linux poison RSS
linux poison Email

Cross platform file encryption utility using blowfish - Bcrypt

Bcrypt is a cross platform file encryption utility. Encrypted files are portable across all supported operating systems and processors. Pass-phrases must be between 8 and 56 characters and are hashed internally to a 448 bit key.

In addition to encrypting your data, bcrypt will by default overwrite the original input file with random garbage three times before deleting it in order to thwart data recovery attempts by persons who may gain access to your computer.

Bcrypt uses the blowfish encryption algorithm published by Bruce Schneier in 1993. More information on the algorithm can be found at Counterpane. Specifically, bcrypt uses Paul Kocher's implementation of the algorithm.

Bcrypt has a few limitations. First, bcrypt encrypts/decrypts individual files and not directories. The way around that is to tarball/zip and then encrypt your archive. Second, the passphrase in the Windows version isn’t masked: you will see your passphrase when you enter it (twice to encrypt, once to decrypt).

Bcrypt Installation:
Open up the terminal Application > Accessories > Terminal and type following command to install Bcrypt:
sudo apt-get install bcrypt

Encrypt/Decrypt data/File using Bcrypt:
Here is the simple example of Encrypting the file, open up the terminal and type following command to encrypt any given file:
bcrypt -c test.txt
Here you need to provide the pass-phrases that should be between 8 and 56 characters, encrypted files will be saved with an extension of .bfe. Any files ending in .bfe will be assumed to be encrypted with bcrypt and will attempt to decrypt them using simple command
bcrypt test.bfe
By default, bcrypt will compress input files before encryption, remove input files after they are processed (assuming they are processed successfully) and overwrite input files with random data to prevent data recovery.

Bcrypt Options:
-o    print output to standard out. Implies -r.
-c    DO NOT compress files before encryption.
-r    DO NOT remove input files after processing
-sN    How many times to overwrite input files with random data before processing. The default number of overwrites is 3. Use -s0 to disable this feature. No effect if -r is supplied.


3 comments:

Anonymous said...

"bcrypt will by default overwrite the original input file with random garbage three times before deleting it"

Probably a dumb question: what do the 2nd and 3rd times accomplish?

Nikesh Jauhari said...

bcrypt makes sure that the original file cannot be recover (by any other tools) easily by writing the file data blocks (into file-system) multiple times(2nd and 3rd times).

Anonymous said...

http://www.h-online.com/newsticker/news/item/Secure-deletion-a-single-overwrite-will-do-it-739699.html

Post a Comment

Related Posts with Thumbnails