From a73453dbffb6dfcd9c6663386d084f254c67f90a Mon Sep 17 00:00:00 2001 From: Liwen Jiang Date: Sat, 16 Mar 2019 18:35:17 -0500 Subject: [PATCH] Submit Translatted Passage for Review Submit Translatted Passage for Review --- ...ile Encryption And Decryption CLI Utility.md | 283 ------------------ ...ile Encryption And Decryption CLI Utility.md | 225 ++++++++++++++ 2 files changed, 225 insertions(+), 283 deletions(-) delete mode 100644 sources/tech/20171212 Toplip – A Very Strong File Encryption And Decryption CLI Utility.md create mode 100644 translated/tech/20171212 Toplip – A Very Strong File Encryption And Decryption CLI Utility.md diff --git a/sources/tech/20171212 Toplip – A Very Strong File Encryption And Decryption CLI Utility.md b/sources/tech/20171212 Toplip – A Very Strong File Encryption And Decryption CLI Utility.md deleted file mode 100644 index 883834d7e7..0000000000 --- a/sources/tech/20171212 Toplip – A Very Strong File Encryption And Decryption CLI Utility.md +++ /dev/null @@ -1,283 +0,0 @@ -tomjlw is translatting -Toplip – A Very Strong File Encryption And Decryption CLI Utility -====== -There are numerous file encryption tools available on the market to protect -your files. We have already reviewed some encryption tools such as -[**Cryptomater**][1], [**Cryptkeeper**][2], [**CryptGo**][3], [**Cryptr**][4], -[**Tomb**][5], and [**GnuPG**][6] etc. Today, we will be discussing yet -another file encryption and decryption command line utility named **" -Toplip"**. It is a free and open source encryption utility that uses a very -strong encryption method called **[AES256][7]** , along with an **XTS-AES** -design to safeguard your confidential data. Also, it uses [**Scrypt**][8], a -password-based key derivation function, to protect your passphrases against -brute-force attacks. - -### Prominent features - -Compared to other file encryption tools, toplip ships with the following -unique and prominent features. - - * Very strong XTS-AES256 based encryption method. - * Plausible deniability. - * Encrypt files inside images (PNG/JPG). - * Multiple passphrase protection. - * Simplified brute force recovery protection. - * No identifiable output markers. - * Open source/GPLv3. - -### Installing Toplip - -There is no installation required. Toplip is a standalone executable binary -file. All you have to do is download the latest toplip from the [**official -products page**][9] and make it as executable. To do so, just run: - -``` -chmod +x toplip -``` - -### Usage - -If you run toplip without any arguments, you will see the help section. - -``` -./toplip -``` - -[![][10]][11] - -Allow me to show you some examples. - -For the purpose of this guide, I have created two files namely **file1** and -**file2**. Also, I have an image file which we need it to hide the files -inside it. And finally, I have **toplip** executable binary file. I have kept -them all in a directory called **test**. - -[![][12]][13] - -**Encrypt/decrypt a single file** - -Now, let us encrypt **file1**. To do so, run: - -``` -./toplip file1 > file1.encrypted -``` - -This command will prompt you to enter a passphrase. Once you have given the -passphrase, it will encrypt the contents of **file1** and save them in a file -called **file1.encrypted** in your current working directory. - -Sample output of the above command would be: - -``` -This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip file1 Passphrase #1: generating keys...Done -Encrypting...Done -``` - -To verify if the file is really encrypted., try to open it and you will see -some random characters. - -To decrypt the encrypted