Cryptnos
|
Cryptnos is a small GUI utility built using Microsoft's .NET Framework for generating strong, unique, yet repeatable passphrases using cryptographic hashes. Its original intended use was for website authentication, but it can be used for any purpose where strong passphrases are required or encouraged. Cryptnos combines an easy-to-remember token with a secret phrase known only to the user, then passes both to a selectable cryptographic hash to generate a passphrase that is seemingly random, difficult to brute-force, and impossible to regenerate without knowing both the token and the original secret.
In addition, Cryptnos allows the user to further refine the generated passphrase to fit additional restrictions. For example, some websites require passphrases to be within certain length constraints (say 8-12 characters) or may limit the types of characters that can be used (for example, only letters and numbers). Cryptnos will generate the hash from the original material and then apply these limits. For example, you can use a very strong SHA-512 hash, limit it to only alphanumerics, and then limit it further to only 12 characters long. The final generated hash is suitable for copying or typing into the website's form without further modification.
Best of all, Cryptnos remembers the complex rules for generating each passphrase and stores it in a secure fashion in the Windows registry. It uses both cryptographic hashes and strong AES (Rijndael) 256-bit encryption to store the rules for each passphrase in the registry, so even if the registry is copied or read by an admin, the values cannot be easily read. Of course, the final generated password requires the user's secret, which is NEVER stored, so even if the site parameters in the registry are decrypted, the final passphrase cannot be generated without social engineering or similar external means.
Cryptnos supports the following cryptographic hashes for generating passphrases, which are made available by default through the Microsoft .NET Framework either as pure managed classes or interfaces to the unmanaged Microsoft CryptoAPI:
1. MD5: A very common 128-bit hashing algorithm that is an Internet standard (RFC 1321).
2. SHA-1: Considered the successor to MD5, SHA-1 produces a 160-bit digest.
3. SHA-256: Part of the SHA-2 family of successor algorithms to SHA-1 first published in 2001, SHA-256 generates a 256-bit digest.
4. SHA-384: This algorithm is a truncated version of SHA-512, computed with a different initial value.
5. SHA-512: Like SHA-256, this algorithm is a SHA-2 successor to SHA-1.
6. RIPEMD-160: This 160-bit digest algorithm was developed in Europe and first published in 1996.
The license of this software is Free, you can free download and free use this file encryption software.