1MCRYPT(1) General Commands Manual MCRYPT(1)
2
3
4
6 mcrypt, mdecrypt - encrypt or decrypt files
7
9 mcrypt [ -dLFubhvrzp ] [-a algorithm] [-c config_file] [-m mode] [-s keysize]
10 [-o keymode] [-k key1 key2 ...] [-f keyfile] [ filename ... ]
11
12 mdecrypt [ -LFusbhvzp ] [-a algorithm] [-c config_file] [-m mode]
13 [-s keysize] [-o keymode] [-k key1 key2 ...] [-f keyfile] [ filename
14 ... ]
15
17 Mcrypt is a simple crypting program, a replacement for the old unix
18 crypt(1). When encrypting or decrypting a file, a new file is created
19 with the extension .nc and mode 0600. The new file keeps the modifica‐
20 tion date of the original. The original file may be deleted by speci‐
21 fying the -u parameter. If no files are specified, the standard input
22 is encrypted to the standard output.
23
24 Mcrypt uses all the symmetric algorithms included in libmcrypt.
25
26
28 By default, mcrypt , when one of these algorithms is specified, prompts
29 something like:
30 Enter passphrase: ...
31 You should then enter a passphrase long enough (512 characters is the
32 maximum length). Now in order to encrypt the file, The passphrase is
33 transformed using the specified (or the default) key generation algo‐
34 rithm, and a random salt. The produced value is then used as the key,
35 which is fed to the algorithm.
36
37 Algorithm Vulnerability: Most algorithms today are designed to resist
38 in specific attacks. None of them is proved not to be vulnerable to
39 some kind of attack not as yet known.
40
41 Compression: By compressing your data before encryption you gain both
42 in efficiency (faster encryption) and safety of your data (language
43 redundancy is removed). A drawback is that most compression programs
44 will add specific headers in the compressed file, thus making known
45 plaintext attacks easier. Compression after encryption is useless and
46 may result to compressed files with longer size than the original.
47
48 Error Recovery: There is some error recovery in mcrypt. If bytes are
49 removed or lost from the file or stream in ECB, CBC and OFB modes, are
50 impossible to recover, although CFB mode will recover. If some bytes
51 are altered then a full block of plaintext is affected in ECB mode, two
52 blocks in CBC and CFB modes, but only the corresponding byte in OFB
53 mode. Mcrypt uses a 32 bit CRC to check for errors in the encrypted
54 files.
55
56 Extra security: For the very paranoid, if mcrypt is executed with supe‐
57 ruser privileges it ensures that no important data (keys etc.) are
58 written to disk, as swap etc. Keep in mind that mcrypt was not
59 designed to be a setuid program, so you shouldn't make it one.
60
61 Do not rely on the fact that an algorithm has a large key size, try to
62 use long passphrases and try to make them unpredictable.
63
64 All the block algorithms above support these modes of encryption:
65
66 ECB: The Electronic CodeBook mode. It is the simplest mode to use with
67 a block cipher. Encrypts each block independently.
68
69 CBC: The Cipher Block Chaining mode. It is better than ECB since the
70 plaintext is XOR'ed with the previous ciphertext. A random block is
71 placed as the first block so the same block or messages always encrypt
72 to something different. (This is the default mode)
73
74 CFB: The Cipher-Feedback Mode (in 8bit). This is a self-synchronizing
75 stream cipher implemented from a block cipher.
76
77 OFB: The Output-Feedback Mode (in 8bit). This is a synchronous stream
78 cipher implemented from a block cipher. It is intended for use in noisy
79 lines, because corrupted ciphertext blocks do not corrupt the plaintext
80 blocks that follow. Insecure when used to encrypt large amounts of
81 data, so I recommend against using it.
82
83 nOFB: The Output-Feedback Mode (in nbit). n Is the size of the block of
84 the algorithm. This is a synchronous stream cipher implemented from a
85 block cipher. It is intended for use in noisy lines, because corrupted
86 ciphertext blocks do not corrupt the plaintext blocks that follow.
87
88
89 Encrypted files can be restored to their original form using mcrypt -d
90 or mdecrypt
91
92 mdecrypt takes a list of files on its command line and creates a new
93 file for each file whose name ends with .nc by removing the ".nc" or by
94 adding ".dc" to the end of the file name if .nc is not in the encrypted
95 file's name.
96
97
99 -F --force
100 Force output on standard output or input from stdin if that is a
101 terminal. By default mcrypt will not output encrypted data to
102 terminal, nor read encrypted data from it.
103
104 -z --gzip
105 Use gzip (if it exists in your system) to compress files before
106 encryption. If specified at decryption time it will decompress
107 these files.
108
109 -p --bzip2
110 Use bzip2 (if it exists in your system) to compress files before
111 encryption. If specified at decryption time it will decompress
112 these files.
113
114 --openpgp-z INT
115 This option will enable compression in OpenPGP (RFC2440)
116 encrypted files.
117
118 -d --decrypt
119 Decrypt.
120
121 --help
122 Display a help screen and quit.
123
124 -v --version
125 Version. Display the version number and quit.
126
127 -L --license
128 Display the mcrypt's license and quit.
129
130 -o --keymode MODE
131 MODE may be one of the keymodes listed by the --list-keymodes
132 parameter. It actually is the conversion to the key before it
133 is fed to the algorithm. It is recommended to leave it as is,
134 if you do not know what it is. However if you still want to use
135 this option, you might want to use the 'hex' mode which allows
136 you to specify the key in hex (and no conversion will be
137 applied).
