MCRYPT(1)MCRYPT(1)NAME
mcrypt, mdecrypt - encrypt or decrypt files
SYNOPSISmcrypt [ -dLFubhvrzp ] [-a algorithm] [-c config_file] [-m mode]
[-s keysize] [-o keymode] [-k key1 key2 ...] [-f keyfile] [ file_
name ... ]
mdecrypt [ -LFusbhvzp ] [-a algorithm] [-c config_file]
[-m mode] [-s keysize] [-o keymode] [-k key1 key2 ...]
[-f keyfile] [ filename ... ]
DESCRIPTION
Mcrypt is a simple crypting program, a replacement for the
old unix crypt(1). When encrypting or decrypting a file,
a new file is created with the extension .nc and mode
0600. The new file keeps the modification date of the
original. The original file may be deleted by specifying
the -u parameter. If no files are specified, the standard
input is encrypted to the standard output.
Mcrypt uses all the symmetric algorithms included in libm
crypt.
HINTS
By default, mcrypt , when one of these algorithms is spec
ified, prompts something like:
Enter passphrase: ...
You should then enter a passphrase long enough (512 char
acters is the maximum length). Now in order to encrypt the
file, The passphrase is transformed using the specified
(or the default) key generation algorithm, and a random
salt. The produced value is then used as the key, which is
fed to the algorithm.
Algorithm Vulnerability: Most algorithms today are
designed to resist in specific attacks. None of them is
proved not to be vulnerable to some kind of attack not as
yet known.
Compression: By compressing your data before encryption
you gain both in efficiency (faster encryption) and safety
of your data (language redundancy is removed). A drawback
is that most compression programs will add specific head
ers in the compressed file, thus making known plaintext
attacks easier. Compression after encryption is useless
and may result to compressed files with longer size than
the original.
Error Recovery: There is some error recovery in mcrypt.
If bytes are removed or lost from the file or stream in
ECB, CBC and OFB modes, are impossible to recover,
although CFB mode will recover. If some bytes are altered
then a full block of plaintext is affected in ECB mode,
two blocks in CBC and CFB modes, but only the correspond
ing byte in OFB mode. Mcrypt uses a 32 bit CRC to check
for errors in the encrypted files.
Extra security: For the very paranoid, if mcrypt is exe
cuted with superuser priviledges it ensures that no
important data (keys etc.) are written to disk, as swap
etc. Keep in mind that mcrypt was not designed to be a
setuid program, so you shouldn't make it one.
Do not rely on the fact that an algorithm has a large key
size, try to use long passphrases and try to make them
unpredictable.
All the block algorithms above support these modes of
encryption:
ECB: The Electronic CodeBook mode. It is the simplest mode
to use with a block cipher. Encrypts each block indepen
dently.
CBC: The Cipher Block Chaining mode. It is better than ECB
since the plaintext is XOR'ed with the previous cipher
text. A random block is placed as the first block so the
same block or messages always encrypt to something differ
ent. (This is the default mode)
CFB: The Cipher-Feedback Mode (in 8bit). This is a self-
synchronizing stream cipher implemented from a block
cipher.
OFB: The Output-Feedback Mode (in 8bit). This is a syn
chronous stream cipher implemented from a block cipher. It
is intended for use in noisy lines, because corrupted
ciphertext blocks do not corrupt the plaintext blocks that
follow. Insecure (because used in 8bit mode) so I recom
mend against using it. Added just for completeness.
nOFB: The Output-Feedback Mode (in nbit). n Is the size of
the block of the algorithm. This is a synchronous stream
cipher implemented from a block cipher. It is intended for
use in noisy lines, because corrupted ciphertext blocks do
not corrupt the plaintext blocks that follow.
Encrypted files can be restored to their original form
using mcrypt-d or mdecrypt
mdecrypt takes a list of files on its command line and
creates a new file for each file whose name ends with .nc
by removing the ".nc" or by adding ".dc" to the end of the
file name if .nc is not in the encrypted file's name.
OPTIONS-F --force
Force output on standard output or input from stdin
if that is a terminal. By default mcrypt will not
output encrypted data to terminal, nor read
encrypted data from it.
-z --gzip
Use gzip (if it exists in your system) to compress
files before encryption. If specified at decryp
tion time it will decompress these files.
-p --bzip2
Use bzip2 (if it exists in your system) to compress
files before encryption. If specified at decryp
tion time it will decompress these files.
--openpgp-z INT
This option will enable compression in OpenPGP
(RFC2440) encrypted files.
-d --decrypt
Decrypt.
--help
Display a help screen and quit.
-v --version
Version. Display the version number and quit.
-L --license
Display the mcrypt's license and quit.
-o --keymode MODE
MODE may be one of the keymodes listed by the
--keymodeslist parameter. It actually is the con
vertion to the key before it is fed to the algo
rithm. It is recommended to leave it as is, if you
do not know what it is. However if you still want
to use this option, you might want to use the 'hex'
mode which allows you to specify the key in hex
(and no convertion will by applied).
