aenker

aenker

aenker is a simple commandline utility to encrypt files to a public key (Curve25519) with an authenticated encryption scheme (ChaCha20Poly1305). This is basically an ECIES.

The input is split into smaller chunks internally and is encrypted & authenticated individually. Padding and concatenation is done similarly to InterMAC. The key used for encryption is derived with HKDF using Blake2b after performing anonymous Diffie-Hellman with a given public and a random ephemeral private key. All this is further described in the specification.

Authenticated encryption authenticates the ciphertext upon decryption and combined with the above construction any chunk reordering, bit-flips or even truncation can be detected and are shown as errors. Only ciphertext that has been successfully decrypted and authenticated is ever written to the output. The chunking still alleviates the need to fit the entire file into memory at once or do two passes over all data. Thus you can also encrypt files of many gigabytes.

ALTERNATIVE

See the disclaimer below. Even though I took a number of courses on information security and cryptography, I would not call myself a cryptographer.
If you're looking for a modern and well-vetted encryption tool, you should take a look at age instead.

I believe aenker was started before age existed but the latter has seen much more development.

INSTALLATION

Install directly with go:

go get -u github.com/ansemjo/aenker

Install a binary release / package

Download a release from GitHub (replace $VERSION with the desired release):

curl -Lo aenker https://github.com/ansemjo/aenker/releases/download/$VERSION/aenker-linux-amd64
chmod +x aenker
./aenker --help

Compile from sources:

Download a tarball from GitHub and use the included makefile to build a static binary and embed proper version information:

cd aenker-master/
make
make install PREFIX=~/.local

USAGE

Key Generation

First, you need a keypair. To generate a new random keypair use the builtin keygenerator:

aenker keygen [-f where/to/store/seckey]

Without any arguments, this will store the key in the default location ~/.local/share/aenker/aenkerkey and your public key will be printed to the terminal. Send your public key to anyone who wants to encrypt data for you and keep your private key .. well, private.

If you want to display your public key later or calculate the public key to a given private key, you can use the subcommand show:

aenker show [-k path/to/seckey]

Note: aenker only performs anonymous Diffie-Hellman and the keys are not signed or certified. To protect against man-in-the-middle attacks you should transfer the key over a secure channel or verify the integrity on a different channel.

Encryption / Decryption

Encrypt a simple message using the public key with the subcommand seal:

echo 'Hello, World!' | aenker seal -p lGLD...AFBo= > message.ae

Decrypt messages with the open subcommand. If your key is stored at the default location you can decrypt a message by simply piping the encrypted message into aenker:

aenker open [-k path/to/seckey] < message.ae

Input and output files can be specified with the -i and -o flags respectively. The terms seal and open are commonly used in the context of AEADs but you can also use their aliases encrypt and decrypt if you prefer:

aenker decrypt -i documents.tar.ae -k mykey | tar -xf -

The key flags -p/--peer and -k/--key accept the base64-encoded keys on the commandline or the name of a file which contains the key alone on one line. Specifically, the first match to the regular expression /^[A-Za-z0-9+/]{43}=$/ is used, so you can add as many comments as you like to your key files.

Specifying the key on the commandline is convenient for public keys but should be avoided for private keys:

... | aenker seal -p lGLDUgFvp8TSwJ17VC9k0/T9mNWvfGoJ42zauMkAFBo= > message.ae

Advanced Key Generation

Generally, Curve25519 - and thus aenker - accepts any 32 byte value as a key. You could generate a private key by any other means and then only calculate the public key to distribute it. Possibilities include:

• reading 32 bytes of system randomness from /dev/urandom
• use an implementation of Argon2i to derive a key from a password, i.e. ansemjo/stdkdf
• ...

DOCUMENTATION

All of the commands output a nicely formatted help message, so you can use help at any time:

aenker help

If you prefer, you can instead install and read manpages with:

aenker docs man -d ~/.local/share/man/
man aenker

Completion scripts for your shell can be generated and sourced with:

 . <(aenker docs completion)

File Detection

Append this piece to your ~/.magic file:

0 string aenker\xe7\x9e aenker encrypted file
!:mime application/octet-stream

And file(1) should detect encrypted files as aenker encrypted file.

DISCLAIMER

Please be advised that I am not a professional cryptographer. This is merely a hobby of mine which I hope can be useful to you.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.