MultiEncryption` object, they can pass the JSON to the static method\n`MultiEncryption.fromJson`.\n\n### Sharing Keys Outside the Blockchain\nSharing keys through a means outside of the blockchain is the most secure\nway to share keys.\n\n__Note:__ This version of cryptoshuffle is not compatible \nwith previous versions. ","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmgrand%2Fcrypto-shuffle","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmgrand%2Fcrypto-shuffle","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmgrand%2Fcrypto-shuffle/lists"}