Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, an ...

computing, crypt or enigma is a

utility program Utility software is software designed to help analyze, configure, optimize or maintain a computer. It is used to support the computer infrastructure - in contrast to application software, which is aimed at directly performing tasks that benefit ord ...

used for encryption. Due to the ease of breaking it, it is considered to be obsolete. The program is usually used as a

filter Filter, filtering or filters may refer to: Science and technology Computing * Filter (higher-order function), in functional programming * Filter (software), a computer program to process a data stream * Filter (video), a software component tha ...

, and it has traditionally been implemented using a "rotor machine"

algorithm In mathematics and computer science, an algorithm () is a finite sequence of rigorous instructions, typically used to solve a class of specific problems or to perform a computation. Algorithms are used as specifications for performing ...

based on the Enigma machine. It is considered to be

cryptographically Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or '' -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adv ...

far too weak to provide any security against

brute-force attack In cryptography, a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct ...

s by modern, commodity

personal computer A personal computer (PC) is a multi-purpose microcomputer whose size, capabilities, and price make it feasible for individual use. Personal computers are intended to be operated directly by an end user, rather than by a computer expert or tec ...

s. Some versions of Unix shipped with an even weaker version of the ''crypt(1)'' command in order to comply with contemporaneous laws and regulations that limited the exportation of cryptographic software. Some of these were simply implementations of the Caesar cipher (effectively no more secure than

ROT13 ROT13 ("rotate by 13 places", sometimes hyphenated ROT-13) is a simple letter substitution cipher that replaces a letter with the 13th letter after it in the alphabet. ROT13 is a special case of the Caesar cipher which was developed in ancient R ...

, which is implemented as a Caesar cipher with a well-known key).

History

Cryptographer Robert Morris wrote a

M-209 In cryptography, the M-209, designated CSP-1500 by the United States Navy (C-38 by the manufacturer) is a portable, mechanical cipher machine used by the US military primarily in World War II, though it remained in active use through the Korean W ...

-based , which first appeared in

Version 3 Unix The term "Research Unix" refers to early versions of the Unix operating system for DEC PDP-7, PDP-11, VAX and Interdata 7/32 and 8/32 computers, developed in the Bell Labs Computing Sciences Research Center (CSRC). History The term ''Research ...

, to encourage codebreaking experiments; Morris managed to break by hand.

Dennis Ritchie Dennis MacAlistair Ritchie (September 9, 1941 – October 12, 2011) was an American computer scientist. He is most well-known for creating the C programming language and, with long-time colleague Ken Thompson, the Unix operating system and B p ...

automated decryption with a method by

James Reeds James is a common English language surname and given name: *James (name), the typically masculine first name James * James (surname), various people with the last name James James or James City may also refer to: People * King James (disambiguati ...

, and a new Enigma-based version appeared in Version 7, which Reeds and Peter J. Weinberger also broke.

''Crypt(1)'' under Linux

Linux distribution A Linux distribution (often abbreviated as distro) is an operating system made from a software collection that includes the Linux kernel and, often, a package management system. Linux users usually obtain their operating system by downloading one ...

s generally do not include a Unix compatible version of the ''crypt'' command. This is largely due to a combination of three major factors: # ''crypt'' is relatively obscure and rarely used for e-mail attachments nor as a file format # ''crypt'' is considered to be cryptographically far too weak to withstand brute-force attacks by modern computing systems (Linux systems generally ship with

GNU Privacy Guard GNU Privacy Guard (GnuPG or GPG) is a free-software replacement for Symantec's PGP cryptographic software suite. The software is compliant with RFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interoperable ...

which is considered to be reasonably secure by modern standards) # During the early years of Linux development and adoption there was some concern that even as weak as the algorithm used by ''crypt'' was, that it might still run afoul of

ITAR International Traffic in Arms Regulations (ITAR) is a United States regulatory regime to restrict and control the export of defense and military related technologies to safeguard U.S. national security and further U.S. foreign policy objective ...

