crypt reads data from the standard input and writes it to the standard output in an encrypted (coded) form. It also decrypts (decodes) previously encrypted data.
The encryption is uniquely determined by a user-supplied key, which is an arbitrary text string. The details of the transformation depend on the key in a way that makes them difficult to derive from the output alone. You may supply the key on the command line; otherwise crypt prompts you to enter the key. When you type in the key in response to the prompt, crypt does not display it on the screen. This latter approach is recommended for security reasons, because when you specify the key on the command line, it appears in the shell's command history, whereas a key typed in response to a prompt does not.
By default, the data transformation is a simulation of a rotor machine (styled after the Enigma machine used by the German military during WWII, but simplified). This is fully compatible with the UNIX version of this command. The encryption algorithm is reflexive, so the application of crypt to its own output, with the same key, yields the original input. This is also the algorithm used by the encryption options of ed and vi.
Many methods of cryptanalysis depend on knowing that the distribution of input characters is highly skewed. This is certainly the case for ASCII text. You can frustrate these methods by making the input distribution more uniform, by first using compressing the file (using mkszip or by encrypting more than once, with unrelated keys.
decrypts data that was encrypted with the
encrypts the input using the National Bureau of Standards' Data Encryption Standard (DES) algorithm. You can decrypt data encrypted in this way with the
The DES algorithm is not reflexive and is probably much more secure than the rotor machine; however, it is noticeably slower.
reads input from the file specified by input_file rather than the standard input. Note, however, that if input_file is -, the standard input is used.
writes output to the file specified by output_file rather than the standard output. Note, however, that if output_file is -, the standard output is used.
attempts to decrypt the input if it appears to be encrypted; otherwise, it applies no transformations. This is a heuristic used to improve the behavior of ed and vi. However, if the first block of characters of a non-encrypted file are randomly distributed, this option may not work. You cannot use
-twith either of the -dor -eoptions.
Possible exit status values are:
Failure due to any of the following:
Windows 2000. Windows XP. Windows Server 2003. Windows Vista. Windows 7. Windows Server 2008. Windows 8. Windows Server 2012. All UNIX systems.
However, export restrictions limit the availability of the UNIX implementation outside of the U.S.
DES encryption is unique to this implementation.
MKS does not warrant this program to be fit for any particular purpose -- see your license agreement. If you are unable to decrypt some file for any reason (for example, you have lost the key, or mistyped it in the first place), your only recourse is cryptanalysis.
There are known methods of cryptanalytic attack on rotor machines. After all, the Allies routinely deciphered Enigma traffic about fifty years ago. The NSA is rumored to be able to decipher DES, albeit with super-computers and unlimited budgets. Security is afforded primarily by the (presumed) limits to the patience, determination and resources of the attacker.
Poorly chosen keys, such as short monocase natural-language words and familiar names are highly susceptible to systematic guessing.
Even when files are deleted their contents remain on disk, in unallocated blocks, and can readily be discovered by someone familiar with the structures and allocation strategies of the file system.
MKS Toolkit for Power Users
MKS Toolkit for System Administrators
MKS Toolkit for Developers
MKS Toolkit for Interoperability
MKS Toolkit for Professional Developers
MKS Toolkit for Enterprise Developers
MKS Toolkit for Enterprise Developers 64-Bit Edition
MKS Toolkit 9.5 Documentation Build 3.