CryptCreature demonstrates the basics of cryptography. You can choose a cryptographic algorithm, parameters, and key size; load, save, and generate secret keys, and then encrypt and decipher messages. Tool tips provide some education on cryptographic concepts.
This is a significant upgrade on a previous release.
Description: | CryptCreature demonstrates the basics of cryptography, and through its source code may serve as an example of using Java's cryptographic capabilities. It is hoped that this software is useful for the curious to start on the road to cryptography and keeping their data and lives out of prying hands. NOTE: Source code is inside the .jar file (treat it as a .zip file) |
Version: | 1.4.1 |
License: | GPLv3+ |
Requirements: | Java 1.7+ |
Download: | cryptcreature.jar (141.8KiB) screen shot (135.8KiB) Older versions: cryptcreature.jar (old: v1.1) (116.5KiB) cryptcreature.jar (old: v1.0) (56.1KiB) screen shot (old: v1.0) (137.4KiB) |
The CryptCreature is hosted at GitHub.
Anyone with an interest in cryptography, but please note that this tool is not intended for serious cryptographic uses. The reasons include the following:
Bottom line: Feel free to play with CryptCreature and learn about cryptography, but please do not put your life in its hands, especially not until smarter people than I have had a go at the code and CryptCreature has evolved (if it ever will) to be smarter about key management!
The introduction I give here should help you get a leg up on the concepts, but I cannot hope to teach you all you should and need to know to make no mistakes. The most important lesson I have to teach is that cryptography is not an easy thing, and even the tiniest mistake can dramatically weaken or even make worthless the secrecy that you were hoping to achieve.
Cryptography seeks to limit access to information by scrambling the information according to some reversible cipher combined with a so-called key. A cipher is a complex algorithm designed by experts in the field, and because other experts apply their skills to analyze it at great length, and have found no problems with it (but, not having found a problem is no proof that a problem isn’t still hiding!) the cipher is considered acceptable. After that, the security comes from the secret key, and how well this key is protected.
The most secure key is a so-called One Time Pad (OTP), a random private key as long as the message itself, which is discarded after use. Such keys are rather unwieldy, of course.
Private Key cryptography is similar to use of an OTP, except that the key is of limited size, and it is reused (at least for a time). Private Key cryptography (including OTP) is somewhat difficult to implement because the secret key must be exchanged between the parties wishing to exchange information. If you are merely keeping your own stuff safe, you need not exchange this key with anyone, you only need to ensure that it is not lost or found by someone else.
Public Key Cryptography was revolutionary when the concept was discovered, because it allows two parties to exchange only the public portions of their keys, and do so in any manner desired, including in full public view. Only the private portion of each party’s key needs to be kept secret. Each party then exchanges messages using their own private key in combination with the other party’s public key. This eliminates all the risk of two parties having to exchange keys!
CryptCreature uses only private (secret) key cryptography, no public keys, and no OTP. The secret key must truly remain secret, and for anyone to read an encrypted message, they must have the secret key that you used during encryption.
I’m sure there are many bugs lurking. The source code is included in the JAR (treat the JAR like a zip file to get at it), so you can always poke around. I’d love to hear from you if you find CryptCreature useful, or you find fixes or have suggestions for improvements.
All content is copyright © Ringlord Technologies unless otherwise stated. We do encourage deep linking to our site's pages but forbid direct reference to images, software or other non-page resources stored here; likewise, do not embed our content in frames or other constructs that may mislead the reader about the content ownership. Play nice, yes?