DOKK / manpages / debian 11 / ccrypt / ccguess.1.en
CCGUESS(1) Encryption CCGUESS(1)

ccguess - search for ccrypt encryption keys

ccguess [options] file...

The ccguess program attempts to guess ccrypt(1) encryption keys by searching the relevant part of the key space. This is done by prompting the user for an approximate key and then trying many variations of this key. This is intended to assist ccrypt users in recovering mistyped or forgotten keys, provided that they remember at least part of the key.

Note that ccrypt provides strong cryptographic security: there are no special back doors or shortcuts to recovering forgotten keys. Therefore, the ccguess program does not have any special powers. It simply works by trying different keys until a possible match is found.

A search of the entire key space is not usually a practical option. ccguess therefore works by prompting the user for an approximate key. It then tries all variations that can be obtained by applying a small number of changes. Here, each change is either a deletion of one letter, an insertion of one letter, a replacement of one letter by another, or a transposition of two adjacent letters. By default, ccguess searches all keys that differ from the approximate key by up to 5 changes. The number of changes searched can be adjusted with the --depth option.

The mechanism by which ccguess determines whether a key is a "possible match" is the same as that used by ccrypt to reject non-matching decryption keys. There is a small chance of a false match, i.e., ccguess may find a key that turns out not to be the true encryption key and does not decrypt the file correctly. A false match happens approximately once for every 4.3 billion keywords tried, so the longer your search goes on, the higher the likelihood that a false match is found. Normally, ccguess stops after the first possible match is found, but the -c option can be used to search for additional keys. The possibility of a false match can be further reduced by supplying multiple files that have been encrypted with the same key. In this case, ccguess will search for keys that match any of the files, but will print a warning for keys that do not match all of the files.

The following options are supported:

Help. Print usage information and exit.
Print license info and exit.
Print version info and exit.
Specify the approximate key on the command line, rather than prompting the user for it.
Search keys that contain up to n changes. The default is 5.
Keep trying more keys even after the first match is found. By default, ccguess will stop after the first key is found that matches all input files.
Specify the list of characters to try for replacements and insertions. By default, ccguess will try all printable ASCII characters. If you know, for example, that your key only used lowercase letters and numbers, you can speed up the search by specifying a list of characters explicitly. This option is mutually exclusive with -n.
Allow non-printable characters in keys. By default, ccguess will only try printable ASCII characters. Note that the use of this option slows down the search significantly. This option is mutually exclusive with -t.

The name of a file that has been encrypted with the unknown key. This file is only read from, not written to. The special filename "-" is used to denote standard input.

If multiple files are specified, ccguess will search for keys that match any of the files, but will print a warning for keys that do not match all of the files.

Suppose the file myfile.cpt has been encrypted with the key "gardenhouse", but the user remembers "gardenhose". The command


ccguess -K gardenhose myfile.cpt

will find the correct key after 2318 guesses.

The exit status is 0 if at least one possible match is found, 1 if no matches are found, and >=2 if an error occurred.

1.11

Peter Selinger <selinger at users.sourceforge.net>

Copyright (C) 2000-2018 Peter Selinger

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. See also http://www.gnu.org/.

July 2018 Version 1.11