Arachne at FreeLists---The Arachne Fan Club! Sam, I remember reading that web page a while back, prolly when you posted it. It also uses the Rijndael cipher with 256 bit blocks. Pbox that I posted only uses 128 bits. I'm not sure why as AES can use 256 bit. BTW DES went out of common use at least 8 years or so ago. It is no longer in current use by the government. One advantage I can see with AES over ccrypt for very serious security, ccrypt can't be stacked, whereas AES can be tripled as with RSA-Blowfish-AES. But that would prolly be overkill for most people. Rob On Thu, 29 Oct 2009, Samuel W. Heywood wrote:
Arachne at FreeLists -- Arachne, The Premier GPL Web Browser/Suite for DOS --On Thu, 29 Oct 2009, Rob wrote:I thought I should post this for the security conscious on the list. It's a console program for encrypting a list of passwords, PINs, and such. It's a 128bit AES encryption. INow that the subject of file encryption has come up again, you might want to re-visit an old post about this that I contributed: --------------- begin quoted material (quoting self) ------------------- From: "Samuel W. Heywood" <sheywood@xxxxxxxxxxx> * To: arachne@xxxxxxxxxxxxx * Date: Sat, 26 Sep 2009 00:00:43 +0800 Hello folks: Subject of this message,"ccrypt", is about a relatively new command line utility which is thought to provide very strong encryption/decryption for files and data. I have been using this program in a "dos-box" running under Windoze. Also I have been using it with a linux terminal. For people accustomed to working with the command line, ccrypt is a very simple program to use. According to a FAQ written by the program's author: "Ccrypt works on Linux, Windows, Macintosh OS-X, Unix, and in principle, on many other platforms." Source of quote: "http://ccrypt.sourceforge.net/faq.html";; I wonder if the developers could,"in principle", port this program to DOS. ------------- end quoted material (quoting self) --------------------- Also, according to several sources, ccrypt is currently a very serious contender being considered by the US Department of Defense for replacement of the DES encryption which is currently in use by DoD. Oh, one really cool feature of ccrypt is that, after encrypting a file, the program automagically "wipes" your plain text version. It wipes over the plain text version several times by overwriting it with random patterns. A most important thing about doing file encryption properly is to see to it that your plain text version is completely shredded and destroyed by a file wiping procedure. As you know, if you merely "delete" a file it can usually be very easily recovered. Sam Heywood Arachne at FreeLists -- Arachne, The Premier GPL Web Browser/Suite for DOS --