
                                 PGP Pipe

                            by Daniel Kroening
                          kroening@handshake.de


1. Description
--------------

   PGP Pipe allows encrypting a data stream of arbitrary length with the
   IDEA chipher from PGP. It is fast and usefull for backups on tapes or
   across the network.

   pgp pipe should compile under all types of Unix machines (personally
   tested on Linux/Intel). The encrypted files should be transferable
   between different machines without problems.

   Homepage: http://www.handshake.de/user/kroening/pgppipe/


2. Installation
---------------

   To prevent that this program is considered "strong cryptography", the
   encryption routines are NOT included, so you have to get the PGP source
   to compile it.

   Once you have downloaded PGP, correct the Makefile to make "PGP" point
   to the source directory of PGP.

   After that, just type "make" and you are done.


3. Usage Examples
-----------------

   Encrypt a small file named "secret" with password "ABC DEF" and store
   it on a disk:

     pgppipe -e "ABC DEF" < secret > /floppy/secret

   Tar, GZip & Encrypt a whole directory:

     tar cf - /directory | gzip -9 | pgppipe -e "ABC DEF" > /secret.tgz.enc

   Decrypt, decompress and untar it again:
   
     pgppipe -d "ABC DEF" < /secret.tgz | gunzip | tar xf -     

   You can add a pgppipe script to you /etc/inetd.conf to make central,
   encrypted backups. The point is that you do not have to trust the network
   or the backup host (or the person who stores the tapes...) since they all
   will get encrypted data only.


4. Security
-----------

   The encryption is purely symmetric and only depends on a password given
   on the command line. Thus, the encryption has to be considered weak
   unless reasonable passwords are used.

   In general, passwords which are good as PGP pass phrase are also good for
   pgp pipe. There are numerous FAQs on how to choose a good pass phrase. 
   Since the encryption is purely deterministic, you should never use the
   same password twice.

