ccryptrol bovebben:
DESCRIPTION
ccrypt is a utility for encrypting and decrypting files and streams. It was designed to replace the standard unix crypt
utility, which is notorious for using a very weak encryption algorithm. ccrypt is based on the Rijndael block cipher,
which was also chosen by the U.S. government as the Advanced Encryption Standard (AES, see http://www.nist.gov/aes/).
This cipher is believed to provide very strong cryptographic security.
SECURITY
ccrypt is believed to provide very strong cryptographic security, equivalent to that of the Rijndael cipher with 256-bit
block size and 256-bit key size. Another version of the Rijndael cipher (with a smaller block size) is used in the U.S.
government's Advanced Encryption Standard (AES, see http://www.nist.gov/aes/). Therefore, this cipher is very well stud-
ied and subject to intensive public scrutiny. This scrutiny has a positive effect on the cipher's security. In particu-
lar, if an exploitable weakness in this cipher were ever discovered, this would become widely publicized.
In practical terms, the security of ccrypt means that, without knowledge of the encryption key, it is effectively impos-
sible to obtain any information about the plaintext from a given ciphertext. This is true even if a large number of
plaintext-ciphertext pairs are already known for the same key. Moreover, because ccrypt uses a key size of 256 bits, an
exhaustive search of the key space is not feasible, at least as long as sufficiently long keys are actually used in prac-
tice. No cipher is secure if users choose insecure keywords.
On the other hand, ccrypt does not attempt to provide data integrity, i.e., it will not attempt to detect whether the
ciphertext was modified after encryption. In particular, encrypted data can be truncated, leaving the corresponding
decrypted data also truncated, but otherwise consistent. If one needs to ensure data integrity as well as secrecy, this
can be achieved by other methods. The recommended method is to prepend a cryptographic hash (for instance, an MD5 or
SHA-1 hash) to the data before encryption.