Sinner Computing Our Sin is to reject bloated software!

CryptIt - XOR File Encrypter

Version 1.445 KB Download / 150 KB Installed
11 Feb 08

2K / XP / 03 / Vista

Return to the main page

CryptIt - File EnCrypter

Version 1.4
5 Feb 08


Program Info

Most file encryptors use methods that rely on the theory of computational security, that is the difficulty of key factorisation prevents decryption of the file. But this method may not work forever. It used to be considered that a 56 bit key was unbreakable to brute force attacks, but the government of the USA now requires all Top Secret data to use keys of at least 192 bits. This bar will keep raising as computing power increases. (It is argued by some though that this will never happen due to the laws of physics!) CryptIt is designed to use conventional XOR encryption on keys that are the same size as the file to be encrypted. Furthermore, if you use an unpredictable file that is the same size (or larger) than the original file and you use this file only once, this is known as a one-time pad and it is completely unbreakable, even to computers 1000 years from now. This is because there is no algorithm at all, just a big key, and thus there is no pattern to follow once you have decrypted any part of the file. Thus attempts to decrypt it could result in any file, and there would be no way to verify that it has decrypted correctly. CryptIt can also has some convenience features such as being able to automatically use pad files generated by our program GigAlarm, generate key files (from a stream cipher and thus not best for OTP usage) and also analyse the suitability of your chosen key file.

CryptIt also has a ability to use removable media (USB drives, CDs, floppies) as a key code book, further increasing the security and convenience of the method. If your needs are more simpler then you can also use a word (string), but the advantages of the XOR method are lost then. Descriptions can be stored within the encrypted file, as well as the file name of the code. Command line operation is also supported.


Command Line Options
Notes on XOR encryption methods
Programmers Notes
System Impact Statement
Licence and Registration


Run "Setup.exe" and follow the instructions. To remove CryptIt, use the "Add/Remove Programs" option in the Control Panel. CryptIt stores all its data files in the designated application data area, often "C:\Documents and Settings\USERNAME\Application Data\ACAPsoft\CryptIt". If you would prefer that it saves in the same directory as CryptIt either run the program from a removable drive, such as a floppy of a USB drive, or delete the "DefSet.txt" file from the CryptIt directory.


EnCrypting Files

To EnCrypt a file, first select the file to be encrypted by either browsing for it, by pressing the "Choose" button, or by dragging a file onto the CryptIt Window. Any file is acceptable providing it is less than 4GB and doesn't have the file extension of "cpt". Depending on your needs either use the XOR mode (more secure) or the Classic mode (more options).

Now you select the EnCryption method. The best option is either "File" or "Drive". ("Drive" mode requires additional preparation. See below for further details.) This enables you to use another file to encrypt the source. CryptIt can make this file for you if you press the "Create" button, or you can use your own. (It is better to use your own if you have a good file to use.) You can also get CryptIt's rating of the file by pressing the "Analyse" button. To select the file wanted you must use the "Choose" button next to the edit box. You can also choose a large file, but not use it all. To do this you simply enter in a lower number in the "Use XXX Bytes" window. If not using XOR mode, to make DeCryption easier you can also have CryptIt save the name of the code file by selecting "Save File Name". However, if you want a password style encryption then the "String" option is probably more convenient. Simply enter in your chosen word(s) into the edit box. In this case CryptIt will repeat the string until it is at least 32 bytes (256 bits) long. ("String" mode is not very secure.)

Next you select where the output files will go, the default being the same folder as the source. Change this if you prefer something else, but make sure that there is no new directory in your selection. (I.e. New directories will NOT be created.) You can select it by using the "Choose" button, or by dragging a directory onto the "CryptIt" window. There is also buttons to reset the output, to add a folder the same name as the file to the path, or to change the output directory to the desktop.

If you want, you can add a comment as well that will be displayed prior to the file being EnCrypted. In Classic mode, simply tick "Use" in the "Description" box and type it in. This can be a maximum of 300 characters and the comment is not Encrypted. (Thus you could make the comment a question to help you remember the Encryption String or file.)

It is extremely important to note that the file is Encrypted, not password locked. The difference being that there is no storing of the code itself anywhere - the whole file is mathematically scrambled based on what you enter/select. If you forget/lose the Encryption String/File there is no easy way to decrypt the file. (I.e. We cannot help!)

Once you are ready, press the "Go CryptIt!" button and the file will be encrypted. If in Classic mode the the file name extension will be replaced with "cpt" and in XOR mode "XOR" will be added to the start of the file name.

As an additional feature, CryptIt can be set to be an On Top window. Simply Right Click on the title bar and select "On Top Toggle".

DeCrypting files

If using XOR mode is encryption is exactly the same as decryption.

