Does anyone has any encrypt/decrypt routine i can use on one command line program? I'm actually using a simple XOR funtion, but i would like to use something more secure. Something 256bits strong.

Get a Rijndael (AES) component from http://www.crypto-central.com/html/main.html .

that could be, but i prefer with (free) source ... and is it encrypt/decryp?

That link was only to demonstrate the usage of Google to find stuff like that. I haven't ever even used that piece of software and I can only suggest you to do some searching.

i have been searching, but couldn't find ... i know google and use it all the time ... but the info returned is more complex than i want to look at ...

Check this out: http://www.scramdisk.clara.net/d_crypto.html

I recommend using BlowFish.

great, thanks.

I'd use AES (Rijndael) because it is the only publically avilable algorhitm which has been approved by the US government to be used for "TOP SECRET" material.

http://www.cnss.gov/Assets/pdf/cnssp_15_fs.pdf

Well, from another point of view, Blowfish is an older algorithm that has been much more throughly scrutinized and nobody ever found a hole in it.

Also, it's strange, I remember reading somewhere that Rijndael was to be used for "Classified" and "Confidential" information. The algorithms used for "Secret" and "Top Secret" would be themselves secret (which makes more sense, IMO). I guess its clearance changed over time as they convinced themselves it's really secure.

No matter what, both algorithms should be more than enough for all purposes other than insanely confidential information, like nuclear bomb plans.


Edit: ah, this article casts more light on this issue:
http://www.financialcryptography.com/mt/archives/000113.html

Available here: schneier.com

From the same guy there is his AES submission "Twofish"

Heh, from using a XOR to a 256-bit key secure algorithm goes a really large step.

As for the algorithms, I do favor AES (Rijndael) for several reasons. First off, unlike DES, it wasn't "changed" by NSA, so the suspicions about them being able to break it easily are low. It is also very fast (it was the fastest of the 5 last candidates for the AES, along with RC6, by RSA). Sure, it is not as fast as Blowfish, which was designed specifically for 32-bit machines, but is very fast indeed. And the fact that NSA itself investigated deeply Rijndael and didn't found any weaknesses is important here (actually, both MARS, SERPENT and TwoFish were considered "very" secure, according to the 2nd AES conference. But the obvious advantages of Rijndael overall, which was "adequately secure" made it reach AES).

It is true though, that no weaknesses on Blowfish were found, but I personally think it is time to move on to more advanced algorithms.

Anyway, what are you using the algorithm for? I mean, a XOR is enough if you want your brother not to sneak on your files, but if there's the need to have security, I'd go with AES.

I could go with AES or Blowfish, the one that has a function like

Function Blowfish(Text, Password): Text

Function AES(Text, Password): Text

ready to use would win

Actually you won't find anything more secure than XOR so long as you have random keys and never reuse them. The inconvenience is that the keys are as long as the files you want to protect.

Does it have to be Delphi? I mean, could you use an ActiveX DLL for example (with VB souce code)?

Yeah, well, this implementation by Dr. Brian Gladman is quite good.

Heh, using a one-time pad is a bit unconfortable to use

If interested, here's a VB implementation fixed by me: http://planet-source-code.com/vb/scripts/S...=48770&lngWId=1

I also have BlowFish and TwoFish if interested.