File Encryption / Decryption using FileCryptJ

A file protection utility using a strong cryptographic algorithm to encrypt a file with a user defined password.

File Encryption

Start the programme and browse for the file to be encrypted,then Doubleclick on the wanted filename. The destination file then has to be entered. A suggested version consisting of the original filename with _XXX appended is offered, but this can be changed as desired. Click the 'OK' button when completed. If the same name has inadvertantly been chosen for source and destination files, this will be detected and the destination name can be changed.

Enter a password, repeat as a check when requested and press Start. If the two passwords do not match, this will be detected. The password can be anything up to 48 characters long - if anything longer is entered it will be truncated.
Encryption with no password is possible which scrambles the file in an otherwise insecure form. For this option just press the Start button


The algorithm is completely symmetrical, so decryption is performed in an identical manner to encryption. Use the destination file from the encryption process as the source and specify a suitable destination file name and file type.

Security of the encryption process.

This depends entirely on the password. Use passwords of at least eight characters, and preferably with a mix of letters and numbers to prevent a brute-force attack. *
Password length here is set to a maximum of 48 input characters which potentially could give a password of more than than 440 bits of entropy. An 8 character trivial password consisting of only common ASCII letters and numbers exhibits approximately 48 bits of entropy.
Note that according to Schneier writing in 1996, encryption products of more than 40 bits are prohibited from export from the US. Therefore we can quite reasonably assume that (back then) 40 bits means weak!
Most modern commercial products make use of 256 bit or higher password / encryption, requiring a password of the full 48 characters for maximum security. For all practical purposes, a well chosen phrase, or combination of letters and numbers will probably be more than good enough.

Encryption Algorithm

The encryption algorithm uses RC4 which was developed by Ron Rivest in 1987 for RSA Data Security Inc. For seven years this was proprietary but in 1994 the source code was leaked to the Cypherpunks mailing-list, anonymously, from which it then spread around the world like wildfire.

See Bruce Schneier, Applied Cryptography (2nd Edition, 1996) for more details.

Schneier states (at the time of writing) that there appear to be no known weaknesses in RC4. Therefore a brute-force attack is the only option for anyone trying to break the code. The algorithm is straightforward, and follows the basic 'good' rules for cryptography detailed in his book.

RC4 is used in a wide variety of products under a commercial license from RSA Inc. Use of this software for commercial purposes is therefore not permitted.

* Salt is appended to the password to increase the security in the event of certain types of password being (mis)chosen. The added salt string consists of the characters "67caTs" followed by ASCII character 245 and the ASCII character corresponding to the length of the original password entered + 41. A total of eight extra characters are added, but note that as they are completely predictable, there is no increase in the effective password length. Security still depends on having a long-enough random password to start with.

If no password is specified, the salt will work as a short, fixed password that may be sufficient for hiding the file's contents from casual scrutiny or getting illegal file types through firewalls without having to remember a password - but nothing more !!

Download FileCryptJ.exe

This software has only just been completed and not yet thoroughly tested, if you find any problems please feel free to suggest changes!

The original FCRYPTJ1.EXE for DOS / Command prompt is still here, fully compatible with files generated from FileCryptJ provided they keep to the 8.3 file name format.

Back to main page