dist-archive | ||
doc | ||
.legacy-codesite.toml | ||
README.md |
crype
Deterministic syncable/diffable encryption, for files or pipes.
crype
is a tool providing rsyncable deterministic-encryption (like rsyncrypto for pipes). It encrypts data using a common decision function over plaintext, allowing rsync-like tools to still work efficiently over the encrypted data. It uses HMAC-SHA1-PBKDF2 and the ChaCha stream cipher.
Compression is also implemented, as this improves both portabiity and rsyncability compared to a separate gzip --rsyncable
pass.
See crype --help
for usage instructions. Binaries are provided for 32-bit Windows, 32-bit Cygwin, and 64-bit Debian 7.
License
Source code is made available freely under the terms of the ISC license. The source code distribution includes library code under {public-domain, BSD, Unlicense} licenses.
The provided binaries are likewise freely redistributable for any purpose.
TODO
- Reduce peak memory usage by using stream functions for decompression
- Parallel compression/encryption
- Distro packages, static binaries
Changelog
2014-05-24: r59
- Add file header for version compatibility detection
- Add plaintext comment to file header
- Allow configuring compression level
- Support Debian 7 (amd64)
- Support Cygwin (i386)
- Security: Improve security by switching chunk IVs based on truncated plaintext HMAC (incompatible change)
- Security: Read encryption passwords from file
- Security: Warn when reading encryption password from argument
- ⬇️ crype-r59.zip (205.77 KiB)
2014-05-14: r30
- Initial release
- ⬇️ crype-r30.zip (133.55 KiB)