Links:
AESCrypt AESCrypt is for encrypting/decrypting streams of data using Rijndael and Cipher Block Feedback mode (CFB-128). AirSnort AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered. ansistego ansistego provides terminal-level steganography for scripts and other ASCII files (ie, protection against 'cat'). It intersperses a text/script with commented ANSI codes that cause most terminals to clear sensitive lines as soon as they are written. Only a specified front text appears. The front text is embedded in the script using ANSI-cloaked comments, so that the text appears unaltered when the script is viewed with cat, but the script can be run without any decoding stage. authd authd is a software package for obtaining and verifying user credentials which contain cryptographic signatures based on RSA public key cryptography. It includes (i) a server (authd) for authenticating local users through Unix domain sockets and process credentials and (ii) a client library (libauth.a) for requesting new credentials and verifying credentials signed by the server. autocrypt autocrypt is a set of scripts that use linux hotplug/udev/cryptoapi mechanism to allow you autocrypting a harddrive. bcrypt bcrypt is a cross platform file encryption utility. Encrypted files are portable across all supported operating systems and processors. Passphrases must be between 8 and 56 characters and are hashed internally to a 448 bit key. However, all characters supplied are significant. The stronger your passphrase, the more secure your data. BestCrypt (commercial) BestCrypt creates and supports encrypted virtual volumes for Linux. BestCrypt volume is accessible as a regular filesystem on a correspondent mount point. blaim blaim is a 2kb D-H key exchange and 448-bit blowfish encryption plugin for gaim. ccrypt ccrypt is a utility for encrypting and decrypting files and streams. It was designed as a replacement for the standard unix crypt utility, which is notorious for using a very weak encryption algorithm. ccrypt is based on the Rijndael cipher, which is the U.S. government's chosen candidate for the Advanced Encryption Standard. This cipher is believed to provide very strong security. Chameleon (shareware) Chameleon is an experimental file encryption tool using a password-generated, plaintext-feedbacked 2048 bit key, feedbacked xor-chains, and a dummy-header system. Ciphire Mail Ciphire Mail is an email encryption tool. It works in conjunction with your existing email client. Ciphire Mail operates seamlessly in the background and does not interfere with normal emailing routines. It encrypts and decrypts email messages, and can digitally sign each message to provide authentication and guard against identity theft. coinflip coinflip is a cryptographically secure server/client program and protocol for choosing random bits that 2 parties who don't trust each other can both agree are random. cruft cruft is a replacement for the UNIX crypt utility. crypt_blowfish An implementation of a modern password hashing algorithm, based on the Blowfish block cipher, provided via the crypt and a reentrant interface. It is compatible with bcrypt. cryptcat Cryptcat is a lightweight version of netcat with integrated transport encryption capabilities. Cryptonit Cryptonit is a client side cryptographic tool which allows you to encrypt/decrypt and sign/verify files with PKI (Public Key Infrastructure) certificates. Encryption/decryption is based on the following algorithms: DES, Triple DES (DES3), DESX, RC2 40/64/128 bits, RC4, RC5, Blowfish , CAST, IDEA, and AES 128/192/256 bits. CryptoPadSplicer CryptoPadSplicer is a conduit for a cryptographic MemoPad replacement application for the Palm(tm) computing platform called CryptoPad. cryptoswap cryptoswap supports building an encrypted swap partition when a system boots. This may be necessary on systems that use encrypted filesystems because plaintext secrets may be written to disk when memory is swapped to disk. des des implements the Data Encryption Standard (DES). distributed.net distributed.net is a client for RC5-72/OGRp2 encryption contest. EasyCrypt Easy Crypt provides an easy-to-use GUI that allows the user to create and mount multiple crypts, using TrueCrypt. Crypts created with Easy Crypt can be used on any other operating system supporting TrueCrypt, and vice-versa. EasyPG EasyPG is a GnuPG interface for Emacs. It consists of a GUI frontend to GnuPG and a library to interact with GnuPG. ECC ECC is a package for working with Elliptic Curves. encrypt encrypt is a program for turning plaintext words or strings into their encrypted forms in a variety of ways. EverCrack EverCrack