V10/cmd/descrypt/newcrypt.1

Compare this file to the similar file:
Show the results in this format: 

.TH ENCRYPT 1 
.SH NAME
encrypt, decrypt \- encrypt or decrypt a message or file
.SH SYNOPSIS
.B encrypt
[
.B \-p
]
[ password ]
.br
.B decrypt
[
.B \-p
]
[ password ]
.SH DESCRIPTION
.I Encrypt
(
.I decrypt
)
reads from the standard input and writes
on the standard output.
The
.I password
is a key, up to 127 characters in length, which selects a particular transformation.
If no
.I password 
is given,
.I encrypt
demands a key from the terminal (without echoing what the user types).
If the wrong key is given to decrypt, it will usually exit without
writing on standard output.
.PP
If the
.B \-p
option is specified, the ciphertext will be encoded into printing
characters only; suitable for sending through mail.
In this mode,
.B decrypt
ignores any lines that do not have a special prefix (added by
.B encrypt
),
so messages received in the mail can be read without having to edit
out headers.
.PP
Encryption takes place in three layers.  The first addresses traffic
analysis threats by hiding the size of the message and insuring that
if the same message is send repeatedly with the same
.I password
the ciphertext will be entirely different each time.
The second layer is the proposed Data Encryption Standard (DES) used
in Cipher Block Chaining (CBC) mode.  Finally, a key-dependent character
transposition is applied to the ciphertext which impedes the
assembly of corresponding pairs of DES blocks under a known-plaintext attack.
.PP
The user is encouraged to use a lengthy password.  A short sequence of
words chosen at random from a dictionary and committed to memory is
a good plan.
.SH FILES
/dev/tty for typed key
.SH AUTHOR
D.P.Mitchell
.SH BUGS
This encryption program is not provably secure, and the author gives no
guarantee that it cannot be broken.