Section: User Manuals (8)
Updated: August 2004
Index Return to Main Contents



ncrypt - NMRC File Encryptor/Decryptor/Wiper



ncrypt <-h> <-e|-d> <-z> <-w> <-v> <-V> <-k pass |-f passfile > <-a algo > <-i infile > <-o outfile >



Ncrypt is intended to give you security in an insecure environment. If you are wanting to encrypt files (particularly on a multi-user system where you don't have root), wishing to hide your activites from prying eyes, and want to "cover your tracks", then Ncrypt is for you. It gives you the choice of three strong encryption algorithms and two secure file wiping options.

For file encryption, Ncrypt is a symmetrical file encryptor/decryptor that gives you the choice of the top three candidates for AES as the encryption algorithm (Rijndael (AES), Serpent, Twofish), tries to minimize exposure of the plaintext password in memory, and can safely erase the plaintext version from the hard drive.

The erasing of files uses techniques from two sources. The first set of techniques was originally outlined in Peter Gutmann's 1996 paper "Secure Deletion of Data from Magnetic and Solid-State Memory". The second set of techniques was originally outlined in the DoD 5220.22-M standard developed by the NSA, specifically the recommendations for sanitizing drives for redeployment. For the insanely paranoid, yes you can use both options at the same time.
  For added security during wiping, the random data streams use the ISAAC PRNG during wiping of files, and the wiping can take place either independently or concurrently with encryption operations. The wiping routine also wipes file slack.

Ncrypt compiles without any extra crypto libraries, making it ideal for systems where you just have a compiler and basic libraries (such as an ISP's shell server).



-h or --help
Display help/usage information and exit.
-e or --encrypt
Signifies you wish to encrypt a file. When encrypting you are asked for the password twice (to ensure you have entered it correctly).
-d or --decrypt
Signifies you wish to decrypt a file. When decrypting you are asked for the password one time.
-r or --rijndael or -a or --aes
Use the AES (Rijndael) algorithm for encryption/decryption. If no algorithm is chosen, Rijndael is used by default.
-s or --serpent
Use the Serpent algorithm for encryption/decryption.
-t or --twofish
Use the Twofish algorithm for encryption/decryption.
-i or --input
Specify the input file infile for ncrypt to either encrypt or decrypt. If used with the -g or -m option during encryption, the input file specified is wiped.
-o or --output
Specify the output file outfile for the results of ncrypt's encryption or decryption.
-z or --encrypt-wipe
During encryption, wipe the input file after it has been encrypted using either the Gutmann or military method. If neither are chosen, military mode is used by default. Careful - the erased file is unrecoverable, which is kind of the point.
-g or --wipe-gutmann
Do a `safe' erase of the input file (during encryption mode) or a specified file or files if not performing encryption/decryption operations. This overwrites the file on the hard drive with a series of 35 passes as outlined in Peter Gutmann's 1996 paper (see above) before erasing the file. File slack is also wiped using the same technique.
-m or --wipe-military
This option runs like the -g or --wipe-gutmann option, except 3 passes are done. The first pass is a character, the second is the complement of that character (the bits are flipped), and the third is with random data which is verified. This is the military-grade standard for wiping files that are classified (does not apply to TOP SECRET classification). And like the -g or --wipe-gutmann, use with caution as the file is not recoverable.
-k or --key passphrase
This is a somewhat dangerous option, since you are using the passphrase on the command line, but it does allow you to include Ncrypt in batch files or cron jobs. Comes in handy for encrypting archived logs before using an insecure plaintext method of copying them to another system, such as email. Just remember that the ps command could reveal the passphrase to anyone on the system. This option can be used for encryption or decryption.
-f or --password-file filename.txt
Also a somewhat dangerous command, reads the passphrase from a file. The file must be a plaintext file, and the first line in the file that doesn't start with a pound (#) sign for comments is used as the passphrase. The ending carriage return is stripped off, and you can use up to a 255 character passphrase. The file containing the password should be readable by the UID/EUID of the person or process running Ncrypt. Like the -k option, it comes in handy for batch files and cron jobs, and it can be used for encryption or decryption.
-v or --verbose
More verbose output during program execution.
-V or --version
Print ncrypt version information and exit.



ncrypt -e -s -i foo.txt -o bar.enc
Encrypts plaintext file foo.txt and writes the encrypted file out as bar.enc. The Serpent algorithm is being used.
ncrypt -d -i bar.enc -o foo.txt
Decrypts encrypted file bar.enc and writes out plaintext file foo.txt. Since no algorithm is specified, AES (Rijndael) is used by default.
ncrypt --encrypt --wipe-gutmann -i foo.txt -o bar.enc
Encrypts plaintext file foo.txt and writes the encrypted file out as bar.enc. AES is being used, and the original foo.txt file using the Gutmann method.
ncrypt -m foo.txt
The file foo.txt is erased using the military method.
ncrypt --wipe-gutmann foo.txt bar.txt foobar.txt
The files foo.txt, bar.txt, and foobar.txt are wiped using the Gutmann method.
ncrypt -e -z -k secretpassphrase -i foo.txt -o bar.enc
The file foo.txt is encrypted with the password of "secretpassphrase" into bar.enc, and then foo.txt is securely wiped via the -z option with the default military method.



Errors from Ncrypt are written to stderr. There shouldn't be any bugs, because it compiled without errors ;-)



Ncrypt implementation by Simple Nomad <>. Extensive code review and additional coding by Inertia <>. Additional coding ideas, including the improved PRNG were added by Todd MacDermid <>. Based upon code by Joh Johnson <>, which was taken from code by Gary Rancier, as well as code taken from Dave Whiting's Twofish implementation. The read_pass.c routine is based upon sample code in the excellent book "Building Secure Software" by John Viega and Gary McGraw.



Send bug reports to <>.



BUGS manual pages