is a cryptanalysis engine. The overall design goal is to systematically break down complex ciphers into their simplex components for cryptanalysis (by the kernel). The kernel consists of an algebraic design (comparison and reduction) for breaking uniliteral, monoalphabetic ciphers instantaneously. Currently, it can break a 4000-word cipher in milliseconds. Fact0r-X Fact0r-X is an open source encryption/decryption tool designed for Linux and Mac OS X. With Fact0r-X you can easily and fast encrypt/decrypt text files, including html, c, pas and xml files, based on a password and a key provided by the user. fEncH fEncH is a fast and simple, yet hard to crack encryption program. It uses XOR encryption with variable key, based on the password that user inputs to the program, it rumbles bits in the bytes, etc. GCipher This is a simple "encryption" tool to work with common simple encryption algorithms (ROT13, Caesar, Vigenère, ...). Gcipher does not provide any strong encryption and should not be used to encrypt any private data. GNU Privacy Assistant GNU Privacy Assistant is a graphical user interface for the GNU Privacy Guard (GnuPG). GnuPG is a system that provides you with privacy by encrypting emails or other documents and with authentication of received files by signature management. GNU Virtual Private Ethernet GVPE creates a virtual ethernet (broadcasts supported, any protocol that works with a normal ethernet should work with GVPE) by creating encrypted host-to-host tunnels between multiple endpoints. GPG-Crypter GPG-Crypter is a graphical frontend to GnuPG (GPG) and can de- and encrypt plaintext to gpg ascii-amored ciphers. gpgwrap gpgwrap is a wrapper for gpg and its --passphrase-fd option. Griffon Cryptanalysis Package Griffon Cryptanalysis Package is an easy to use GUI for cryptanalysis of pre-digital ciphers. HiSecure SurfProtector (commercial) HiSecure SurfProtector provides secure encrypted communication betwenn hosts over an insecure network. You can redirect any TCP/IP ports over this secure encrypted channel (in German). IPsec-Tools IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation. It supports NetBSD and FreeBSD as well. keymgr Keymgr is a cryptographic policy engine. Or at least, it will be. Currently, it is best thought of as ssh-agent on crack. Like ssh-agent, you can feed it your RSA keys, and it will take care of handling your ssh authentications - both direct and proxied via agent forwarding. KFilecoder KFileCoder is a KDE utility which encodes files in an archive with a password. People who don't have the password won't be able to read data. For example, you can encode all files of you /home/user/website directory in /home/user/website.kfc, and send it to people who have the password. KRSA KRSA is an Open Source Project aimed to write an application for the KDE Project which enables you to encrypt/decrypt text with the RSA Algorithm. Kryptor Kryptor is a graphical tool that will let you encrypt files using the algorithm ARCS. It is also possible to erase files overwriting data with a pseudo-random sequence of bytes iterated three times, this will make data recovery a very complex operation. KWoodhammer KWoodhammerencrypts messages in the enigma cypher, and the well-known Caesar method, to help find the keys of codes. Linux FreeS/WAN Linux FreeS/WAN is an implementation of IPSEC & IKE for Linux. IPSEC is Internet Protocol SECurity. It uses strong cryptography to provide both authentication and encryption services. Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption prevents unauthorised reading of packet contents. LinVPN LinVPN allows you to create a VPN (Virtual Private Network) from linux to linux. Normally both are gateways of a LAN, then the LANs behind them may access each other over an encrypted tunnel created by the software. mcrypt mcrypt is a replacement of the old unix crypt(1) under the GNU General Public License. Unix Crypt(1) was a popular(?) file encryption program in unix boxes. It was based on the enigma encryption algorithm but it was considerable trivialized. Mcrypt uses some modern block encryption algorithms. It also has a compatibility mode with unix crypt and with solaris des(1). It supports several block algorithms like Blowfish, Twofish, DES, 3DES, 3-WAY, SAFER-SK64/128, SAFER+, LOKI97, GOST, RC2, RC6, IDEA and CAST-128/256. Read more MixIt MixIt is a crypting program which makes given data unreadable using mixing, shifting, coding etc. MixIt offers you some features for an unbreakable communication via email using one time pads and password books. murk murk is an rsync friendly encryption that runs on the UNIX command line. Encrypt a