CryptLight

What is CryptLight?

This program is a very simple encryption tool for secure communications. It is extremely simple to use and utilizes the latest standard in encryption technology-- Advanced Encryption Standard also known as Rijndael.

Limitations

What makes this program so simple is also a disadvantage. It does not use public keys. In order for the system to be secure the passphrase/password must be communicated to the recipient via a secure channel. Typically this means a face to face meeting. Depending on who you are attempting to secure the information from a phone call might be "secure enough".

How to use CryptLight

1) Select a passphrase

The passphrase should be as long as you can remember but more than 32 characters are wasted. All the typical suggestions for strong passwords are applicable--use punctuation characters, mixed case, numbers, and not real words.

Or just be lazy and use "password", the name of your spouse, child, mother, father, dog, mistress, or favorite $1000/hour escort. No one would ever guess that you would hide it in plain sight. You should think of yourself as exceedingly clever if you go this route.

Whatever your passphrase it should be something and your friend can both remember easily. The whole world will laugh at you if your spouse tells the divorce court the passphrase for your encrypted messages to and from extramarital playmates was found on a sticky pad on the computer monitor.

Communicate the passphrase to the message recipient via a secure method. Face to face is best.

Once you have a passphrase enter it in the passphrase box.

2) Enter the plain text

Enter your plain text (message to be encrypted) in the large edit box. You can copy and paste from another application or type it in directly.

3) Encrypt

Press the Encrypt button.

4) Send message

Copy and paste the contents of the large edit box into an email (or instant message/whatever) and send it to your intended recipient.

5) Decryption

Copy and paste the encrypted message from the email or instant message you received into the large edit box.

Enter the agreed upon passphrase into the passphrase box.

Press the Decrypt button.

Read the message directly in the large edit box or copy and paste it into Notepad so you can save it someplace where the police can find it and use it at your trial.

FAQ

What does it cost?

It's shareware. Send me a few bucks via PayPal (paypal@joehuffman.org) if you like. $10 would be nice. An email saying you like it would be appreciated too.

Why should I trust it?

Ask me for the source code and I'll send it to you so you can examine it and build it yourself. It's very simple C# code using the Common Language Runtime for the encryption.

I will make a change in what is called the Initialization Vector for your version so your version cannot used with my released version. This will prevent people from making a compromised version and passing it off as mine. You could still use your, verified trustworthy, version with your buddies. You just can't use it with other people who use mine.

Will this keep me out of jail if I use it in the commission of a crime?

Probably not. In the United States you can probably be sent to jail until you turn over your passphrase. Other countries will jail you for a few days then just execute you. This is because they figure if you are using encryption you must be guilty of something. This same logic applies to the government. If they are encrypting their messages they must be guilty of something too.