crypt(1) crypt(1)NAME crypt - encode/decode SYNOPSIS crypt [password] DESCRIPTION crypt reads from the standard input and writes on the stan- dard output. The password is a key that selects a particu- lar transformation. If no password is given, crypt demands a key from the terminal and turns off printing while the key is being typed in. crypt encrypts and decrypts with the same key: crypt key <clear > cypher crypt key < cypher | pr will print the clear text file, clear. Files encrypted by crypt are compatible with those treated by both the ed and ex editors in encryption mode. The security of encrypted files depends on three factors: the fundamental method must be hard to solve; direct search of the key space must be infeasible; sneak paths by which keys or clear text can become visible must be minimized. The security of this scheme should not be relied on, for reasons described herein. crypt implements a one-rotor machine designed along the lines of the German Enigma, but with a 256-element rotor. Methods of attack on such machines are known, but not wide- ly; moreover, the amount of work required is likely to be large. The transformation of a key into the internal settings of the machine is deliberately designed to be expensive, i.e., to take a substantial fraction of a second to compute. If keys are restricted to (for example) three lowercase letters, however, encrypted files may be read by expending only a substantial fraction of five minutes of machine time. Since the key is an argument to the crypt command, it is po- tentially visible to users executing ps(1) or a derivative. To minimize this possibility, crypt takes care to destroy any record of the key immediately upon entry. The choice of keys and key security are the most vulnerable aspect of crypt. EXAMPLES crypt asa < sleeper.c > zzz April, 1990 1
crypt(1) crypt(1)will use the string asa as key to the encryption algorithm to encrypt the contents of sleeper.c, and place the encrypt- ed output in file zzz. File zzz at this point will be un- readable. Note that the original file, sleeper.c, remains in readable form. To obtain readable printout of the file zzz, it could be decoded as follows: crypt < zzz After the response: Enter key: the user types in: asa. FILES /bin/crypt /dev/tty for typed key SEE ALSO ed(1), ex(1), makekey(1), stty(1), vi(1), crypt(3C). BUGS If output is piped to nroff and the encryption key is not given on the command line, crypt may leave terminal modes in a strange state (see stty(1)). If two or more files encrypted with the same key are con- catenated and an attempt is made to decrypt the result, only the contents of the first of the original files will be de- crypted correctly. NOTES This utility is not provided with international distribu- tions. 2 April, 1990