's export controls; so mainstream distribution developers in the

United States The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territorie ...

generally excluded it, leaving their customers to fetch GnuPG or other strong cryptographic software from international sites, sometimes providing packages or scripts to automate that process. The source code to several old versions of the ''crypt'' command is available in The Unix Heritage Society's Unix Archive. The recent crypt source code is available in the

OpenSolaris OpenSolaris () is a discontinued open-source computer operating system based on Solaris and created by Sun Microsystems. It was also, perhaps confusingly, the name of a project initiated by Sun to build a developer and user community around th ...

project. A

public domain The public domain (PD) consists of all the creative work A creative work is a manifestation of creative effort including fine artwork (sculpture, paintings, drawing, sketching, performance art), dance, writing (literature), filmmaking, ...

version is available from the Crypt Breaker's Workbench. Enhanced

symmetric encryption Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext. The keys may be identical, or there may be a simple transformation to go between th ...

utilities are available for Linux (and should also be

portable Portable may refer to: General * Portable building, a manufactured structure that is built off site and moved in upon completion of site and utility work * Portable classroom, a temporary building installed on the grounds of a school to provide a ...

to any other

Unix-like A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...

system) including

mcrypt mcrypt is a replacement for the popular Unix crypt command. crypt was a file encryption tool that used an algorithm very close to the World War II Enigma cipher. Mcrypt provides the same functionality but uses several modern algorithms such as ...

and

ccrypt ccrypt is a utility for the secure encryption and decryption of files and streams. It was designed as a replacement for the standard UNIX crypt utility, which is notorious for using a very weak encryption algorithm. ccrypt is based on the Rijnda ...

. While these provide support for much more sophisticated and modern algorithms, they can be used to encrypt and decrypt files which are compatible with the traditional ''crypt(1)'' command by providing the correct command line options.

Breaking crypt(1) encryption

Programs for breaking crypt(1) encryption are widely available. Bob Baldwin's

Crypt Breaker's Workbench, which was written in 1984-1985, is an interactive tool that provides successive plaintext guesses that must be corrected by the user. It also provides a working crypt(1) implementation used by modern BSD distributions. Peter Selinger's unixcrypt-breaker uses a simple statistical model similar to a dictionary-attack that takes a set of plain texts as input and processes it to guess plausible plaintexts, and does not require user interaction.Peter Selinger
unixcrypt-breaker
Retrieved July 27, 2008.

Relationship to password hash function

There is also a Unix

password hash In cryptography, a key derivation function (KDF) is a cryptographic algorithm that derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudorandom function (which typically uses a cryp ...

function with the same name,

crypt A crypt (from Latin ''crypta'' "vault") is a stone chamber beneath the floor of a church or other building. It typically contains coffins, sarcophagi, or religious relics. Originally, crypts were typically found below the main apse of a chur ...

. Though both are used for securing data in some sense, they are otherwise essentially unrelated. To distinguish between the two, writers often refer to the utility program as ''crypt(1)'', because it is documented in section 1 of the Unix manual pages, and refer to the password hash function as ''crypt(3)'', because its documentation is in section 3 of the manual.

References

{{Reflist

External links

Source code for crypt(1)
from

(published after clearing up export regulations)
Source code for crypt(1)
from

Version 7 Unix Seventh Edition Unix, also called Version 7 Unix, Version 7 or just V7, was an important early release of the Unix operating system. V7, released in 1979, was the last Bell Laboratories release to see widespread distribution before the commercial ...

(trivialised one-rotor Enigma-style machine)
Source code for crypt(1)
from

Version 6 Unix Sixth Edition Unix, also called Version 6 Unix or just V6, was the first version of the Unix operating system to see wide release outside Bell Labs. It was released in May 1975 and, like its direct predecessor, targeted the DEC PDP-11 family of m ...

(implementation of Boris Hagelin's