Double click the EnCrypted file and CryptIt will load. (Alternatively you can load CryptIt, and the select the file using the "Choose" button or by "dragging" it.) The comment, if any, will be in the comment box and you can then select the directory that you want the file to be created in. If the file was EnCrypted using the "String" method then you simply enter in your chosen string. Alternately, if the "File" method was chosen then you must ensure that the correct file name is in the file edit box. If "Save File Name" was selected then there should be a file name in the box, but that does not mean that the file was found. To determine this, look to see if the "Save File Name" box is checked. If it is then you are ready to DeCrypt, otherwise CryptIt could not find the file in the given path, but you can still use the File Name as a guide.

(It is possible to EnCrypt a file using a String, and DeCrypt it using a File, and vice-versa, but they must be exactly the same and both must be greater than 32 bytes.)

Last of all you press the "Go DeCrypt!" button and the original file is DeCrypted into your chosen output folder.

Below is further explanation of some of CryptIt controls.

File to EnCrypt/DeCrypt This is the file for CryptIt to process. You can select it via the "Choose" button or by dragging a file to the window.
Mode Selects either the XOR or the Classic mode. In Classic mode the filetype is changed to "cpt" and you have extras features like the description option. XOR mode simply processes the file and creates a new file of the same name with "XOR" in front. The XOR mode is more secure simply because it is hard to tell has been done to the file. A person who comes across a XORed file might think the file is corrupted and ignore it, while a search for a "cpt" file might result in CryptIt. (This is Security by Obscurity.)
Description When using Classic mode you can use this field.
Drive/File/String Selects the key file source. String is only available in Classic mode. Drive mode is further explained below.
Analyse Asks CryptIt for a rating (Excellent/Good/OK/Bad/Very Bad) of your selected key file. Files get penalties for being smaller than the source file, having repetition of bytes (especially null bytes) and for not having a good spread of numbers. It needs to be stressed that this routine is just a simple check, designed to help the user determine if a file should be used or not. It does not use any official test for randomness, and it does have some flaws, such as a random 1 MB file repeated 50 times will be seen as a good key file for a 20 MB source, while the same 1 MB file by itself will not be. (Testing files for repetitions like that takes too long.) In short, this test is not for checking cypher streams, it is more for testing existing files for potential key usage. (Cipher streams will almost always be rated as Excellent, even if they are predictable, and thus insecure.) Please read here for more details.
Create Creates a key file of suitable size and saves it in the output directory. If you have any method that produces a random file then you should use it in preference to this built in one. While this function will produce acceptable files that will be different most of the time, they are still a stream cipher made using the same algorithm (RC4) and thus are more predictable than a method chosen by the user. Using this feature makes CryptIt little better than normal password based encryption.
KeyStore Our program GigAlarm has a built in pad file generator which makes files based on the variance between the CPU clock and the system clock. This function allows the output of this function to be used easily. Simply press the KeyStore button, and if there is enough data a key of the right size will be generated, moved to the desktop and the data removed from the KeyStore. Please note that this function in most cases is only suitable for smaller messages of under 100KB due to the speed of GigAlarm's generator.
Output Destination This is where the XORed/encrypted file goes. It will by default be the same directory as the source, but this can be changed.

Drive Mode

CryptIt when used with removal media becomes easier and more secure. However, it does involve more preparation, thus this explanation is separate from the rest. To use CryptIt in this mode you must include in the root directory of the media a file by the name of  "KeyRing.txt". There is an example file in the CryptIt directory, but in short it is a text file consisting of a line of a name, and then a file name. Below is an example of this.

#The line below tells CryptIt the maximum files that it should allow for. The default without this line is 10
#First you list a name for the file
Code A
#... then the file name
Code B
Ultra Secret
#There must be a new line at the end. Enjoy!

If CryptIt recognizes your file then you will be able to select what drive and then what filename you want to use. After this you simply use CryptIt as normal.

Command Line Options

It is also possible to use CryptIt with command line functions. Four switches control the operation in this mode.

