crypt(1) | crypt(1) |
NAME
crypt - encode/decode ®les
SYNOPSIS
crypt [ password ]
DESCRIPTION
crypt reads from the standard input and writes on the standard output. password is a key that selects a particular transformation. If no password is given, crypt demands a key from the terminal and turns off printing while the key is being typed in. crypt encrypts and decrypts with the same key:
crypt key <clear >cypher crypt key <cypherpr
The latter command decrypts the ®le and prints the clear version.
Files encrypted by crypt are compatible with those treated by the ed editor in encryption mode (see ed(1)).
Security of encrypted ®les depends on three factors: the fundamental method must be hard to solve; direct search of the key space must be infeasible; ``sneak paths'' by which keys or clear text can become visible must be minimized.
crypt implements a
The transformation of a key into the internal settings of the machine is deliberately designed to be expen- sive; i.e., to take a substantial fraction of a second to compute. However, if keys are restricted to, for exam- ple, three lowercase letters, then encrypted ®les can be read by expending only a substantial fraction of ®ve minutes of machine time.
Since the key is an argument to the crypt command, it is potentially visible to users executing the ps or a derivative (see ps(1)). The choice of keys and key security are the most vulnerable aspect of crypt.
EXAMPLES
The following example demonstrates the use of crypt to edit a ®le that the user wants to keep strictly con®dential:
$ crypt <plans >plans.x key: violet
$ rm plans
...
$ vi
...
:wq
$
...
$ crypt <plans.x pr key: violet
Note that the
WARNINGS
If output is piped to nroff and the encryption key is not given on the command line, crypt can leave terminal modes in a strange state (see nroff(1) and stty(1)).
If two or more ®les encrypted with the same key are concatenated and an attempt is made to decrypt the result, only the the ®rst of the original ®les is decrypted correctly.
FILES | for typed key |
/dev/tty |
c
− 1 − | Section 1−127 |