The blockchain is a decentralized ledger that records transactions across many computers. It has the potential to disrupt the data protection industry and provide an easy way to store and share data securely.

The dpapi encryption is a cryptographic framework that is easy to use. It offers the ability to encrypt and decrypt data in a secure manner.

Themis provides strong, usable cryptography for busy people

For busy individuals, Themis offers strong, usable cryptography.

Easy-to-use-cryptographic-framework-for-data-protection 1631459271_602_Easy-to-use-cryptographic-framework-for-data-protection

For iOS (Swift, Obj-C), Android (Java, Kotlin), desktop Java, C/++, Node.js, Python, Ruby, PHP, Go, Rust, WASM, general-purpose cryptography library for storage and communications.

It’s ideal for cross-platform applications. Cryptographic information is hidden. Designed by cryptographers for programmers

What is Themis?

Themis is an open-source high-level cryptographic services library that protects data during authentication, storage, messaging, and network exchange, among other things. Themis addresses 90% of the most frequent data security use cases seen in most applications.

Themis makes it easy, fast, and safe to create both basic and sophisticated cryptographic features. Themis enables developers to concentrate on what they do best: building apps.

Use cases that Themis is able to address

  • Encrypt API keys, session tokens, and files in your applications and backend.

  • Before storing sensitive data fields in a database, encrypt them (“application-side field-level encryption”).

  • Using Themis and Acra, provide searchable encryption, data tokenization, and data masking.

  • Securely exchange secrets: communicate sensitive info between parties, and create a simple chat app for patients and physicians.

  • Construct end-to-end encryption methods using either a centralised or decentralized architecture: Locally encrypt data in one app, use it encrypted elsewhere, and only decode for authorized users.

  • Maintain secure sessions in real time: send encrypted messages from your app to manage connected devices, and receive real-time critical data from your applications to your backend.

  • Comparing secrets between parties without exposing them is a difficult task (zero-knowledge proof-based authentication).

  • Themis is the ideal cryptographic library for multi-platform applications (e.g., an iOS+Android+Electron app with a Node.js backend) since it has a 100 percent compatible API and operates the same way on all supported platforms.


Themis offers ready-to-use building blocks (cryptosystems) that make common cryptographic security procedures easier to use.

Themis offers four key cryptography services:

  • Secure Cell is a multi-mode cryptographic container that may be used to store anything from encrypted files to database entries and formatted texts. Secure Cell is based on the AES-256-GCM and AES-256-CTR algorithms.
  • Secure Message is a basic encrypted messaging system that may be used for a variety of purposes. You’re ready to leave after you’ve exchanged the keys between the parties. ECC + ECDSA / RSA + PSS + PKCS#7 are the two fundamental cryptosystems.
  • Secure Session: session-based encrypted data sharing with forward secrecy for improved security and more demanding infrastructures. Secure Session is a high-level messaging primitive that may be used for socket encryption, session security, or high-level messaging (with some additional infrastructure like PKI). ECC and AES encryption, using ECDH key agreement.
  • Secure Comparator is a cryptographic technique that uses zero-knowledge proofs to authenticate and compare secrets.

We built Themis so that we could develop additional products on top of it, such as Acra and Hermes.

To install Themis for your mobile, online, desktop, or server-side application, go to the Installation page. Instead of constructing from source, we strongly advise using installation packages.

Themis is accessible in the following languages/platforms; for more information, see the language howtos:

The following CPU architectures are supported by Themis: x86 64/i386, ARM, Apple Silicon (ARM64), and different Android architectures.

Themis is built and tested on the most recent stable OS versions:

  • Ubuntu, Debian (9, 10), CentOS (7, 8) (16.04, 18.04, 20.04)
  • macOS (10.12–10.15, 11) is a computer operating system developed by Apple.
  • (4–11) Android
  • iOS (versions 10–14)
  • Microsoft® Windows® (experimental MSYS2 support)

We want to add more platforms to this list in the future. Get in contact if you’d like to help develop Themis or bring it to your favorite platform or language.

Themis documentation includes the constantly updated official docs, which include everything from deployment instructions to use cases, as well as short descriptions of the cryptosystems and architecture that underpin the core Themis library.

More information about: may be found in the documentation.

