Encrypt files with CCrypt, AxCrypt, and OpenSSL

Are you someone who keeps a text file on their Desktop with all there passwords in it? Do you write you account information and passwords on a sticky-note? I sure hope not! But if you do, consider encrypting that password file with high-grade encryption using reliable freeware.

I will review three free encryption applications; CCrypt, AxCrypt, and OpenSSL.

1. CCrypt

Pros: I admire it’s simplicity, how easy it is to pop open a terminal and run the command:

$ ccrypt -e file2encrypt.txt
$ Enter encryption key: {your password}
$ Enter encryption key: (repeat) {your password}

And you are left with an password encrypted AES file with the file extension CPT.
To decrypt run the command:

$ ccrypt -d file2encrypt.cpt

Before and After:

Cons: AES encryption using a passworde is only as strong as the password itself. The majority of attacks against the AES algorithm are brute-force and dictionary attacks. Therefore, I would recommend a password that is at least 12 characters long and contains, alphanumeric, symbols, etc. More information on password strengths vs brute-force attacks see here.

2. AxCrypt

Pros: great integration with Windows OS. Installable and context-menu integration, just right-click on a file and choose AxCrypt –> Encrypt. Check here for screenshots and usability. Uses AES encryption which is well known and documented. Has the ability to make a Key-File to be used with encryption/decryption. Conveniently Encrypt to exe(good and bad). Also, provided on their website is a portable Decrypt Only EXE. Allowing you to decrypt AxCrypt encrypted files without having to install the full application.


Cons:Windows only specific, not cross compatible with other operating systems. (runs under wine great!). AES 128-bit only.

3. Openssl

Pros: Free open source software. Widely know suite of encryption algorithms. Multi-platform compatibility. Advanced users.
OpenSSL Commands for AES256 encryption using password:

$ openssl enc -aes-256-cbc -a -salt -in {file-to-encrypt} -out {encrypted-file-name}
$ enter aes-256-cbc encryption password: {your password}
$ Verifying - enter aes-256-cbc encryption password: {your password}

To decrypt:

$ openssl enc -d -aes-256-cbc -a -salt -in {encypted file} -out {unencrypted file}

Notes: -a is used to run the encryption through base64 encoding. Useful for sending the encrypted string over email and such. -d is used for decryption.

Screen captures:

Cons: Transferability. Meaning, if you don’t know what the original user encryption algorithm was then you won’t know which algorithm to use to decrypt.

AES Wikipedia
CCrypt Web Site
OpenSSL Command-Line HOWTO
About AxCrypt
HowToUse AxCrypt
AxCrypt Screenshots provided by Softpedia

I'm an Engineer with over 15 years experience in IT infrastructure. A DIY woodworking hobbyist and avid tennis player!

Leave a Reply