The members of CrySP are involved in various software projects and distributions. Here is a sampling:

PIR for Onion Services
Private Information Retrieval for Onion Services is a prototype implementation of Tor with support for asynchronous PIR lookups for onion services. Such private lookups prevent malicious Tor onion service directories from learning the relative popularity of onion services or breaking the unlinkability guarantees of Tor's v3 onion service addresses.
PRSONA (Private Reputation Supporting Ongoing Network Avatars) is a privacy-preserving reputation system designed for use in tight-knit communities.
DHTPIR demonstrates how to integrate private information retrieval (PIR) into censorship-resistant publishing systems based on secure distributed hash tables (DHTs), in order to protect node operators from being exposed to information about what files clients are looking up.
Walking Onions
Walking Onions is a set of protocols and techniques to scale anonymity networks and reduce the amount of data required for clients to download.
FROST is a Flexible Round-Optimized Schnorr Threshold signature scheme that can support one-round asynchronous threshold signing operations.
Mitigator is an SGX-based prototype implementation of a system to ensure a web server's handling of data submitted in forms is compliant with its privacy policy.
AR Attacks
This is software to execute augmented reality-based attacks on behaviour-based authentication.
Mimicker is the software that we used to execute shoulder surfing and offline training attacks on touch input-based implicit authentication schemes.
ConsenSGX is our work on using trusted execution environments such as Intel SGX to allow Tor clients to fetch only small parts of the Tor network consensus document, without opening them up to epistemic attacks.
Shatter Secrets
Shatter Secrets is an Android app that uses secret sharing to prevent you from being able to disclose encryption keys when crossing international borders.
PrivacyGuard is an Android app that alerts you when one of your apps leaks sensitive information to a remote server.
FireLock is an Android lock library to re-authenticate users conveniently and securely.
Website fingerprinting
Website fingerprinting is a classification attack wherein someone watching a user's local network can determine what websites she is visiting, even if she is using privacy enhancing technologies such as encryption, VPNs, or Tor. We have implementations of old and new website fingerprinting attacks and defenses.
Leading Johnny to Water: Usable Secure Email
This is the companion website for a study evaluating the usability of a secure PGP-compatible webmail client. The client is available as a Chrome browser extension, and allows you to send and receive PGP-encrypted email using Gmail.
Lavinia is a censorship-resistant publishing system that uses a payment system to incentivize adherence to the protocol and ensure document availability.
Slitheen is a decoy routing system for censorship resistance that uses packet replacement to defend against both active and passive attacks.
Style Counsel source code and data set
Style Counsel is a plugin for the Eclipse IDE to help C program authors maintain their privacy when they want to publish their source code anonymously or pseudonymously. It spots idiosyncratic features of their code and prompts them on what to change to remove them. (See the short WPES paper, or the extended version.) The data set is the collection of files from repositories used in Chris McKnight's MMath thesis "StyleCounsel: Seeing the (Random) Forest for the Trees in Adversarial Code Stylometry". The directory structure is 'author/repo-name'. The repositories were found by enumerating the GitHub data API and looking for original repositories containing C source code, with a single contributor. They have also been filtered to remove duplicate files and third-party source, although this should not be taken as a guarantee of clean data; in fact, the dataset contains a significant amount of noise, so it may be advisable to investigate additional measures to reduce this.
SpeedyMurmurs is a routing algorithm for privacy-preserving 'off-chain' transactions in digital transaction networks.
Itus is an implicit authentication library for Android, which can be used to continuously authenticate a smartphone user based on the user's behaviour without requiring deliberate actions by the user.
PrivEx consists of two sets of protocols (S2—secret sharing and D2—distributed decryption) to enable the private collection of statistics from anonymous communications networks using secure multicaprty computation and differential privacy. These protocols are described in our CCS 2014 paper. [tarball, git]
Distributed Key Generation
Distributed key generation allows a number of parties distributed around the Internet to collaboratively generate a secret key, without any of them learning (or choosing) the key individually, or even in small groups. Our software works in the asynchronous network model, which is appropriate for realistic networks such as the Internet, and has been tested for up to 70 globally distributed parties.
FaceCloak is an architecture for protecting user privacy on social networking sites. It is currently available as a Firefox extension for the Facebook social networking site.
Generalized Mersenne Number Toolbox
The GMNT will eventually be a collection of tools for working with generalized Mersenne numbers. Currently, the mrw tool generates C code to perform modular reduction for an arbitrary generalized Mersenne (GM) modulus. Examples of GM primes are the NIST primes recommended for elliptic curve cryptography.