  • Themis’ cryptography (Themis cryptosystems and attacks on them, cryptography donors, key management advice, FIPS 140-2 and GOST),
  • troubleshooting and debugging Themis (command-line utilities, Themis Server interactive web simulator, thread safety, migration guidelines between Themis versions),
  • The architecture of Themis
  • The security of Themis (Themis and OWASP, Themis development security practices),
  • Themis has a supportive community (contributing guidelines, credits and honorable mentions, projects that use Themis, tutorials, workshops and talks).

Themis uses well-known cryptography libraries such as OpenSSL, LibreSSL, and BoringSSL to implement established cryptographic methods. More information may be found in the Themis documentation under Cryptography.

Cryptographic software is included in this package. The import, ownership, use, and/or re-export to another nation of encryption software may be restricted in the country where you presently live. Please verify your country’s laws, rules, and policies regarding the import, ownership, or usage, and re-export of encryption software before using any encryption software. For additional information, go to

This program is categorized as Export Commodity Control Number (ECCN) 5D002.C.1 by the US Department of Commerce’s Bureau of Industry and Security (BIS), which covers information security software that uses or performs cryptographic functions using asymmetric algorithms. For both object code and source code, the form and method of distribution qualify it for export under the License Exemption ENC Technology Software Unrestricted (TSU) exception (see BIS Export Administration Regulations, Section 740.13).

If you wish to publish your software to the Apple App Store and utilize Themis, there are certain criteria for reporting any encryption usage.

To find out what to do for Themis, read about Apple’s cryptography export restrictions.

Our internal team of cryptographers and security engineers reviews and approves any modification to the Themis core library. Internal audits by cryptographers who do not work on Themis are performed for each release.

Static code analyzers, fuzzing tools, memory analysers, unit tests (per platform), and integration tests (to identify compatibility problems across various Themis-supported languages, OS, and x86/x64 architectures) are all used extensively in our automated security testing. In the Themis security documents, you can learn more about our security testing methods.

Please send an email to [email protected] if you think you’ve discovered a security flaw. It’s possible that you’ll be eligible for a bug bounty program.

Themis is a “state of the art” encryption tool that offers safe data sharing and storage as a cryptographic services library for mobile and server platforms.

You can better comply with current data privacy laws by using Themis, such as:

In the documents, you can learn more about regulations.

OWASP suggests Themis as a data encryption library for mobile platforms.

Themis is extensively used for both non-commercial and commercial enterprises, and it includes several public applications and libraries.

Do you want to be featured in our blog as well as on our contributors list? Tell us about the project you made using Themis!

Pick anything from the list of problems if you’re searching for something to contribute to and earn everlasting respect for. As a starting point, go through our Contribution guidelines.

It takes a lot of effort to support Themis on all of these different platforms, but we do our hardest to make it as easy as possible for everyone to use Themis. The majority of problems our customers have are related to the installation procedure and dependency management. Please let us know if you run into any difficulties.

We provide expert assistance for Themis and apps that use Themis at Cossack Labs.

This assistance includes, but is not limited to, library integration with a focus on web and mobile applications; designing and building end-to-end encryption schemes for mobile applications; security audits for in-house library integrations or high-level protocol; custom application development requiring cryptography; consulting and training services.

Contact us at [email protected] or learn more about Cossack Labs’ cybersecurity services.

If you have a technical query, please open an issue or send an email to [email protected].

Send an email to [email protected] to contact Cossack Labs Limited’s business division.




The dpapi mimikatz is a cryptographic framework that provides easy to use interfaces for data protection. It was designed by Microsoft and has been used in many projects since then.

Frequently Asked Questions

How cryptography can be used for data security?

Cryptography is a method of securing information in order to keep it safe from unwanted access. It can be used for data security by using cryptographic algorithms to encrypt the information so that only authorized people are able to read it, or decrypting the information so that only authorized people are able to read it.

Which encryption is best for data at rest?

AES-256 is the strongest encryption algorithm, but its not always practical.

What encryption does cryptography use?

Encryption uses mathematical algorithms to scramble data so that it cannot be read or understood by anyone without the proper key.

  • core data protection example
  • dpapi encryption c#
  • asp net core data protection load balancing
  • data protection api c#
  • windows dpapi