[unix-history] / usr / src / Domestic / src / crypt / crypt.1

.\"	@(#)crypt.1	6.4 (Berkeley) 4/22/91
.\"
.TH CRYPT 1 "April 22, 1991"
.AT 3
.SH NAME
crypt \- encode/decode
.SH SYNOPSIS
.B crypt
[ password ]
.SH DESCRIPTION
.ft B
This interface is obsoleted by bdes(1).
.ft R
.PP
.I Crypt
reads from the standard input and writes
on the standard output.
The
.I password
is a key that selects a particular transformation.
If no
.I password 
is given,
.I crypt
demands a key from the terminal and turns
off printing while the key is being typed in.
.I Crypt
encrypts and decrypts with the same key:
.PP
	crypt key <clear >cypher
.br
	crypt key <cypher | pr
.PP
will print the clear.
.PP
Files encrypted by
.I crypt
are compatible with those treated by the editor
.I ed
in encryption mode.
.PP
The security of encrypted files depends on three factors:
the fundamental method must be hard to solve;
direct search of the key space must be infeasible;
`sneak paths' by which keys or cleartext can become
visible must be minimized.
.PP
.I Crypt
implements a one-rotor machine designed along the lines
of the German Enigma, but with a 256-element rotor.
Methods of attack on such machines are known, but not widely;
moreover the amount of work required is likely to be large.
.PP
The transformation of a key into the internal
settings of the machine is deliberately designed to
be expensive, i.e. to take a substantial fraction of
a second to compute.
However,
if keys are restricted to (say)
three lower-case letters,
then encrypted files can be read by expending only
a substantial fraction of
five minutes of machine time.
.PP
Since the key is an argument to the
.I crypt
command,
it is potentially visible to users executing
.IR ps (1)
or a derivative.
To minimize this possibility,
.I crypt
takes care to destroy any record of the key
immediately upon entry.
No doubt the choice of keys and key security
are the most vulnerable aspect of
.I crypt.
.SH FILES
/dev/tty for typed key
.SH "SEE ALSO"
ed(1),
crypt(3),
makekey(8)
.SH BUGS
There is no warranty of merchantability nor any warranty
of fitness for a particular purpose nor any other warranty,
either express or implied, as to the accuracy of the
enclosed materials or as to their suitability for any
particular purpose.  Accordingly, Bell Telephone
Laboratories assumes no responsibility for their use by the
recipient.   Further, Bell Laboratories assumes no obligation
to furnish any assistance of any kind whatsoever, or to
furnish any additional information or documentation.
Commit	Line	Data
ad787160	1	.\" @(#)crypt.1 6.4 (Berkeley) 4/22/91
c38495d9	2	.\"
ad787160	3	.TH CRYPT 1 "April 22, 1991"
c38495d9 KM	4	.AT 3
	5	.SH NAME
	6	crypt \- encode/decode
	7	.SH SYNOPSIS
	8	.B crypt
	9	[ password ]
	10	.SH DESCRIPTION
d789c05d	11	.ft B
02fdc0fc	12	This interface is obsoleted by bdes(1).
d789c05d KB	13	.ft R
d789c05d KB	14	.PP
c38495d9 KM	15	.I Crypt
	16	reads from the standard input and writes
	17	on the standard output.
	18	The
	19	.I password
	20	is a key that selects a particular transformation.
	21	If no
	22	.I password
	23	is given,
	24	.I crypt
	25	demands a key from the terminal and turns
	26	off printing while the key is being typed in.
	27	.I Crypt
	28	encrypts and decrypts with the same key:
	29	.PP
	30	crypt key <clear >cypher
	31	.br
	32	crypt key <cypher \| pr
	33	.PP
	34	will print the clear.
	35	.PP
	36	Files encrypted by
	37	.I crypt
	38	are compatible with those treated by the editor
	39	.I ed
	40	in encryption mode.
	41	.PP
	42	The security of encrypted files depends on three factors:
	43	the fundamental method must be hard to solve;
	44	direct search of the key space must be infeasible;
	45	`sneak paths' by which keys or cleartext can become
	46	visible must be minimized.
	47	.PP
	48	.I Crypt
	49	implements a one-rotor machine designed along the lines
	50	of the German Enigma, but with a 256-element rotor.
	51	Methods of attack on such machines are known, but not widely;
	52	moreover the amount of work required is likely to be large.
	53	.PP
	54	The transformation of a key into the internal
	55	settings of the machine is deliberately designed to
	56	be expensive, i.e. to take a substantial fraction of
	57	a second to compute.
	58	However,
	59	if keys are restricted to (say)
	60	three lower-case letters,
	61	then encrypted files can be read by expending only
	62	a substantial fraction of
	63	five minutes of machine time.
	64	.PP
	65	Since the key is an argument to the
	66	.I crypt
	67	command,
	68	it is potentially visible to users executing
	69	.IR ps (1)
	70	or a derivative.
	71	To minimize this possibility,
	72	.I crypt
	73	takes care to destroy any record of the key
	74	immediately upon entry.
	75	No doubt the choice of keys and key security
	76	are the most vulnerable aspect of
	77	.I crypt.
	78	.SH FILES
79	/dev/tty for typed key
80	.SH "SEE ALSO"
81	ed(1),
91b81c27	82	crypt(3),
c38495d9 KM	83	makekey(8)
	84	.SH BUGS
	85	There is no warranty of merchantability nor any warranty
	86	of fitness for a particular purpose nor any other warranty,
	87	either express or implied, as to the accuracy of the
	88	enclosed materials or as to their suitability for any
	89	particular purpose. Accordingly, Bell Telephone
	90	Laboratories assumes no responsibility for their use by the
	91	recipient. Further, Bell Laboratories assumes no obligation
	92	to furnish any assistance of any kind whatsoever, or to
	93	furnish any additional information or documentation.