NCrypt - NMRC File Encryptor / Decryptor / Wiper

NCrypt is intended to give you security in an insecure environment. If you 
are wanting to encrypt files (particularly on a multi-user system where 
you don't have root), wishing to hide your activites from prying eyes, and 
want to "cover your tracks", then NCrypt is for you. It is a symmetrical 
file encryptor/decryptor that gives you the choice of the top three 
candidates for AES as the encryption algorithm (Rijndael, Serpent, 
Twofish), tries to minimize exposure of the plaintext password in memory, 
and can safely erase the plaintext version from the hard drive. It 
compiles without any extra crypto libraries, making it ideal for systems 
where you just have a compiler and basic libraries (such as an ISP's shell 
server).

Features

- Open-source freeware.
- Unix and Win32 versions available.
- Should compile on any platform that supports standard C libraries (no 
  dependencies upon crypto libraries). Currently supported are Linux 
  platforms, although users report successful compilation on *BSD flavors.
- Use Rijndael, Serpent, or Twofish as the crypto algorithm. Rijndael is
  the AES selected candidate, Serpent came in second, and Twofish third. For 
  details on AES and the selection process, check out 
  http://csrc.nist.gov/encryption/aes/ for more information.
- The plaintext password is converted to a SHA-1 hash and immediately 
  wiped from memory.
- Once the SHA-1 hash is used to make a key for encryption, the SHA-1 hash 
  is wiped from memory.
- Optionally during encryption, the original unencrypted file can be 
  erased with the drive space it occupied being overwritten in one of two 
  ways -- either using the recommended methods from DoD standard 
  5220.22-M chapter 8, or using techniques outlined in Peter Gutmann's 
  1996 paper Secure Deletion of Data from Magnetic and Solid-State Memory.
- A "wipe-only" option is also available that is indepedent of the 
  encryption process, for those times when you need to get rid of a file 
  permanently without keeping an encrypted copy. The Unix version 
  supports wiping of file slack as well.
- Random data streams used during file wiping use ISAAC PRNG for secure 
  random data generation.

BNCrypt implementation by Simple Nomad [thegnome at nmrc.org]. Extensive 
code review by Inertia [inertia at nmrc.org]. Additional coding by Todd 
MacDermid [tmacd at synacklabs.net]. Based upon code by Joh Johnson, which 
was taken from code by Gary Rancier, as well as code taken from Dave 
Whiting's Twofish implementation. Other code is based upon sample code 
from the excellent book "Building Secure Software" by John Viega and Gary 
McGraw.

The ncrypt homepage is located at:

	http://sourceforge.net/projects/ncrypt/