Crypton 1.2
==== tutorial written by JCPMA © Nov.07.2011
SUMMARY
•Crypton requires no installation & is usb-drive portable.
•is small (only 30 KB)
What you can do with Crypton:
* Sign files (to vouch for/ prove their integrity).
* Verify signed files.
* Calculate files' checksums (MD2, MD4, MD5, and SHA1 hashes).
* Wipe/Shred files.
* Encrypt files for yourself.
* Encrypt files for others (you need their public key first though).
•Crypton requires no installation & is usb-drive portable.
•is small (only 30 KB)
What you can do with Crypton:
* Sign files (to vouch for/ prove their integrity).
* Verify signed files.
* Calculate files' checksums (MD2, MD4, MD5, and SHA1 hashes).
* Wipe/Shred files.
* Encrypt files for yourself.
* Encrypt files for others (you need their public key first though).
Crypton v 1.2 created by Damian Bakowski is a brilliant small app, for Windows, that incorporates a Public key exchange. Where PGP and GnuPG are mainly concerned with email, Crypton is mainly focused on encryption of a FILE and signing of a FILE. It has no compatibility with PGP-type programs, but it shares similar theories in encryption.
I downloaded this app in the Spring of 2006. Obviously there was an English users manual which I have since lost, but I have partially retained some of its information through a .txt copy.(see links below). Like most, I find the whole process of Private and Public key-pairs, PGP keys, GPG keys etc... intimidating and complex. After reviewing the little information I had with Crypton, my first instinct was to delete it. But I reconsidered and am promoting it here because...
It does a great job of encryption but it has even greater value as a SIGNING application! With Crypton, you can sign files (whether they be encrypted or not) before you post/send them via the internet/other. Others will then use Crypton, a small 30 KB app, to verify the files you signed.
PGP (& so far with GnuPG) require their program to be installed on a computer for the ability to sign and verify files. If you do not mind installing programs you should choose either PGP or GPG(GnuPG). It is a good type of software to have. GPG4usbPortable-version0.3 is about 11 MB in size, but have not yet finished their development of signing emails or files. Thunderbird2Portable-with-GPG1.4-with-Enigmail0.95 is a 36 MB package that is portable. It can sign emails/email attachments, but cannot sign files or verify other signed files. Perhaps a more recent version will be capable.
What is wrong with using checksums like MD5 or CRC to verify files? Nothing! I use checksums for 99% of my needs and it works perfectly. However, signing a file adds a personal touch, in that, you are personally vouching for a file's integrity. If you want to be a geek, you have to go that extra step.
crypton-ss_3.png http://www.mediafire.com/download.php?38x8wcj64y3s44f
http://www.box.com/s/85770lidq58esb6bb30k
The original website was here: http://www.d--b.webpark.pl/crypton_en.htm
Crypton is still available for download from other internet sites but I uploaded my own copy with some keys here:
Box.net FileShareFolder \crypton\ http://www.box.com/s/plgvnuncu3k65duxm7ux
crypton12jc-pkg.MD5.txt http://www.box.com/s/ixyr2rv5vdep76ksp5lv
crypton-ss_3.png http://www.box.com/s/85770lidq58esb6bb30k
howtoUse-Crypton3.ans.odt http://www.box.com/s/rrlryrx1mjgh2cmx78u6
howtoUse-Crypton3.ans.pdf http://www.box.com/s/azyqr81yevnazfpkvlmt
howtoUse-Crypton3.ans.txt http://www.box.com/s/3mo3qbfy3gexfamltc47
crypton12jc.sgn http://www.box.com/s/2idn116b73n7cff75via
crypton12jc.zip <== this is the software
http://www.box.com/s/btgx3fjhako1kqrcqqeo
Mediafire FileShareFolder \crypton\ http://www.mediafire.com/?pa1wjewwt79sb
crypton12jc-pkg.MD5.txt http://www.mediafire.com/download.php?z4dpmwjh1dfoj92
crypton12jc.sgn http://www.mediafire.com/download.php?pvvsrbcobortl7e
crypton12jc.zip http://www.mediafire.com/download.php?dj4e34j39ccwwme
crypton-ss_3.png http://www.mediafire.com/download.php?38x8wcj64y3s44f
howtoUse-Crypton3.ans.pdf http://www.mediafire.com/download.php?tx35x6wm5i9xtda
jcpma2011-public-crypton-key_242A.pbl http://www.mediafire.com/download.php?53983hy5oi7sd4x
The Copyright © holders have all rights reserved. The software and web documents are provided "as is" without express or implied warranty of any kind by the parties and contributors involved.
±±±± pre-amble of Public Key Exchange encryption
A casual/vague synonym for Public key exchange may be "Diffie-Hellman exchange" named after the duo who invented this type passkey encryption. They could be considered the grandparents of Public Key Exchange encryption. RSA, Elgamal, & DSA are some of the variations of this type of encryption†.
I'm most comfortable with traditional passkey use, the kind that does not involve a Public key exchange. Examples are many: webmail login; using a bank card at an ATM or retail shoppe; logging on to a computer; logging in to a blog account to post a blog entry; etc... This is much SIMPLER, but LESS SECURE. If someone guessed or found your password it would be easy for them to pretend to be you. Non-crucial information can be encrypted by any of the vast number of available encryption apps to prevent it from being viewed by nosy neighbors. It's fast and easy and most of the time it is adequate. However for sensitive data, Public key exchange types of software should be considered for encryption.
I was introduced to Public key exchanges when PGP, and GnuPG started to become popular. These programs secure email's text and email's file sending. (PGP doesn't really stand for Pretty Gconfusing Privacy, nor does GnuPG stand for Gnu Privacy Gconfusion.) It was a steep learning curve for me to just get a grasp of the basic/minimal concepts before I even touched any of the software.
This type of key use enables:
1. encryption targeted for a specific receiver.
2. a working hybrid key that is difficult to crack.
Public key exchange based programs like PGP, and GnuPG have a built in Key Manager. The key manager performs two crucial functions:
i.) It creates unique pairs of private-public keys.
ii.) It creates hybrids between your own private key and an external third-party public key (OR in some cases hybrids between the program's temporary key, your private key and an external third-party public key).
If anyone gets a hold of two public keys, it would be extremely difficult, if not impossible, for them to figure out the hybrid key. (If they were to get a hold of a private key,... well that's "a different story!").
(†)"Introduction to Cryptography" (Copyright 1999, Network Associates, Inc., Santa Clara, CA 95054 http://www.nai.com)
end of pre-amble ±±±±
Posts
No comments:
Post a Comment