dm-crypt is a transparent disk encryption subsystem in the Linux 2.6 kernel that provides a generic way to create virtual layers of block devices that can do different things on top of real block devices like striping, concatenation, mirroring, snapshotting, and more. Read more hot
loop-AES is a fast and transparent file system and swap encryption package. loop-AES can be used to encrypt disk partitions, removable media, swap space and other devices. It provides measures to strengthen the encryption including passphrase seeds, multiple hash iterations, MD5 IV and alternating encryption keys. Read more hot
AESCrypt is for encrypting/decrypting streams of data using
Rijndael and Cipher Block Feedback mode (CFB-128).
AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.
ansistego provides terminal-level steganography for scripts and other ASCII files (ie, protection against 'cat'). It intersperses a text/script with commented ANSI codes that cause most terminals to clear sensitive lines as soon as they are written. Only a specified front text appears. The front text is embedded in the script using ANSI-cloaked comments, so that the text appears unaltered when the script is viewed with cat, but the script can be run without any decoding stage.
authd is a software package for obtaining and verifying user credentials which contain cryptographic signatures based on RSA public key cryptography. It includes (i) a server (authd) for authenticating local users through Unix domain sockets and process credentials and (ii) a client library (libauth.a) for requesting new credentials and verifying credentials signed by the server.
autocrypt is a set of scripts that use linux hotplug/udev/cryptoapi mechanism to allow you autocrypting a harddrive.
bcrypt is a cross platform file encryption utility. Encrypted files are portable across all supported operating systems and processors. Passphrases must be between 8 and 56 characters and are hashed internally to a 448 bit key. However, all characters supplied are significant. The stronger your passphrase, the more secure your data.
(commercial) BestCrypt creates and supports encrypted virtual volumes for Linux. BestCrypt volume is accessible as a regular filesystem on a correspondent mount point.
blaim is a 2kb D-H key exchange and 448-bit blowfish encryption plugin for gaim.
CACKey is a PKCS#11 compliant library that provides access to the cryptographic and certificate functions US Goverment Smartcards
ccrypt is a utility for encrypting and decrypting files and streams. It was designed as a replacement for the standard unix crypt utility, which is notorious for using a very weak encryption algorithm. ccrypt is based on the Rijndael cipher, which is the U.S. government's chosen candidate for the Advanced Encryption Standard. This cipher is believed to provide very strong security.
(shareware) Chameleon is an experimental file encryption tool using a password-generated, plaintext-feedbacked 2048 bit key, feedbacked xor-chains, and a dummy-header system.
codecrypt is a GnuPG-like program for encryption and signing that uses only quantum-computer-resistant algorithms.
coinflip is a cryptographically secure server/client program and protocol for choosing random bits that 2 parties who don't trust each other can both agree are random.
cruft is a replacement for the UNIX crypt utility.
An implementation of a modern password hashing algorithm, based on the Blowfish block cipher, provided via the crypt and a reentrant interface. It is compatible with bcrypt.
Cryptcat is a lightweight version of netcat with integrated transport encryption capabilities.
Cryptonit is a client side cryptographic tool which allows you to encrypt/decrypt and sign/verify files with PKI (Public Key Infrastructure) certificates. Encryption/decryption is based on the following algorithms: DES, Triple DES (DES3), DESX, RC2 40/64/128 bits, RC4, RC5, Blowfish , CAST, IDEA, and AES 128/192/256 bits.
CryptoPadSplicer is a conduit for a cryptographic MemoPad replacement application for the Palm computing platform called CryptoPad.
cryptoswap supports building an encrypted swap partition when a system boots. This may be necessary on systems that use encrypted filesystems because plaintext secrets may be written to disk when memory is swapped to disk.
cryptsetup offers a command-line interface to set up cryptographic volumes. This is achieved using the Linux kernel device mapper target dm-crypt. It has integrated support for LUKS. Read more
daes is a little program for encrypting files.
des implements the Data Encryption Standard (DES).
distributed.net is a client for RC5-72/OGRp2 encryption contest.