KleeQ enables secure group communications for users of low-connectivity ad-hoc networks. It provides authentication, encryption and forward secrecy for a communicating group.
libspe: A Dynamic System Performance Analysis Library
libspe allows for static collection of timing information and the ability to register any number of objects to be monitored. We allow the set of objects being monitored, and the code that is watching each object, to be easily modified at runtime, without having to restart the program being monitored. The source code for libspe, written in C, is released as a free and open-source project under the BSD license.
NearbyFriend allows you to become aware of a nearby friend without any third-party tracking. It is available as an Android and BlackBerry application and as a plugin for the Pidgin Instant Messaging client.
Oblivious Printing
Oblivious Printing is a novel approach to document printing in which a set of printers print a secret message, in human or machine readable form, without learning the message.
Off-the-Record Messaging
Off-the-Record Messaging (OTR) enables secure and private instant messaging over existing IM networks. In order to emulate real-world "off-the-record" conversions, it provides encryption, authentication, forward secrecy and deniability.
DAKEZ, ZDH, and XZDH are strongly deniable authenticated key exchanges (DAKEs) intended for secure messaging applications. These protocols are described in our paper (to appear at PETS 2018). Both interactive (e.g., instant messaging) and non-interactive (e.g., text messaging) scenarios are supported.
PBCWrapper is a set of C++ wrapper classes for the PBC Pairing-Based Cryptography library. It simplifies the use of that library with C++ programs, providing convenience with object management, operator overloading, and more.
PBC Go Wrapper (documentation)
The PBC Go Wrapper provides access to the Pairing-Based Cryptography library in Go. It supports all of the PBC library's functionality, including pairing generation, element arithmetic, randomization, and data I/O. It is designed to seamlessly integrate with the Go environment by providing automatic garbage collection, element type checking, and integration with the standard Go libraries.
ringsig (documentation)
Ringsig implements ring signatures in Go. Ring signatures are a special type of digital signature that proves a message was signed by one of a set of possible signers, without revealing which member of the set created the signature.
An implementation of Kate, Zaverucha, and Goldberg's polynomial commitments in C++. It provides a convenient interface for committing to polynomials or vectors and opening such commitments. This version also provides classes that implement zero-knowledge proofs and proofs of knowledge about committed polynomials.
relicwrapper provides C++ and python wrappers to the RELIC library for bilinear pairings. The C++ wrapper uses the same API as PBCwrapper, above.
Percy++ is an implemenation of Private Information Retrieval protocols in C++. It provides information-theoretic, computational, or hybrid protection for the privacy of the query, and handles servers that fail to respond or that respond incorrectly.
Sphinx is a cryptographic message format used to relay anonymized messages within a mix network. It is more compact than any comparable scheme, and supports a full set of security features: indistinguishable replies, hiding the path length and relay position, as well as providing unlinkability for each leg of the message's journey over the network. This software is the implementation of the scheme.
NetMirage is a tool for testing IP-based networked applications. NetMirage emulates a large virtual network, allowing you to run and test unmodified applications in real-time. It is compatible with any IP-based Linux application with the capability to bind to a specific IP address. In particular, NetMirage is a modern tool for constructing large-scale virtual Tor networks.
ExperimenTor is a toolkit and network emulation-based testbed designed to support Tor research in a manner that promotes realism, safety, and scalability. The testbed consists of a set of tools for configuring, running, and analyzing whole-network experiments with an isolated Tor deployment running in the ModelNet network emulation platform. We provide the testbed as a set of VMware images that can be used to run Tor experiments out-of-the-box.
BridgeSPA is a protocol and implementation of innocuous SPA (based on Silent Knock) that protects Tor bridges from "aliveness" checks. See the BridgeSPA research paper for details.
The cudadl package is an implementation of van Oorschot and Wiener's parallel version of Pollard's rho algorithm for finding discrete logs. It uses CUDA GPUs (particularly, 2 NVIDIA M2050 GPUs) to do the computation. It is optimized for solving discrete logs over 1536-bit RSA numbers whose totient is smooth; that is, numbers N=pq where p-1 and q-1 are each the product of distinct primes less than B, for B around 258 (New in version 0.9: 292). See the cudadl research paper for details.
Code Talker Tunnel (formerly known as SkypeMorph)
Code Talker Tunnel (previously called SkypeMorph) is a protocol camouflaging tool, designed to reshape traffic output of any censorship circumvention tool to look like Skype video calls.
COGS (Changing of the Guards) is a simulation framework for understanding how different algorithms for selecting entry guards in Tor affect the security, privacy, and network throughput of Tor users.