Re: [VANILLA-LIST:2498] crypt needed for res-rsa

[Dave Ahn <ahn@vec.wfubmc.edu>]

On Thu, Jul 15, 1999 at 02:41:16PM -0500, Bob Tanner wrote:
> Linux does not have crypt, well RedHat Linux does not. Can we change the
> encryption software or distribute a linux compatible crypt?

As others have responded already, crypt(1) is not the same as crypt(3C).
You can't simply create a front-end program to call crypt(3C) to decrypt
the encrypted RSA package.

Incidentally, crypt(1) is a weak symmetric cipher, meaning that the same
algorithm is used to encrypt and decrypt it.

Also, crypt(1) is a bit stronger than zip -e (see Crypto FAQ) in our instance
because we are encrypting a compressed file.  Programs that brute-force
hack zip -e encrypted archvies are far more readily available than those
that hack crypt(1) files.

Furthermore, zip is much less universally available on UNIX machines than
crypt(1) or even pgp.

Although I personally do prefer IDEA encryption via PGP (pgp has a
conventional encryption mode that does not require public/private keys),
it's kind of silly to make such a strongly encrypted archive available
at the same time as a weakly encrypted (crypt(1)) archive.  If someone
wanted to hack the archive, they'd just download the .crypt file instead
of the .pgp file.  As for wider distribution, pgp is much more obscure
than crypt(1).

So, since braindead Linux and FreeBSD distributions don't seem to bundle
crypt(1), is there an encryption package that is installed by default on
all distributions?  DES?  I believe PGP is an optional package.  Anyway,
let me know what it is, and I'll create an encrypted archive with that
cipher.

-- 
Dave Ahn <ahn@vec.wfubmc.edu>        |  "When you were born, you cried and the
                                     |  world rejoiced.  Try to live your life
Virtual Endoscopy Center             |  so that when you die, you will rejoice
Wake Forest Univ. School of Medicine |  and the world will cry."  -1/2 jj^2