Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

ed(C)

ex(C)

makekey(ADM)

ps(C)

stty(C)

vi(C)


 crypt(C)                      06 January 1993                       crypt(C)


 Name

    crypt - encode/decode

 Syntax

    crypt [ password ]

    crypt [ -k ]

 Description

    The crypt command reads from the standard input and writes to the stan-
    dard output.  The password is a key that selects a particular transforma-
    tion.  If no argument is given, crypt demands a key from the terminal and
    turns off printing to the screen while the key is being typed in.  If the
    -k option is used, crypt will use the key assigned to the environment
    variable CRYPTKEY.  The crypt command encrypts and decrypts with the same
    key: see ``Examples'' section below.

    Files encrypted by crypt are compatible with those treated by the editors
    ed(C), ex(C), and vi(C) in encryption mode.

    The security of encrypted files depends on three factors:  the
    fundamental method must be hard to solve; direct search of the key space
    must be infeasible; ``sneak paths'' by which keys or clear text can
    become visible must be minimized.

    The crypt command implements a one-rotor machine designed along the lines
    of the German Enigma, but with a 256-element rotor.  Methods of attack on
    such machines are known, but not widely; moreover the amount of work
    required is likely to be large.

    The transformation of a key into the internal settings of the machine is
    deliberately designed to be expensive, that is, to take a substantial
    fraction of a second to compute.  However, if keys are restricted to
    (say) three lower-case letters, then encrypted files can be read by
    expending only a substantial fraction of five minutes of machine time.

    If the key is an argument to the crypt command, it is potentially visible
    to users executing ps(C) or a derivative.  To minimize this possibility,
    crypt takes care to destroy any record of the key immediately upon entry.
    The choice of keys and key security are the most vulnerable aspect of
    crypt.

 Examples

    The following example encrypts the file top_secret using the key pass-
    word; creating an encrypted file gibberish:

       crypt password < top_secret > gibberish

    When the file gibberish is unencrypted, crypt demands the key (password)
    from the user if it is not given on the command line. The output may be
    written to the terminal:

       crypt < gibberish

    to the printer:

       crypt < gibberish | lp

    or to a file:

       crypt < gibberish > confidential

    You can use crypt as the basis of a password mechanism by testing whether
    the unencrypted file (confidential) and the original file (top_secret)
    are the same:

       cmp -s top_secret confidential
       if [ $? = 0 ]
       then
            echo "Password verified - Welcome"
       else
            echo "Password incorrect!"
       fi


 Files

    /dev/tty    for typed key

 See also

    ed(C), ex(C), makekey(ADM), ps(C), stty(C) and vi(C).

 Notes

    If two or more files encrypted with the same key are concatenated and an
    attempt is made to decrypt the result, only the contents of the first of
    the original files will be decrypted correctly.

    Distribution of the crypt libraries and utilities is regulated by the
    U.S. Government and they are not available to sites outside of the United
    States and its territories.  Because we cannot control the destination of
    the software, these utilities are not included in the standard product.
    If your site is within the U.S. or its territories, you can obtain the
    crypt software through your product distributor or reseller.

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026