ccguess - search for ccrypt encryption keys
ccguess [options] file...
program attempts to guess ccrypt
(1) encryption keys by
searching the relevant part of the key space. This is done by prompting the
user for an approximate key
and then trying many variations of this
key. This is intended to assist ccrypt
users in recovering mistyped or
forgotten keys, provided that they remember at least part of the key.
Note that ccrypt
provides strong cryptographic security: there are no
special back doors or shortcuts to recovering forgotten keys. Therefore, the
program does not have any special powers. It simply works by
trying different keys until a possible match is found.
A search of the entire key space is not usually a practical option.
therefore works by prompting the user for an approximate key.
It then tries all variations that can be obtained by applying a small number
of changes. Here, each change is either a deletion of one letter, an insertion
of one letter, a replacement of one letter by another, or a transposition of
two adjacent letters. By default, ccguess
searches all keys that differ
from the approximate key by up to 5 changes. The number of changes searched
can be adjusted with the --depth
The mechanism by which ccguess
determines whether a key is a
"possible match" is the same as that used by ccrypt
non-matching decryption keys. There is a small chance of a false match, i.e.,
may find a key that turns out not to be the true encryption key
and does not decrypt the file correctly. A false match happens approximately
once for every 4.3 billion keywords tried, so the longer your search goes on,
the higher the likelihood that a false match is found. Normally,
stops after the first possible match is found, but the
option can be used to search for additional keys. The possibility of
a false match can be further reduced by supplying multiple files that have
been encrypted with the same key. In this case, ccguess
will search for
keys that match any
of the files, but will print a warning for keys
that do not match all
of the files.
The following options are supported:
- -h, --help
- Help. Print usage information and exit.
- -L, --license
- Print license info and exit.
- -V, --version
- Print version info and exit.
- -K key, --key key
- Specify the approximate key on the command line, rather
than prompting the user for it.
- -d n, --depth n
- Search keys that contain up to n changes. The
default is 5.
- -c, --continue
- Keep trying more keys even after the first match is found.
By default, ccguess will stop after the first key is found that
matches all input files.
- -t chars, --chartable chars
- Specify the list of characters to try for replacements and
insertions. By default, ccguess will try all printable ASCII
characters. If you know, for example, that your key only used lowercase
letters and numbers, you can speed up the search by specifying a list of
characters explicitly. This option is mutually exclusive with
- -n, --non-printable
- Allow non-printable characters in keys. By default,
ccguess will only try printable ASCII characters. Note that the use
of this option slows down the search significantly. This option is
mutually exclusive with -t.
- The name of a file that has been encrypted with the unknown
key. This file is only read from, not written to. The special filename
"-" is used to denote standard input.
If multiple files are specified, ccguess will search for keys that
match any of the files, but will print a warning for keys that do
not match all of the files.
Suppose the file myfile.cpt
has been encrypted with the key
"gardenhouse", but the user remembers "gardenhose". The
ccguess -K gardenhose myfile.cpt
will find the correct key after 2318 guesses.
The exit status is 0 if at least one possible match is found, 1 if no matches
are found, and >=2 if an error occurred.
Peter Selinger <selinger at users.sourceforge.net>
Copyright (C) 2000-2012 Peter Selinger
This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
This program is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program; if not, write to the Free Software Foundation, Inc., 59 Temple
Place, Suite 330, Boston, MA 02111-1307, USA. See also