Secret - Command line file encryption program
Secret is a command line file encryption program for Unix-like operating systems. Port for Windows is under development and will be available in August 2019. Secret already works with WSL. Secret supports encrypting individual files and directories.
How Secret works
Secret uses AES with 256 bit keys in CTR mode. Before decryption, files are autenticated using HMAC to ensure the data is not tampered. With HMAC, SHA512 is used. Most of the time SHA512 is actually faster on 64bit machines than SHA256. SHA512 is also very secure hash algorithm to use together with HMAC. For IV (nonce), 128 bit cryptographically random data is used.
For the actual encryption, OpenSSL Evp API is used.
Secret supports encrypting any size of files. Files are read and encrypted in chunks so for encrypting a big file does not require truckloads of memory.
A simple example how to encrypt a file: secret -e /home/niko/passwords.txt
For more, see the manual
At the moment I don't provide binaries for Secret, but there will be at least Windows binaries in the future. Source code for Secret is hosted on Github.Licenced under the MIT open source license.
Copyright © Niko Rosvall 2019
Follow on Twitter
Made in Finland