Crypt (Unix)
In computing, crypt is a used for encryption. Due to the ease of breaking it, it is considered to be obsolete.
Contents
History
wrote <tt>crypt</tt>, which first appeared in , to encourage codebreaking experiments; Morris himself broke <tt>crypt</tt> by hand. automated decryption with a method by James Reeds, and an improved version appeared in which Reeds and also broke.
Relationship to password hash function
There is also a Unix function with the same name, crypt. Though both are used for encrypting data in some sense, they are otherwise essentially unrelated. To distinguish between the two, writers often refer to the utility program as crypt(1), because it is documented in section 1 of the Unix , and refer to the password hash function as crypt(3), because its documentation is in manual section 3.
Command filter crypt(1)
crypt(1) is a simple command to encrypt or decrypt data. Usually this is used as a , and it has traditionally been implemented using an algorithm based on the . It is considered to be far too cryptographically weak to provide any security against by modern, commodity .
Some versions of Unix shipped with an even weaker version of the crypt(1) command in order to comply with contemporaneous laws and regulations, which limited the exportation of cryptographic software (for example by classifying them as ). Some of these were simply implementations of the (effectively no more secure than , which is implemented as a Caesar cipher with a well known key).
crypt(1) under Linux
generally do not include a Unix compatible version of the crypt command. This is largely due to a combination of three major factors:
- crypt is relatively obscure and rarely used for e-mail attachments nor as a file format
- crypt is considered far too cryptographically weak to withstand by modern computing systems (Linux systems generally ship with which is considered to be reasonably secure by modern standards)
- During the early years of Linux development and adoption there was some concern that even as weak as the algorithm used by crypt was, that it might still run afoul of ‘s export controls; so mainstream distribution developers in the generally excluded it (and left their customers to fetch GnuPG or other strong cryptographic software from international sites, sometimes providing packages or scripts to automate that process).
The source code to several old versions of the crypt command is available in The Unix Heritage Society’s Unix Archive.
The recent crypt source code is available in the project.
Enhanced symmetric encryption utilities are available for Linux (and should also be to any other system) including and . While these provide support for much more sophisticated and modern algorithms, they can be used to encrypt and decrypt files which are compatible with the traditional crypt(1) command by providing the correct command line options.
Breaking crypt(1) encryption
Programs for breaking crypt(1) encryption are widely available. Bob Baldwin’s Crypt Breaker’s Workbench, which was written in 1984-1985, is an interactive tool that provides successive plaintext guesses that must be corrected by the user. Peter Selinger’s unixcrypt-breaker uses a simple statistical model to guess plausible plaintexts, and does not require user interaction.