This program is used to compress and encrypt files.
The compression is done first, and the encryption is layered on top of this.
Either layer can be skipped.
The compression is the DEFLATE algorithm of RFC-1951.
This is the same algorithm that gzip uses,
and kryptor is compatible with gzip.
The encryption is the new Advanced-Encryption-Standard (AES)
from the National Institute of Standards and Technology.
It generates a 256-bit key from a Pass-Phrase, using the techniques of
RFC-2898 to increase the entropy of the Pass-Phrase and to thwart
attempts at "Dictionary Attacks."
The file is encrypted by a 256-bit AES key, generated from random data.
This hiding key is, in turn, encrypted by a second 256-bit AES key
which is generated from a Pass-Phrase, which the user inputs from the
console. The first AES key, randomly generated, must be stored at the
head of the file; this is why it is also encrypted.
This scheme gives a two-level key hierarchy to the securing of the
This encryption is "too strong" for U.S. Export Law,
so only those in the U.S. may use this.
The rest of the world must use "Double-DES" encryption, instead.
It is possible, with the "-D" option, to force "Double-DES" encryption,
even in the U.S., to allow interaction with the rest of the world.
(Call your Senator and Congressman to complain about this silly situation.)
This is a command-line utility.
It can be used within scripts.
Usage: kryptor [options] filename [more-files....]
Direction Options (default is to encrypt):
--decrypt | -u -> Undo encryption
Both Compression and Encryption are ON by default.
--no-compress | -Z -> skip Compression of the file
--no-encrypt | -E -> skip Encryption of the file
--encrypt-exportably | -D -> use Exportable Encryption (DES2) on the file
(you only need to specify this for encryption;
decryption knows which to use from the file header.)
--entroprize-iterations | -N <number> number of Entroprizing Iterations
to perform in converting the Pass-Phrase to a Secret-Key
<default is 5000> (See RFC-2898 for an explanation)
--output | -o <pathname> output filename for converted data
(normally it calculates the output name
from the input name)
--directory | -d <dirname> output directory for converted files
--error-file | -e <pathname> output filename for errors
--stdout | -c -> put output data on <stdout> (for piping)
--help | -h -> output this help message
--version | -V -> print version of the program and Licensing.
--verbose | -v -> Enable Verbose mode
Price: $ 50
Because Encryption is restricted under U.S. Export Law,
programs purchased to be used outside the United States
must have encryption crippled.
Because that is all this program does, we just cannot sell it
to non-US Customers.
Currently, only Customers within the United States may purchase
this program. Sorry.
After you have purchased your License, you may go to the Download Page
to copy the program package down to your computer.
You must run the program package to extract the program and to
activate it, using your License Number and Activation Code.
Proceed to the