You may want to keep some of your files confidential, so that no other user can read them, including the superuser. For instance, you may have some confidential personnel records that you do not want others to read. Or you may have source code for some application program that you want to keep secret. You can protect the confidentiality of files by encrypting their contents. When you encrypt the contents of a file, you use a procedure that changes the contents of the file into seemingly meaningless data, known as ciphertext. However, by decrypting the file, you can recover its original contents. The original contents of the file are known as plaintext or cleartext.
Many UNIX variants, other than Linux distributions, provide the crypt command for file encryption. We will describe how to use the crypt command here. Note that the crypt command, if available on your system, cannot withstand serious attack. After we discuss how to use crypt, we will explain why files encrypted using it are vulnerable to attack and why it is not included in Linux. We will also describe replacements for it that can be used for serious encryption.
To use crypt to encrypt a file, you need to supply an encryption key, either as an argument on the command line, as the response to a prompt, or as an environment variable. Do not forget the key you use to encrypt a file, because if you do, you cannot recover the file-not even the system administrator will be able to help. The type of encryption used by the crypt command is called private key encryption, since anyone who knows the encryption key can easily find the decryption key In fact, for crypt the encryption key and the decryption key are exactly the same! (Later in this chapter we will discuss a different kind of encryption system, known as a public key system, where knowing the encryption key does not provide useful help for decryption. In particular, we will discuss the popular Pretty Good Privacy [PGP] system.)
Providing the key on the command line is almost always a bad idea (you’ll see why later in this chapter). However, you may want to use the crypt command in this way inside a shell script. The following example shows this use of crypt. The command line
$ crypt buu2 < letter > letter.enc
encrypts the file letter using the encryption key “buu2”, putting the encrypted contents of the file letter in the file letter.enc. Generally, you won’t be able to view the contents of the file letter.enc, because it probably contains non-ASCII characters.
For instance, if the file letter contains the following text,
$ cat letter Hello, This is a sample letter.
then using crypt with the key “buu2” gives
$ crypt buu2 < letter R-Sw1;M>6X_4#=R ;w0M4K\$
where the last character, the dollar sign, is the prompt for your next command.
When you use crypt with your encryption key as an argument, you are temporarily making yourself vulnerable. This is because someone running the ps command with the -a option will be able to see the command line you issued, which contains the encryption key
To avoid this vulnerability, you can run crypt without giving it an encryption key When you do this, it will prompt you for the key The string you type as your key is not echoed back to your display Here is an example showing how crypt is run in this way:
$ crypt < letter > letter.enc Enter Key: buu2
You enter your encryption key at the prompt “Enter Key:”.
You can also use an environment variable as your key when you encrypt a file with crypt. When you use the -k option to crypt, the key used is the value of the variable CRYPTKEY. For instance, you may have the following line in your .profile:
CRYPTKEY=buu2
To encrypt the file letter, you use the command line
$ crypt -k letter
The preceding example encrypts letter using the value of CRYPTKEY, buu2, as the key.
Generally, it is not a good idea to use this method because it uses the same key each time you encrypt a file. This makes it easier for an attacker to cryptanalyze your encrypted files. Also, storing your key in a file makes it vulnerable if an unauthorized user gains access to your .profile.
To decrypt your file, run crypt on the encrypted file using the same key This produces your original file, because the process of decrypting is identical to the process of encrypting. Make sure you remember the key you used to encrypt a file. You will not be able to recover your original file if you forget the key, and your system administrator won’t be able to help you.
One way to protect a file is to create it using your favorite editor and then encrypt the file using crypt. To modify it, you first need to decrypt the file using crypt, run your editor, and then encrypt the results using crypt. When you use this procedure, the file is unprotected while being edited, since it is in unencrypted form during this time.
To avoid this vulnerability, you can encrypt your files by invoking your editor (ed or vi) with the -x option. For instance, to use vi to create a file named projects using “ag20v3n” as your encryption key, do the following:
$ vi -x projects Key: ag20v3n
The system prompts you for your encryption key You have to remember it to be able to read and edit this file. To edit the file, run vi -x and enter the same key when you are prompted. You can read the file using this command:
$ crypt < projects Key: ag20v3n
Unfortunately, the encryption provided by this command is quite weak; files encrypted using it cannot withstand a serious attack. The algorithm used by crypt to encrypt files simulates the action of a mechanical encrypting machine known as the Enigma, which was used by Germany during World War II. Files made secret using crypt are vulnerable to attack. For example, tools have been developed by Jim Reeds and Peter Weinberger and publicized in the Bell Laboratories Technical Journal to cryptanalyze files encrypted using crypt. There has even been a distribution on netnews of a program written by Bob Baldwin in 1986 called the Crypt Breaker’s Workbench that performs this cryptanalysis. The moral is that you should not consider files encrypted this way to be very secure.
