How To Order


Up to FileSystem Utilities

This program is used to compress and encrypt files. The compression is done first, and the encryption is layered on top of this. Either layer can be skipped.

The compression is the DEFLATE algorithm of RFC-1951. This is the same algorithm that gzip uses, and kryptor is compatible with gzip.

The encryption is the new Advanced-Encryption-Standard (AES) from the National Institute of Standards and Technology. It generates a 256-bit key from a Pass-Phrase, using the techniques of RFC-2898 to increase the entropy of the Pass-Phrase and to thwart attempts at "Dictionary Attacks."

The file is encrypted by a 256-bit AES key, generated from random data. This hiding key is, in turn, encrypted by a second 256-bit AES key which is generated from a Pass-Phrase, which the user inputs from the console. The first AES key, randomly generated, must be stored at the head of the file; this is why it is also encrypted. This scheme gives a two-level key hierarchy to the securing of the Transaction-Key.

This encryption is "too strong" for U.S. Export Law, so only those in the U.S. may use this. The rest of the world must use "Double-DES" encryption, instead. It is possible, with the "-D" option, to force "Double-DES" encryption, even in the U.S., to allow interaction with the rest of the world.
(Call your Senator and Congressman to complain about this silly situation.)


This is a command-line utility. It can be used within scripts.
Usage: kryptor [options] filename [more-files....]

Direction Options (default is to encrypt):
  --decrypt | -u -> Undo encryption

Compression/Encryption Options:
Both Compression and Encryption are ON by default.
  --no-compress | -Z        -> skip Compression of the file
  --no-encrypt  | -E        -> skip Encryption  of the file

  --encrypt-exportably | -D -> use Exportable Encryption (DES2) on the file
           (you only need to specify this for encryption;
            decryption knows which to use from the file header.)

  --entroprize-iterations | -N <number> number of Entroprizing Iterations
               to perform in converting the Pass-Phrase to a Secret-Key
               <default is 5000>  (See RFC-2898 for an explanation)

Output Options:
  --output     | -o <pathname>  output filename for converted data
                               (normally it calculates the output name
                                from the input name)
  --directory  | -d  <dirname>  output directory for converted files
  --error-file | -e <pathname>  output filename for errors
  --stdout     | -c   -> put output data on <stdout> (for piping)

Other Options:
  --help    | -h -> output this help message
  --version | -V -> print version of the program and Licensing.
  --verbose | -v -> Enable Verbose mode


Price: $ 50

Export Restrictions

Because Encryption is restricted under U.S. Export Law, programs purchased to be used outside the United States must have encryption crippled. Because that is all this program does, we just cannot sell it to non-US Customers. Currently, only Customers within the United States may purchase this program. Sorry.

Download Packages

After you have purchased your License, you may go to the Download Page to copy the program package down to your computer. You must run the program package to extract the program and to activate it, using your License Number and Activation Code.

Proceed to the Download Page.


Copyright © 2005 HEPArts, Inc. All Rights Reserved.