Open sourcing Jipher for FIPS regulated environments

At Oracle, we have decades of experience providing enterprise customers with technology solutions to meet their business-critical needs. It’s clear to us that security continues to be top of mind as customers adopt new technologies. We believe the most effective security solutions are achieved by building on open source and contributing innovations back to the open source community.

Today, at KubeCon North America 2023, we announced plans to open source one such innovation, Jipher, a JCE provider for FIPS (Federal Information Processing Standards) environments designed for security and performance. This was one of several announcements among others, including our $3 million contribution to the CNCF in Arm based credits. Read more about these announcements from the Oracle keynote at KubeCon.

For several years we have been making significant contributions to OpenSSL. We’ve chosen to base our products on OpenSSL because it is the most open and most widely used cryptographic toolkit on the planet. At Oracle, we make extensive use of the OpenSSL 3.0 FIPS 140 provider to operate in regulated markets. We like the OpenSSL FIPS provider so much we decided to build a Java cryptography toolkit on top of it called Jipher. By converging on a single toolkit (OpenSSL) we reduce our attack surface, simplify security patching, achieve assembly-optimized performance, and help our customers meet regulatory compliance requirements.

Below are the three main benefits of Jipher.
 
•    Security: OpenSSL is ubiquitous. Because it is deployed so widely it gets tested in many real-world environments for security issues so they can be fixed. That kind of hardening takes years and Jipher gets the benefit of it.
•    Performance: We put Jipher into Oracle Cloud Infrastructure and achieved remarkable performance gains. Scaled across trillions of cryptographic operations every day, the benefits stack up.
•    Compliance: Meeting regulatory requirements can get complex. There’s a risk of misusing the cryptography and breaking the FIPS rules, which can lead to non-compliance or to security and performance issues. It can be hard to stay on top of the FIPS rules, so Jipher was designed to make that easy. Jipher comes with safeguards so we can integrate it into thousands of Oracle applications with peace of mind that it will be done correctly.

So why open source Jipher? The thing is, it’s built on truly open technology – OpenSSL – and we want to give back to the community as a way of saying “thanks”. Jipher is an innovative project based on the latest Java technology – Project Panama. We hope that as the community starts to use Jipher they will enjoy the benefit of a solution focused on security, high performance, simplicity and ease of use.

We have several experts on Oracle technologies and Oracle Cloud Infrastructure at KubeCon from Monday, November 6, through Thursday, November 9. Come meet Oracle on the expo show floor area B3 to hear more about Oracle’s open source offerings and see them in action.