file, use **-d** flag like below: - -``` -./toplip -d file1.encrypted -``` - -This command will decrypt the given file and display the contents in the -Terminal window. - -To restore the file instead of writing to stdout, do: - -``` -./toplip -d file1.encrypted > file1.decrypted -``` - -Enter the correct passphrase to decrypt the file. All contents of **file1.encrypted** will be restored in a file called **file1.decrypted**. - -Please don't follow this naming method. I used it for the sake of easy understanding. Use any other name(s) which is very hard to predict. - -**Encrypt/decrypt multiple files -** - -Now we will encrypt two files with two separate passphrases for each one. - -``` -./toplip -alt file1 file2 > file3.encrypted -``` - -You will be asked to enter passphrase for each file. Use different -passphrases. - -Sample output of the above command will be: - -``` -This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip -**file2 Passphrase #1** : generating keys...Done -**file1 Passphrase #1** : generating keys...Done -Encrypting...Done -``` - -What the above command will do is encrypt the contents of two files and save -them in a single file called **file3.encrypted**. While restoring, just give -the respective password. For example, if you give the passphrase of the file1, -toplip will restore file1. If you enter the passphrase of file2, toplip will -restore file2. - -Each **toplip** encrypted output may contain up to four wholly independent -files, and each created with their own separate and unique passphrase. Due to -the way the encrypted output is put together, there is no way to easily -determine whether or not multiple files actually exist in the first place. By -default, even if only one file is encrypted using toplip, random data is added -automatically. If more than one file is specified, each with their own -passphrase, then you can selectively extract each file independently and thus -deny the existence of the other files altogether. This effectively allows a -user to open an encrypted bundle with controlled exposure risk, and no -computationally inexpensive way for an adversary to conclusively identify that -additional confidential data exists. This is called **Plausible deniability** -, one of the notable feature of toplip. - -To decrypt **file1** from **file3.encrypted** , just enter: - -``` -./toplip -d file3.encrypted > file1.encrypted -``` - -You will be prompted to enter the correct passphrase of file1. - -To decrypt **file2** from **file3.encrypted** , enter: - -``` -./toplip -d file3.encrypted > file2.encrypted -``` - -Do not forget to enter the correct passphrase of file2. - -**Use multiple passphrase protection** - -This is another cool feature that I admire. We can provide multiple -passphrases for a single file when encrypting it. It will protect the -passphrases against brute force attempts. - -``` -./toplip -c 2 file1 > file1.encrypted -``` - -Here, **-c 2** represents two different passphrases. Sample output of above -command would be: - -``` -This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip -**file1 Passphrase #1:** generating keys...Done -**file1 Passphrase #2:** generating keys...Done -Encrypting...Done -``` - -As you see in the above example, toplip prompted me to enter two passphrases. -Please note that you must **provide two different passphrases** , not a single -passphrase twice. - -To decrypt this file, do: - -``` -$ ./toplip -c 2 -d file1.encrypted > file1.decrypted -This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip -**file1.encrypted Passphrase #1:** generating keys...Done -**file1.encrypted