Easy Crypt provides an easy-to-use GUI that allows the user to create and mount multiple crypts, using TrueCrypt.
Crypts created with Easy Crypt can be used on any other operating system supporting TrueCrypt, and vice-versa.
EasyPG is a GnuPG interface for Emacs. It consists of a GUI frontend to GnuPG and a library to interact with GnuPG.
ECC is a package for working with Elliptic Curves.
enc is a simple manager written in bash simplifying work with EncFS encryption software.
encrypt is a program for turning plaintext words or strings into their encrypted forms in a variety of ways.
Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients.
EverCrack is a cryptanalysis engine. The overall design goal is to systematically break down complex ciphers into their simplex components for cryptanalysis (by the kernel). The kernel consists of an algebraic design (comparison and reduction) for breaking uniliteral, monoalphabetic ciphers instantaneously. Currently, it can break a 4000-word cipher in milliseconds.
Fact0r-X is an open source encryption/decryption tool designed for Linux and Mac OS X. With Fact0r-X you can easily and fast encrypt/decrypt text files, including html, c, pas and xml files, based on a password and a key provided by the user.
fEncH is a fast and simple, yet hard to crack encryption program. It uses XOR encryption with variable key, based on the password that user inputs to the program, it rumbles bits in the bytes, etc.
This is a simple "encryption" tool to work with common simple encryption algorithms (ROT13, Caesar, Vigenère, ...). Gcipher does not provide any strong encryption and should not be used to encrypt any private data.
GNU Privacy Assistant
GNU Privacy Assistant is a graphical user interface for the GNU Privacy Guard (GnuPG). GnuPG is a system that provides you with privacy by encrypting emails or other documents and with authentication of received files by signature management.
GNU Virtual Private Ethernet
GVPE creates a virtual ethernet (broadcasts supported, any protocol that works with a normal ethernet should work with GVPE) by creating encrypted host-to-host tunnels between multiple endpoints.
GPG-Crypter is a graphical frontend to GnuPG (GPG) and can de- and encrypt plaintext to gpg ascii-amored ciphers.
gpgwrap is a wrapper for gpg and its --passphrase-fd option.
Griffon Cryptanalysis Package
Griffon Cryptanalysis Package is an easy to use GUI for cryptanalysis of pre-digital ciphers.
(commercial) HiSecure SurfProtector provides secure encrypted communication betwenn hosts over an insecure network. You can redirect any TCP/IP ports over this secure encrypted channel (in German).
ImmediateCrypt can easily encrypt and decrypt plain text messages with the AES-256 algorithm (CBC block chaining, PKCS5 padding).
IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation. It supports NetBSD and FreeBSD as well.
Keymgr is a cryptographic policy engine. Or at least, it will be. Currently, it is best thought of as ssh-agent on crack. Like ssh-agent, you can feed it your RSA keys, and it will take care of handling your ssh authentications - both direct and proxied via agent forwarding.
KFileCoder is a KDE utility which encodes files in an archive with a password. People who don't have the password won't be able to read data. For example, you can encode all files of you /home/user/website directory in /home/user/website.kfc, and send it to people who have the password.
KRSA is an Open Source Project aimed to write an application for the KDE Project which enables you to encrypt/decrypt text with the RSA Algorithm.
Kryptor is a graphical tool that will let you encrypt files using the algorithm ARCS.
It is also possible to erase files overwriting data with a pseudo-random sequence of bytes iterated three times, this will make data recovery a very complex operation.
KWoodhammerencrypts messages in the enigma cypher, and the well-known Caesar method, to help find the keys of codes.
Linux FreeS/WAN is an implementation of IPSEC & IKE for Linux. IPSEC is Internet Protocol SECurity. It uses strong cryptography to provide both authentication and encryption services. Authentication ensures that packets are from the right sender and have not been altered in transit. Encryption prevents unauthorised reading of packet contents.
LinVPN allows you to create a VPN (Virtual Private Network) from linux to linux. Normally both are gateways of a LAN, then the LANs behind them may access each other over an encrypted tunnel created by the software.