-h --hash HASH_ALGORITHM
HASH_ALGORITHM may be one of the algorithms listed
by the --hashlist parameter. This is the digest
that will be appended to the file to be encrypted,
in order to detect file corruption. The default is
the CRC32 checksum.
-s --keysize SIZE
SIZE is the algorithm's key size in bytes (not the
size of the passphrase). It defaults to the maximum
key supported by the algorithm. The maximum key
sizes of the algorithms may be obtained by the
--list parameter. It is safe not to touch this.
-g --openpgp
This option will make mcrypt to use the OpenPGP
(RFC2440) file format for encrypted files. This
will make files encrypted by mcrypt accessible from
any OpenPGP compliant application.
-b --bare
No important information like the algorithm, mode,
the bit mode and the crc32 of the original file are
written in the encrypted file. The security lies
on the algorithm not on obscurity so this is NOT
the default. This flag must also be specified when
decrypting a bare encrypted file. When the bare
flag is specified decryption and encryption are
faster. This may be usefull when using mcrypt to
encrypt a link or something like that.
--flush
Flushes the output (ciphertext or plaintext) imme
diately. Usefull if mcrypt is used with pipes.
--time Prints some timing information (encryption speed
etc.)
--nodelete
When this option is specified mcrypt does not
delete the output file, even if decryption failed.
This is usefull if you want to decrypt a corrupted
file.
-q --quiet
Suppress some not critical warnings.
-u --unlink
Unlink (delete) the input file if the whole process
of encryption/decryption succeeds. This is not the
default in order to use an external program to
remove sensitive data.
--list
Lists all the algorithms current supported.
--keymodeslist
Lists all the key modes current supported.
--hashlist
Lists all the hash algorithms current supported.
-r --random
Use /dev/(s)random instead of /dev/urandom. This
may need some key input or mouse move to proceed.
If your system does not support /dev/random or
/dev/urandom, a random gatherer will be used.
-k --key KEY1 KEY2 ...
Enter the keyword(s) via the command line. The
KEY(s) is/are then used as keyword instead of
prompting for them. Keep in mind that someone may
see the command you are executing and so your key
word(s).
-c --config FILE
Use the specified configuration file. The default
is .mcryptrc in your home directory. The format of
the configuration file is the same as the parame
ters. An example file is:
algorithm safer+
mode cbc
key a_very_secret_one
-f --keyfile FILE
Enter the keyword(s) via a file. One keyword is
read per line. The first keyword read is used for
the first file, the second for the second file etc.
If the keywords are less than the files then the
last keyword is used for the remaining. A limita
tion is that you cannot use the NULL (\0) and the
Newline (\n) character in the key. A solution to
this problem is to specify the keyword in hex mode.
-m --mode MODE
Mode of encryption and decryption. These modes are
currently supported: ECB, CFB, OFB, nOFB, CBC and
STREAM. CBC is the default. Unless the bare flag is
specified there is no need to specify these modes
for decryption. For stream algorithms (like WAKE)
mode should be STREAM.
-a --algorithm ALGORITHM
The algorithm used to encrypt and decrypt. Unless
the bare flag is specified there is no need to
specify these for decryption.
The algorithms currently supported are shown with
the --list parameter.
EXAMPLES
For mcrypt to be compatible with the solaris des(1), the
following parameters are needed: "mcrypt -a des --keymode
pkdes --bare --noiv filename".
For mcrypt to be compatible with the unix crypt(1), the
following parameters are needed: "mcrypt -a enigma --key
mode scrypt --bare filename".
To encrypt a file using a stream algorithm (eg. Arcfour),
the following parameters are needed: "mcrypt -a arcfour
--mode stream filename".
ENVIRONMENT
Mcrypt uses the following environment variables:
MCRYPT_KEY: to specify the key
MCRYPT_ALGO: to specify the algorithm
MCRYPT_MODE: to specify the algorithm's mode
MCRYPT_KEY_MODE: to specify the key mode
You can use these instead of using the command line (which
is insecure), but note that only one key should be used in
MCRYPT_KEY.
SEE ALSOcrypt(1), des(1)mcrypt(3)DIAGNOSTICS
Exit status is normally 0; if an error occurs, exit status
is something other than 0.
Usage: mcrypt [-dLFubhvrzp] [-f keyfile] [-k key1 key2
...] [-m mode] [-o keymode] [-a algorithm] [-c con
fig_file] [filename ...]
AUTHORS
Version 2.6.0 Copyright (C) 1998,1999,2000,2001,2002 Nikos
Mavroyanopoulos (nmav@gnutls.org).
Thanks to all the people who reported problems and sug
gested various improvements for mcrypt; who are too numer
ous to cite here.
local 29 May 2002 MCRYPT(1)