CryptLight
Copyright 2008 by Joe Huffman dba FlashTek.
Last update March 19, 2008.
What is CryptLight?
This program is a very simple encryption tool for secure communications. It is extremely
simple to use and utilizes the latest standard in encryption technology--
Advanced Encryption Standard
also known as Rijndael.
Limitations
What makes this program
so simple is also a disadvantage. It does not use public keys. In order for the
system to be secure the passphrase/password must be communicated to the recipient
via a secure channel. Typically this means a face to face meeting. Depending
on who you are attempting to secure the information from a phone call might be "secure
enough".
How to use CryptLight
1) Select a passphrase
The passphrase should
be as long as you can remember but more than 32 characters are wasted. All the
typical suggestions for strong passwords are applicable--use punctuation characters,
mixed case, numbers, and not real words.
Or just be lazy and use "password", the name of your spouse, child, mother, father,
dog, mistress, or favorite $1000/hour escort. No one would ever guess that you would
hide it in plain sight. You should think of yourself as exceedingly clever if you
go this route.
Whatever your passphrase it should be something and your friend can both remember
easily.
The whole world will laugh at you if your spouse tells the divorce court the passphrase
for your encrypted messages to and from extramarital playmates was found on a sticky
pad on the computer monitor.
Communicate the passphrase to the message recipient via a secure method. Face to
face is best.
Once you have a passphrase enter it in the passphrase box.
2) Enter the plain text
Enter your plain text
(message to be encrypted) in the large edit box. You can copy and paste from another
application or type it in directly.
3) Encrypt
Press the Encrypt button.
4) Send message
Copy and paste the
contents of the large edit box into an email (or instant message/whatever)
and send it to your intended recipient.
5) Decryption
Copy and paste the encrypted message from the email or instant message you received
into the large edit box.
Enter the agreed upon passphrase into the passphrase box.
Press the Decrypt button.
Read the message directly in the large edit box or copy and paste it into Notepad
so you can save it someplace where the police can find it and use it at your trial.
FAQ
What does it cost?
It's shareware. Send me a few bucks via PayPal (paypal@joehuffman.org) if you like.
$10 would be nice. An email saying you like it would be appreciated too.
Why should I trust it?
Ask me for the source code and I'll send it to you so you can examine it and build
it yourself. It's very simple C# code using the Common Language Runtime for the
encryption.
I will make a change in what is called the Initialization Vector for your version
so your version cannot used with my released version. This will prevent people from
making a compromised version and passing it off as mine. You could still use your,
verified trustworthy, version with your buddies. You just can't use it with other
people who use mine.
Will this keep me out of jail if I use it in the commission of a crime?
Probably not. In the United States you can probably be sent to jail until you turn over your passphrase. Other countries will jail you for a few days then just execute
you. This is because they figure if you are using encryption you must be guilty
of something. This same logic applies to the government. If they are encrypting
their messages they must be guilty of something too.