Passphrase #2:** generating keys...Done -Decrypting...Done -``` - -**Hide files inside image** - -The practice of concealing a file, message, image, or video within another -file is called **steganography**. Fortunately, this feature exists in toplip -by default. - -To hide a file(s) inside images, use **-m** flag as shown below. - -``` -$ ./toplip -m image.png file1 > image1.png -This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip -file1 Passphrase #1: generating keys...Done -Encrypting...Done -``` - -This command conceals the contents of file1 inside an image named image1.png. -To decrypt it, run: - -``` -$ ./toplip -d image1.png > file1.decrypted This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip -image1.png Passphrase #1: generating keys...Done -Decrypting...Done -``` - -**Increase password complexity** - -To make things even harder to break, we can increase the password complexity -like below. - -``` -./toplip -c 5 -i 0x8000 -alt file1 -c 10 -i 10 file2 > file3.encrypted -``` - -The above command will prompt to you enter 10 passphrases for the file1, 5 -passphrases for the file2 and encrypt both of them in a single file called -"file3.encrypted". As you may noticed, we have used one more additional flag -**-i** in this example. This is used to specify key derivation iterations. -This option overrides the default iteration count of 1 for scrypt's initial -and final PBKDF2 stages. Hexadecimal or decimal values permitted, e.g. -**0x8000** , **10** , etc. Please note that this can dramatically increase the -calculation times. - -To decrypt file1, use: - -``` -./toplip -c 5 -i 0x8000 -d file3.encrypted > file1.decrypted -``` - -To decrypt file2, use: - -``` -./toplip -c 10 -i 10 -d file3.encrypted > file2.decrypted -``` - -To know more about the underlying technical information and crypto methods -used in toplip, refer its official website given at the end. - -My personal recommendation to all those who wants to protect their data. Don't -rely on single method. Always use more than one tools/methods to encrypt -files. Do not write passphrases/passwords in a paper and/or do not save them -in your local or cloud storage. Just memorize them and destroy the notes. If -you're poor at remembering passwords, consider to use any trustworthy password -managers. - -And, that's all. More good stuffs to come. Stay tuned! - -Cheers! - - - - --------------------------------------------------------------------------------- - -via: https://www.ostechnix.com/toplip-strong-file-encryption-decryption-cli-utility/ - -作者:[SK][a] -译者:[tomjlw](https://github.com/tomjlw) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.ostechnix.com/author/sk/ -[1]:https://www.ostechnix.com/cryptomator-open-source-client-side-encryption-tool-cloud/ -[2]:https://www.ostechnix.com/how-to-encrypt-your-personal-foldersdirectories-in-linux-mint-ubuntu-distros/ -[3]:https://www.ostechnix.com/cryptogo-easy-way-encrypt-password-protect-files/ -[4]:https://www.ostechnix.com/cryptr-simple-cli-utility-encrypt-decrypt-files/ -[5]:https://www.ostechnix.com/tomb-file-encryption-tool-protect-secret-files-linux/ -[6]:https://www.ostechnix.com/an-easy-way-to-encrypt-and-decrypt-files-from-commandline-in-linux/ -[7]:http://en.wikipedia.org/wiki/Advanced_Encryption_Standard -[8]:http://en.wikipedia.org/wiki/Scrypt -[9]:https://2ton.com.au/Products/ -[10]:https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-2.png%201366w,%20https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-2-300x157.png%20300w,%20https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-2-768x403.png%20768w,%20https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-2-1024x537.png%201024w -[11]:http://www.ostechnix.com/wp-content/uploads/2017/12/toplip-2.png -[12]:https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-1.png%20779w,%20https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-1-300x101.png%20300w,%20https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-1-768x257.png%20768w -[13]:http://www.ostechnix.com/wp-content/uploads/2017/12/toplip-1.png - diff --git a/translated/tech/20171212 Toplip – A Very Strong File Encryption And Decryption CLI Utility.md b/translated/tech/20171212 Toplip – A Very Strong File Encryption And Decryption CLI Utility.md new file mode 100644 index 0000000000..887718ec7d --- /dev/null +++ b/translated/tech/20171212 Toplip – A Very Strong File Encryption And Decryption CLI Utility.md @@ -0,0 +1,225 @@ +Toplip ——一款十分强大的文件加密解密 CLI 工具 +====== +在市场上有许多可获得的文档加密工具用来保护你的文件。我们已经介绍过其中一些例如 [**Cryptomater**][1],[**Cryptkeeper**][2],[**CryptGo**][3],[**Cryptr**][4],[**Tomb**][5],以及 [**GnuPG**][6] 等加密工具。今天我们将讨论另一款叫做 **“Toplip”** 的命令行文件加密解密工具。它是一款使用一种叫做 **[AES256][7]** 的强大加密方法的免费开源的加密工具。它同时也使用了 **XTS-AES** 设计以保护你的隐私数据。它还使用了 [**Scrypt**][8],一种基于密码的密钥生成函数来保护你的密码免于暴力破解。 + +### 优秀的特性 + +相比于其它文件加密工具,toplip 自带以下独特且杰出的特性。 + + * 非常强大的基于 XTS-AES256 的加密方法。 + * 可能性推诿。 + * 在图片(PNG/JPG)内加密文件。 + * 多重密码保护。 + * 简化的暴力破解保护。 + * 无可辨识的输出标记。 + * 开源/GPLv3。 + +### 安装 Toplip + +没有什么需要安装的。Toplip 是独立的可执行二进制文件。你所要做的仅是从 [**产品官方页面**][9] 下载最新版的 Toplip 并赋予它可执行权限。为此你只要运行: + +``` +chmod +x toplip +``` + +### 使用 + +如果你不带任何参数运行 toplip,你将看到帮助页面。 + +``` +./toplip +``` + +[![][10]][11] + +允许我给你展示一些例子。 + +为了达到指导目的,我建了两个文件 **file1** 和 **file2**。我同时也有 **toplip** 可执行二进制文件。我把它们全都保存进一个叫做 **test** 的目录。 + +[![][12]][13] + +**加密/解密单个文件** + +现在让我们加密 **file1**。为此,运行: + +``` +./toplip file1 > file1.encrypted +``` + +这行命令将让你输入密码。一旦你输入完密码,它就会加密 **file1** 的内容并将它们保存进你当前工作目录下一个叫做 “file1.encrypted” 的文件。 + +上述命令行的示例输出将会是这样: + +``` +This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip file1 Passphrase #1: generating keys...Done +Encrypting...Done +``` + +为了验证文件是否的确经过加密,试着打开它你会发现一些随机的字符。 + +为了解密加密过的文件,像以下这样使用 **-d** 参数: + +``` +./toplip -d file1.encrypted +``` + +这行命令会解密提供的文档并在终端窗口显示内容。 + +为了保存文档而不是写入标准输出,运行: + +``` +./toplip -d file1.encrypted > file1.decrypted +``` + +输入正确的密码解密文档。**file1.encrypted** 的所有内容将会存入一个叫做 **file1.decrypted** 的文档。 + +请不要用这种命名方法,我这样用仅仅是为了便于理解。使用其它难以预测的名字。 + +**加密/解密多个文件** + +现在我们将使用分别的两个密码加密每个文件。 + +``` +./toplip -alt file1 file2 > file3.encrypted +``` + +你会被要求为每个文件输入一个密码,使用不同的密码。 + +上述命令行的示例输出将会是这样: + +``` +This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip +**file2 Passphrase #1** : generating keys...Done +**file1 Passphrase #1** : generating keys...Done +Encrypting...Done +``` + +上述命令所做的是加密两个文件的内容并将它们保存进一个单独的叫做 **file3.encrypted** 的文件。在保存中分别给予各自的密码。比如说如果你提供 file1 的密码,toplip 将复原 file1。如果你提供 file2 的密码,toplip 将复原 file2。 + +每个 **toplip** 加密输出都可能包含最多至四个单独的文件,并且每个文件都建有各自独特的密码。由于加密输出放在一起的方式,以下判断出是否存在多个文档不是一件容易的事。默认情况下,甚至就算确实只有一个文件是由 toplip 加密,随机数据都会自动加上。如果多于一个文件被指定,每个都有自己的密码,那么你可以有选择性地独立解码每个文件,以此来否认其它文件存在的可能性。这能有效地使一个用户在可控的暴露风险下打开一个加密的捆绑文件包。并且对于敌人来说,在计算上没有一种低廉的办法来确认额外的秘密数据存在。这叫做 **可能性推诿**,是 toplip 著名的特性之一。 + +为了从 **file3.encrypted** 解码 **file1**,仅需输入: + +``` +./toplip -d file3.encrypted > file1.encrypted +``` + +你将会被要求输入 file1 的正确密码。 + +为了从 **file3.encrypted** 解码 **file2**,输入: + +``` +./toplip -d file3.encrypted > file2.encrypted +``` + +别忘了输入 file2 的正确密码。 + +**使用多重密码保护** + +这是我中意的另一个炫酷特性。在加密过程中我们可以为单个文件提供多重密码。这样可以保护密码免于暴力尝试。 + +``` +./toplip -c 2 file1 > file1.encrypted +``` + +这里,**-c 2** 代表两个不同的密码。