22 lines
1.3 KiB
Text
22 lines
1.3 KiB
Text
ccrypt is a utility for encrypting and decrypting files and streams. It was
|
|
designed to replace the standard unix crypt utility, which is notorious for
|
|
using a very weak encryption algorithm. ccrypt is based on the Rijndael
|
|
cipher, which is the U.S. government's chosen candidate for the Advanced
|
|
Encryption Standard (AES, see http://www.nist.gov/aes/). This cipher is
|
|
believed to provide very strong security.
|
|
|
|
Unlike unix crypt, the algorithm provided by ccrypt is not symmetric, i.e.,
|
|
one must specify whether to encrypt or decrypt. The most common way to invoke
|
|
ccrypt is via the commands ccencrypt and ccdecrypt. There is also a ccat
|
|
command for decrypting a file directly to the terminal, thus reducing the
|
|
likelihood of leaving temporary plaintext files around. In addition, there
|
|
is a compatibility mode for decrypting legacy unix crypt files.
|
|
|
|
Encryption and decryption depends on a keyword (or key phrase) supplied by
|
|
the user. By default, the user is prompted to enter a keyword from the
|
|
terminal. Keywords can consist of any number of characters, and all characters
|
|
are significant (although ccrypt internally hashes the key to 256 bits).
|
|
Longer keywords provide better security than short ones, since they are less
|
|
likely to be discovered by exhaustive search.
|
|
|
|
WWW: http://ccrypt.sourceforge.net/
|