file and backup the changes to an untrusted host. NewPKI NewPKI is a PKI based on the OpenSSL low-level API, all the datas are handled through a database, which provides a much more flexible PKI than with OpenSSL, such as seeking a certificate with a search engine. OneKript OneKript is a front-end for the TrueCrypt disk encryption system. It was developed with the Kommander environment for KDE. OpenSignature OpenSignature is a graphical environment for executing cryptographic operations using several kinds of smart cards. Read more Openswan Openswan is an implementation of IPsec for Linux. It supports kernels 2.0, 2.2, 2.4 and 2.6, and runs on many different platforms, including x86, x86_64, ia64, MIPS and ARM. PAM cryptocard module PAM cryptocard module can authenticate a user using the challenge-response system. Papazulu Papazulu is a program that creates one-time-pads, encodes plain text files with the one-time-pads, decodes them, and creates number-station-like sound files for message transmission. Pea-Peach PEA (an acronym for Pack, Encrypt, Authenticate) is OS-portable archiving software that offers flexible security options (up to AES-EAX authenticated encryption), deflate based compression, and multi-volume spanning. It supports its own native .pea archive format for archiving and extracting, and also supports raw file splitting and joining. Peach is a graphical frontend for the PEA program. Perlguardian (commercial) Perlguardian is a Perl Obfuscation & Encryption Tool, which runs using a simple web based form and encrypts your Perl - Cgi - & Perl Modules Easily. PGPacket PGPacket analyzes and displays the contents of a PGP-encrypted file (or anything that follows the OpenPGP spec), showing the nature and contents of each packet (of course, the contents of many packets may be encrypted, and PGPacket does not decrypt). pgpforwarder pgpforwarder is a Perl server that accepts plain-text mails for users and sends them out encrypted. Phantom Cipher Phantom Cipher is a block cipher that has a block length of 128 bits, and a key size of 256 bits. ProSum ProSum is a terminal based program that protects your files, sys_call_table and IDT like tripwire way (All in user space, without kernel modules). In addition, database with files etc. could be encrypted with Blowfish algorythm and files that are protected could be store at any secure/bastion host to later replace them. PSR Password Storage and Retrieval System securely encrypts passwords, and then uses them to obtain an AFS token before your job starts, and keep refreshing the token for the length of your job so that your AFS token does not expire in the middle of your run. Publimark Publimark is a command line tool to secretly embed text in an audio file. Like cryptography, it uses a pair of keys: the public one can be shared, whereas the private one must be kept secret. Anybody can send a steganographic message, but only the private key owner will be able read it. Marked audio files are still playable. PyCrypt PyCrypt is a simple command line program that encrypts and decrypts files using the AES standard and a password given by the user. Qccrypt Qccrypt is a tiny graphical frontend for the ccrypt encryption/decryption commandline program. The file to encrypt/decrypt can be passed as a parameter on the commandline. RC-Crypt RC-Crypt is an easy to use command line program that encrypts your data. It uses the rc5 algorithm, with 128 bit block size, which has proved almost impossible to crack. rsyncrypto A slightly reduced strength bulk encryption. In exchange for the reduced strength, you get the ability to rsync the encrypted files, so that local changes in the plaintext file will result in (relatively) local changes to the cyphertext file. Ruby Crypt The Ruby Crypt library is a Ruby implementation of a number of popular encryption algorithms. Block cyphers currently available include Blowfish, GOST, IDEA, and Rijndael (AES). Cypher Block Chaining (CBC) has been implemented. Twofish, Serpent, and CAST256 are planned for release soon. sbd sbd is a Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. sbd features AES-CBC-128 + HMAC-SHA1 encryption (by Christophe Devine), program execution (-e option), choosing source port, continuous reconnection with delay, and some other nice features. Only TCP/IP communication is supported. Scylla Charybdis Scylla Charybdis lets you get a data odyssey done with the help of two small monsters. It's easy to use, utilizes SSL (encryption), LIBZ (compression), and simple password protection. Seahorse Seahorse is a GNOME application for managing encryption keys. It also integrates with nautilus, gedit and