上述命令行的示例输出将会是这样: + +``` +This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip +**file1 Passphrase #1:** generating keys...Done +**file1 Passphrase #2:** generating keys...Done +Encrypting...Done +``` + +正如你在上述示例中所看到的,toplip 要求我输入两个密码。请注意你必须**提供两个不同的密码**,而不是提供两遍同一个密码。 + +为了解码这个文件,这样做: + +``` +$ ./toplip -c 2 -d file1.encrypted > file1.decrypted +This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip +**file1.encrypted Passphrase #1:** generating keys...Done +**file1.encrypted Passphrase #2:** generating keys...Done +Decrypting...Done +``` + +**将文件藏在图片中** + +将一个文件,消息,图片或视频藏在另一个文件里的方法叫做**隐写术**。幸运的是 toplip 默认包含这个特性。 + +为了将文件藏入图片中,像如下所示的样子使用 **-m** 参数。 + +``` +$ ./toplip -m image.png file1 > image1.png +This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip +file1 Passphrase #1: generating keys...Done +Encrypting...Done +``` + +这行命令将 file1 的内容藏入一张叫做 image1.png 的图片中。 +为了解码,运行: + +``` +$ ./toplip -d image1.png > file1.decrypted This is toplip v1.20 (C) 2015, 2016 2 Ton Digital. Author: Jeff Marrison A showcase piece for the HeavyThing library. Commercial support available Proudly made in Cooroy, Australia. More info: https://2ton.com.au/toplip +image1.png Passphrase #1: generating keys...Done +Decrypting...Done +``` + +**增加密码复杂度** + +为了进一步使文件变得难以破译,我们可以像以下这样增加密码复杂度: + +``` +./toplip -c 5 -i 0x8000 -alt file1 -c 10 -i 10 file2 > file3.encrypted +``` + +上述命令将会要求你为 file1 输入十条密码,为 file2 输入五条密码,并将它们存入单个叫做 “file3.encrypted” 的文件。如你所注意到的,我们在这个例子中又用了另一个 **-i** 参数。这是用来指定密钥生成循环次数。这个选项覆盖了 scrypt 函数初始和最终 PBKDF2 阶段的默认循环次数1。十六进制和十进制数值都是允许的。比如说 **0x8000**,**10**等。请注意这会大大增加计算次数。 + +为了解码 file1,使用: + +``` +./toplip -c 5 -i 0x8000 -d file3.encrypted > file1.decrypted +``` + +为了解码 file2,使用: + +``` +./toplip -c 10 -i 10 -d file3.encrypted > file2.decrypted +``` + +参考在文章结尾给出的 toplip 官网以了解更多关于其背后的技术信息和使用的加密方式。 + +我个人对所有想要保护自己数据的人的建议是,别依赖单一的方法。总是使用多种工具/方法来加密文件。不要在纸上写下密码也不要将密码存入本地或云。记住密码,阅后即焚。如果你记不住,考虑使用任何了信赖的密码管理器。 + +今天就到此为止了,更多好东西后续推出,请保持关注。 + +欢呼吧! + + + + +-------------------------------------------------------------------------------- + +via: https://www.ostechnix.com/toplip-strong-file-encryption-decryption-cli-utility/ + +作者:[SK][a] +译者:[tomjlw](https://github.com/tomjlw) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.ostechnix.com/author/sk/ +[1]:https://www.ostechnix.com/cryptomator-open-source-client-side-encryption-tool-cloud/ +[2]:https://www.ostechnix.com/how-to-encrypt-your-personal-foldersdirectories-in-linux-mint-ubuntu-distros/ +[3]:https://www.ostechnix.com/cryptogo-easy-way-encrypt-password-protect-files/ +[4]:https://www.ostechnix.com/cryptr-simple-cli-utility-encrypt-decrypt-files/ +[5]:https://www.ostechnix.com/tomb-file-encryption-tool-protect-secret-files-linux/ +[6]:https://www.ostechnix.com/an-easy-way-to-encrypt-and-decrypt-files-from-commandline-in-linux/ +[7]:http://en.wikipedia.org/wiki/Advanced_Encryption_Standard +[8]:http://en.wikipedia.org/wiki/Scrypt +[9]:https://2ton.com.au/Products/ +[10]:https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-2.png%201366w,%20https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-2-300x157.png%20300w,%20https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-2-768x403.png%20768w,%20https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-2-1024x537.png%201024w +[11]:http://www.ostechnix.com/wp-content/uploads/2017/12/toplip-2.png +[12]:https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-1.png%20779w,%20https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-1-300x101.png%20300w,%20https://www.ostechnix.com/wp-content/uploads/2017/12/toplip-1-768x257.png%20768w +[13]:http://www.ostechnix.com/wp-content/uploads/2017/12/toplip-1.png +