One of the potential weaknesses of Solaris and other UNIX systems is that the superuser is able to read the data of all users on the system. This means that if the system administrator account is breached, all data on the system can potentially be accessed by the intruder. In this context, it’s important for individual users to ensure that they can protect the contents of their data, if not the representation of the data. This is where file encryption plays a major role: it is possible for users to store a form of their files on the file system that is readable by the superuser but whose contents cannot be easily discerned. This is because the file contents have been passed through a cipher that uses a mathematical function to scramble them, while ensuring that the contents can be successfully decrypted. The simplest encryption schemes are symmetric; that is, a key is used to encrypt the data, and the same key is used to decrypt the data.
While most keys take the form of passwords, it’s also possible to engage biometric devices, which perform iris scans and capture thumbprints, to extract and apply a key.
The crypt command is a symmetric key encryption system: it accepts a key supplied on the command line, which is used to encrypt data supplied from standard input, and then pipes the data through a stream cipher to produce encrypted data on standard output. For example, if a set of medical records is stored in the file medical.txt and the encrypted records are to be stored in the file medical.crypt using the key 8rgbfde4f, then the following command could be used:
$ crypt 8rgbfde4f << medical.txt >> medical.crypt
The contents of medical.crypt would then contain binary data that can be viewed on screen by using the following command:
$ strings medical.crypt 84jh$&;4-=+-45fsfg5HGhfdk
The original file medical.txt could then be deleted, and only a user who has both read access to the medical.crypt file and the key 8rgbfde4f would be able to decrypt the contents of the file, and obtain the original data. The crypt command is used to decrypt the data using the same format as encryption.
Be aware that if you supply the key on the command line, and if the encryption takes a significant amount of time, the command string will be visible to all users by using the ps command. Thus, unless the command is being performed in a script, it’s best to omit the key from the command line, in which case you will be prompted for it. In scripts, the key can be set as an environment variable prior to the use of the crypt command, and then unset after the command has completed.
It should be noted that the crypt algorithm is one of the least secure available—it is vulnerable to brute force cracking attacks, which is why it is not frequently used. A number of other symmetric key encryption programs can be used in place of crypt, such as the 56-bit Data Encryption Standard (DES), or its more secure variant, Triple DES, which uses three keys. No matter what symmetric key algorithm is used to encrypt the data, there is always the possibility that it may be decrypted by a cryptanalysis method. This typically involves matching known portions of the text to be decrypted to the encrypted text, and applying brute force methods to find a match. For example, if a letter sent on company letterhead contained the company name, that name could be successfully used as a starting point for cryptanalysis. However, if the target data cannot be easily guessed, cryptanalysis becomes much harder. One way of making cryptanalysis more difficult is to repeat the encryption process several times, each time substituting the encrypted file for the plaintext file. Thus, a triple encryption strategy (to some extent emulating Triple DES, which uses three 56-bit keys) would involve the following commands, assuming that the keys 8rgbfde4f, df454rfx, and 4gfdg56 were used:
$ crypt 8rgbfde4f << medical.txt >> medical.crypt.3 $ crypt df454rfx << medical.crypt.3 >> medical.crypt.2 $ crypt 4gfdg56<< medical.crypt.2 >> medical.crypt $ rm medical.txt medical.crypt.3 medical.crypt.2
In each case, the contents of two previously encrypted files would need to be guessed before the original file could be decrypted. Given that encryption potentially takes a long time to perform, a faster method of scrambling the data can be used: a file compression program. In addition to reducing encryption time and file size, the contents of a compressed file are scrambled for all intents and purposes. Using several different compression algorithms on a file before encryption makes it very difficult to decrypt:
$ gzip medical.txt $ compress medical.txt.gz $ pack medical.txt.gz.Z $ crypt 8rgbfde4f << medical.txt.gz.Z.z >> medical.crypt