The primary reason that the crypt command is not included with Linux is that until the mid-1990s, U.S. government regulations prohibited the export of systems that included cryptographic functions, including UNIX with crypt. Surprisingly, such systems were classified as munitions. Computer vendors exporting their UNIX systems outside of the United States. and Canada had to remove the crypt command. Because Linux was meant for worldwide use, Linux developers avoided implementing this command. Furthermore, in the early 1990s more powerful cryptographic capabilities were developed to provide encryption that could withstand serious attacks, including the Pretty Good Privacy system (and the GNU version, the GNU Privacy Guard). We will discuss the Pretty Good Privacy system and the GNU Privacy Guard later in this chapter.
Because the crypt command is cryptographically weak and because it is not available for all UNIX variants, several stronger replacement commands, ccrypt and mcrypt, have been developed. These replacement commands are designed to be used in the same way the crypt command is used, taking options that are almost identical to the command-line options for crypt. This makes it easy to upgrade shell scripts written using crypt to provide strong encryption. These replacements commands support extremely strong encryption capabilities that can withstand powerful attacks. The ccrypt command is available for Linux, Solaris, HP-UX, AIX, Mac OS X, FreeBSD, OpenBSD, and NetBSD. Encryption in ccrypt is based on the Advanced Encryption Standard, a U.S. government standard. You can learn more about ccrypt and download it by going to http://ccrypt.sourceforge.net/. To learn more about mcrypt, which supports a wide range of cryptographic algorithms, go to http://mcrypt.sourceforge.net/.
You can protect a file from cryptanalysis by first compressing it and then encrypting it. In this section you’ll first learn how to compress files and then see how to use compression to help make files more secure.
Compression replaces a file with an encoded version containing fewer bytes. The compressed version of the file contains the same information as the original file. The original file can be recovered from the compressed version by undoing the compression procedure. A compressed version of the file requires less storage space and can be sent over a communications line more quickly than the original file.
Most UNIX variants provide several commands that you can use to compress files. For example, systems based on SVR4 include both the pack and the compress commands. Other systems, including Linux, provide the gzip command (and usually also provide pack or compress).
THE pack COMMAND When you use the pack command on a file, it replaces the original file with a compressed file. The compressed file has the same name as the original file except that it has a .z at the end of the filename. Also, the pack command uses standard error to report the compression percentage (which is the percentage that the compressed file is smaller than the original file). For instance, this is how you would compress the report file using pack:
$ pack report pack: report: 41.3% Compression
Listing all files that begin with the string report then gives this:
$ ls report* report.z
You can recover your original file from the compressed version by running the unpack command with the original filename as the argument, as shown here:
$ unpack report unpack: report: unpacked
THE compress COMMAND The pack command uses a technique known as Huffman coding to compress files. Typically this technique achieves 30–40 percent compression of a text file. However, other methods can compress files into fewer bytes. One such compression technique is the Lempel-Ziv method used by the compress command. This command originally came from the BSD System. Because the Lempel-Ziv method is almost always more efficient than Huffman coding, compress will almost never use more bytes than pack to compress a file. Generally, Lempel-Ziv reduces the number of bytes needed to code English text or computer programs by more than 50 percent.
When you run the compress command on a file, your original file is replaced by a file with the same name but appended with .Z. For instance,
$ compress records $ ls records* records.Z
Note that the compress command does not report how efficient its compression is (unlike the pack command) unless you supply it with the -v option, as shown here:
$ compress -v records records: Compression: 49.17% -- replaced with records.Z
To recover the original file, use the uncompress command. This uncompresses the compressed version of the file, removing the compressed file. For instance, this is how you would obtain the original file records:
$ uncompress records
If you wish to display the uncompressed version of your file but leave the compressed version intact, use this command:
$ zcat records
THE gzip COMMAND The gzip command is the standard GNU compression program. When you use the gzip command on a file, this file is replaced by a compressed version that has the same name as the original file but with the extension .gz added. For example, the command
$ gzip records
replaces the file records with the compressed file records.gz. To decompress files that were encrypted using gzip, you can either use the gunzip command or the gzip command with the -d (decrypt) option. Note that it is not necessary to provide the extension .gz when using either of these decryption commands. For example, either
$ gunzip records
or
$ gzip -d records
will replace the encrypted file records.gz with the original file records.
To make it harder for an intruder to recover the plaintext version of a file from the encrypted file, you can first compress the file and then encrypt it, preferably by a strong encryption program. Programs designed to cryptanalyze files encrypted using particular algorithms will not work well when you do this. For instance, if you only have the crypt command available, you can make your file more secure by using the pack command followed by the crypt command. (Note that your files will still be vulnerable to serious attack, but this approach will provide some added security)
$ pack records pack: records: 41.1% Compression $ crypt < records.z > records.enc Enter key: buu2 $ rm records.z
To recover your file, use the crypt command followed by unpack:
$ crypt < records.enc > records.z Enter key: buu2 $ unpack records unpack: records: unpacked
You can also combine compress and crypt. To make your file secure, use the compress command followed by the crypt command:
$ compress records $ crypt < records.Z > records.enc Enter key: buu2
To recover your original file, use the crypt command followed by uncompress:
$ crypt < records.enc > records.Z Enter key: buu2 $ uncompress records