other places for encryption operations. With seahorse you can create and manage PGP/SSH keys, publish and retrieve keys from key servers, and cache your passphrase. Read more seccure The seccure toolset implements a selection of asymmetric algorithms based on elliptic curve cryptography (ECC). In particular it offers public key encryption / decryption, signature generation / verification and key establishment. Shade LSB Shade (Steganographically Hide and Analyze Data Entries) is a versatile and feature-rich program that was designed to analyze and manipulate LSBs (least significant bits) of files, attempting to either hide or pluck out data. sharesecret sharesecret splits a secret into parts given a threshold t, such that at least t parts are needed to reconstruct the secret. ssmart ssmart is a little Perl script to store a secure shell identity/cfs passwords blowfish-encrypted to a smartcard. Steghide Steghide is a steganography program that is able to hide data in various kinds of image- and audio-files. The color-respectively sample-frequencies are not changed thus making the embedding resistant against first-order statistical tests. Read more Stego Stego is a simple encryption and decryption program that hides data inside BMP files. SteGUI SteGUI is a graphical front-end to Steghide. It lets users view the images and play the sounds that Steghide allows as cover files, and command the program all with one tool. It also embeds a simple text editor to manage text payload files. strongSwan strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships. TEA Total TEA Total is a very small 128 bit private key based encryption/decryption system which uses the block variant of TEA (Tiny Encryption Algorithm). tkccrypt Tkccrypt is a simple frontend for editing small text files encrypted with Peter Selinger's ccrypt. TkPGP TkPGP intends to completely eliminate need to access command- line interface of PGP for UNIX. Currently most of casual activity such as signing, encrypting and decrypting is done in GUI. Key management remains a domain of command line for the time being. Topsecret (shareware) Topsecret is a program to encrypt your sensitive files. TrueCrypt TrueCrypt is on-the-fly disk encryption software that can create a virtual encrypted disk within a file and mount it as a real disk. It can also encrypt an entire hard disk partition, or a storage device such as USB memory stick. It supports plausible deniability. Read more Truecrypt Installer for Debian Truecrypt Installer for Debian helps to get Truecrypt running with a minimum of effort under Debian-based Linux systems (Debian and Ubuntu are officially supported). Truecrypt is Open Source disk encryption software which uses a concept of containers to store encrypted data. The containers (or volumes) can be read transparently under Linux and Windows. The installer creates installable *.deb packages from the Truecrypt sources, and those debs can be used in turn to activate Truecrypt. Tunnel Vision Tunnel Vision creates an encrypted Virtual Private Network, or VPN, between two Tunnel Vision-capable sites on the Internet. Virtual Ideal Functionality Framework Virtual Ideal Functionality Framework is a framework for creating efficient and secure multi-party computations (SMPC). Players, who do not trust each other, participate in a joint computation based on their private inputs. The computation is done using a cryptographic protocol which allows them to obtain a correct answer without revealing their inputs. Operations supported include addition, multiplication, and comparison, all with Shamir secret shared outputs. XML Security Suite XML Security Suite provides security features such as digital signature, element-wise encryption, and access control to Internet business-to-business transactions. Yavipind Yavipind is a secure tunnel aka 2 peers securely forwarding packets toward each other. It forwards any kind of packet (IPv4, IPv6 or other) sent over the virtual point-to-point device (e.g. tun0). It fully runs in linux userspace. yyyRSA yyyRSA is a simple program to encrypt and decipher messages with the RSA asymetrical encryption algorithm. ZCX File Protector ZCX File Protector is a commandline utility that lets you password-protect your important archives/files. It is available for DOS/Windows, Linux and SCO UNIX. It uses a fast 512-bit symmetric stream cipher. Zebedee yyyRSA is a simple program to establish an encrypted, compressed TCP/IP "tunnel" between two systems. This allows TCP-based traffic such as telnet, ftp and X to be protected from snooping as well as potentially gaining performance over low-bandwidth networks from compression.