138
139 -h --hash HASH_ALGORITHM
140 HASH_ALGORITHM may be one of the algorithms listed by the
141 --list-hash parameter. This is the digest that will be appended
142 to the file to be encrypted, in order to detect file corruption.
143 The default is the CRC32 checksum.
144
145 -s --keysize SIZE
146 SIZE is the algorithm's key size in bytes (not the size of the
147 passphrase). It defaults to the maximum key supported by the
148 algorithm. The maximum key sizes of the algorithms may be
149 obtained by the --list parameter. It is safe not to touch this.
150
151 -g --openpgp
152 This option will make mcrypt to use the OpenPGP (RFC2440) file
153 format for encrypted files. This will make files encrypted by
154 mcrypt accessible from any OpenPGP compliant application.
155
156 -b --bare
157 No important information like the algorithm, mode, the bit mode
158 and the crc32 of the original file are written in the encrypted
159 file. The security lies on the algorithm not on obscurity so
160 this is NOT the default. This flag must also be specified when
161 decrypting a bare encrypted file. When the bare flag is speci‐
162 fied decryption and encryption are faster. This may be useful
163 when using mcrypt to encrypt a link or something like that.
164
165 --flush
166 Flushes the output (ciphertext or plaintext) immediately. Useful
167 if mcrypt is used with pipes.
168
169 --time Prints some timing information (encryption speed etc.)
170
171 --nodelete
172 When this option is specified mcrypt does not delete the output
173 file, even if decryption failed. This is useful if you want to
174 decrypt a corrupted file.
175
176 -q --quiet
177 Suppress some not critical warnings.
178
179 -u --unlink
180 Unlink (delete) the input file if the whole process of encryp‐
181 tion/decryption succeeds. This is not the default in order to
182 use an external program to remove sensitive data.
183
184 --list
185 Lists all the algorithms current supported.
186
187 --list-keymodes
188 Lists all the key modes current supported.
189
190 --list-hash
191 Lists all the hash algorithms current supported.
192
193 -r --random
194 Use /dev/(s)random instead of /dev/urandom. This may need some
195 key input or mouse move to proceed. If your system does not
196 support /dev/random or /dev/urandom, a random gatherer will be
197 used.
198
199 -k --key KEY1 KEY2 ...
200 Enter the keyword(s) via the command line. The KEY(s) is/are
201 then used as keyword instead of prompting for them. Keep in mind
202 that someone may see the command you are executing and so your
203 keyword(s).
204
205 -c --config FILE
206 Use the specified configuration file. The default is .mcryptrc
207 in your home directory. The format of the configuration file is
208 the same as the parameters. An example file is:
209 algorithm safer+
210 mode cbc
211 key a_very_secret_one
212
213
214 -f --keyfile FILE
215 Enter the keyword(s) via a file. One keyword is read per line.
216 The first keyword read is used for the first file, the second
217 for the second file etc. If the keywords are less than the files
218 then the last keyword is used for the remaining. A limitation is
219 that you cannot use the NULL (\0) and the Newline (\n) character
220 in the key. A solution to this problem is to specify the key‐
221 word in hex mode.
222
223 -m --mode MODE
224 Mode of encryption and decryption. These modes are currently
225 supported: ECB, CFB, OFB, nOFB, CBC and STREAM. CBC is the
226 default. Unless the bare flag is specified there is no need to
227 specify these modes for decryption. For stream algorithms (like
228 WAKE) mode should be STREAM.
229
230 -a --algorithm ALGORITHM
231 The algorithm used to encrypt and decrypt. Unless the bare flag
232 is specified there is no need to specify these for decryption.
233
234 The algorithms currently supported are shown with the --list
235 parameter.
236
238 For mcrypt to be compatible with the solaris des(1), the following
239 parameters are needed: "mcrypt -a des --keymode pkdes --bare --noiv
240 filename".
241
242 For mcrypt to be compatible with the unix crypt(1), the following
243 parameters are needed: "mcrypt -a enigma --keymode scrypt --bare file‐
244 name".
245
246 To encrypt a file using a stream algorithm (eg. Arcfour), the following
247 parameters are needed: "mcrypt -a arcfour --mode stream filename".
248
249
251 Mcrypt uses the following environment variables:
252
253 MCRYPT_KEY: to specify the key
254
255 MCRYPT_ALGO: to specify the algorithm
256
257 MCRYPT_MODE: to specify the algorithm's mode
258
259 MCRYPT_KEY_MODE: to specify the key mode
260
261 You can use these instead of using the command line (which is inse‐
262 cure), but note that only one key should be used in MCRYPT_KEY.
263
265 crypt(1), des(1) mcrypt(3)
266
268 Exit status is normally 0; if an error occurs, exit status is something
269 other than 0.
270
271 Usage: mcrypt [-dLFubhvrzp] [-f keyfile] [-k key1 key2 ...] [-m mode]
272 [-o keymode] [-a algorithm] [-c config_file] [filename ...]
273
274
276 Version 2.6.0 Copyright (C) 1998,1999,2000,2001,2002 Nikos Mavroy‐
277 anopoulos (nmav@gnutls.org).
278
279 Thanks to all the people who reported problems and suggested various
280 improvements for mcrypt; who are too numerous to cite here.
281
282local 03 May 2003 MCRYPT(1)