Rypt: versatile command-line encryption tool
- Encrypt/decrypt files and streams using passwords, public/private key pairs and complex combinations of these.
- Uses modern cryptographic primitives provided by libsodium.
- Written in Rust, efficient and memory-safe programming language.
- 100% Authenticated Encryption: any change to encrypted files would make them invalid.
- Offline, standalone tool that does not depend on any commercial services / clouds.
- Supports advanced use cases like multiple passwords/public keys, key threshold schemes and more.
- Fast. ~1.1 Gb/s on a 2013 MacBook using AES256-GCM algorithm. Usually I/O bandwidth is the limiting factor.
- Easy to use at both beginner and advanced level (see examples below).
- Lightweight: ~1 Mb binary size; <10 Mb memory used (except as required by password derivation functions).
- Operating System Support: x86 Linux, MacOS, Windows.
- Open source, MIT license.
Examples
| | |
| | |
() ) ()
) ()
)
)
)
)
Installation
Download binary
See the Releases section.
From source
- Install Rust: https://www.rust-lang.org/tools/install
cargo install rypt
Why not use existing tools?
- PGP: Large installation; cumbersome (--symmetric?); old algorithms (AES128 in CFB mode); slow (TODO: numbers); no proper password derivation, no full-file authentication.
- OpenSSL: too low-level; TODO.
- Keybase: No password-based encryption, depends on having an account at a commercial service; TODO.
- Archivers like zip, 7z, winrar: old algorithms, not stream-friendly, no public key crypto; TODO.