/iInput File
/oOutput directory (Not required if using same directory)
/fFile to use as encryption key
/sWord/String for encryption key (Must be one word)


"C:\Program Files\CryptIt\CryptIt.exe" /i=c:\EnemyList.xls /s=secretcode

Encrypts "EnemyList.xls" to the same directory using the word "secretcode" as the key

"C:\Program Files\CryptIt\CryptIt.exe" /i=c:\EnemyList.xls /o=c:\Love /s=secretcode

Decrypts "EnemyList.xls" to the directory "c:\Love" using the word "secretcode" as the key

"C:\Program Files\CryptIt\CryptIt.exe" /i=c:\EnemyList.xls /f=c:\Heart.txt

Encrypts "EnemyList.xls" to the same directory using the file "Heart.txt" as the key

Notes on XOR encryption methods

Any encryption is breakable... except if you use an unpredictable key file that is equal or larger than the file itself and you use it once only. When keys are used like this it is known as a One-Time Pad encryption. One-Time Pad encryption is un-breakable because it is just as likely that the file anything other than the original file. Attempts to decrypt it could result in any file, and there would be no way to verify that it has decrypted correctly. If you use the key again then there is a chance that a hacker could use parts common to both and partially extract the key, and then be able to partially extract the original files. This is extremely hard with only two files, but if you used the same key on varied files for 10+ times and you then lost all of these files then there is a decent chance that someone with sufficient time, motivation and skill could extract most of the key. (Less biased and better explained details can be found on Wikipedia and Here.) The key also cannot be any form of a stream cipher as this negates most of the advantages of the method. This is because once any part of a stream cipher encrypted file is decrypted, it is possible to then decrypt the rest of the file given sufficient skill and processing power. However, if a non-stream cipher is used then even if some part of the file is decrypted, that does not mean the whole file is compromised.

(The Blum Blum Shub pseudorandom number generator generator is one of the current exceptions to this rule, as while it is believed to be possible to reverse a stream from it, there are no cases of it actually happening.)

Unpredictable keys are hard to generate, and it is even harder to be sure that they are actually unpredictable. Some scientists believe that even radioactive decay follows predictable patterns. If you are using CryptIt for small messages you could seriously consider generating your own the old fashion way (picking letters out of a hat) but this method is not practical for large files. When designing these programs we initially felt that people making/finding their own unique keys was part of the security, but in hindsight, this concept was wrong. It is too hard for many people to do this, even if they do understand the concepts of what makes a good key. For this reason we have written our own and included it in our program GigAlarm which makes files based on the variance between the CPU clock and the system clock. The results from the CPU clock function have been excellent when tested using ent, a well respected random file tester.

In short, CryptIt encrypts files by logically applying "Exclusive Or" to each byte, using the Key file/string. The key needs to be unpredictable and not contain repetitions, especially of "nulls", to be secure. The weakness of the method is that you need to have a way of distributing the keys as well if you want to send an encrypted message. If you have a secure method of transporting the keys (one user gives CDs full of keys and then encrypts his EMails) then the method works well. Otherwise it is best used for encrypting personal data where there is no need to transport the key.

OTP encryption is often dismissed as "Snake Oil". This is largely because of a few software companies using stream ciphers and claiming that it is a OTP and thus unbreakable. CryptIt and XorIt are not like that. We do not use any secret algorithm, the only formula in CryptIt and XorIt is "XOR" itself. Nor do we provide raw key material, claim that the OTP does not need to be transferred or that it is easy to use. Please do not group us in this category. If you want easy and secure encryption, use any other method. If you want unbreakable encryption, try CryptIt or XorIt.

Programmers Notes

Aside from a general revision, the main purpose of this version is the addition of the KeyStore. This allows easy usage of the Pad files that GigAlarm can generate. Next version I plan to expand on this.

CryptIt is programmed using MASM32 assembly language and has been tested on Win2000, WinXP and Vista. I no longer support Win9x or pre-Windows 2000 NT on new releases. Maintaining support for 9x has been preventing me using several new OS features for a while. Please note that we used to be known as "Sinner Computing".

System Impact Statement

We go to great lengths to reduce system impact, but we feel that it is still important to explain here what our programs do to your system. If you feel we are missing something, or you need further clarification, please contact us.

RegistryCryptIt uses the registry to set it as the .cpt file handler. The installer that comes with CryptIt uses the registry only for the required un-installation data, and not at all if you use the "Extract Only" mode or if you install as a low privilege user.
System SettingsCryptIt will set it as the .cpt file handler.
FilesAll of its program files are stored in the chosen installation directory, and all of its data files are stored in the designated application data area, often "C:\Documents and Settings\USERNAME\Application Data\ACAPsoft\CryptIt". If you would prefer that it saves in the same directory as CryptIt either run the program from a removable drive, such as a floppy of a USB drive, or delete the "DefSet.txt" file from the CryptIt directory. These directories can be opened via the About box.
NetworkCryptIt and its installer do not access the internet in any way, but the ReadMe does have three graphic files that are stored on the internet. (They are not used as web-beacons, merely spacers and images for the payment processors.)
CPUCryptIt can be very demanding on the CPU when encrypting.
MemoryCryptIt needs around 50 MB while encrypting.


1.00Initial Version
1.10Command line operation
1.20Pure Vernam mode, Drive Mode and speed enhancements
1.21On Top Toggle
1.3Create and Analyse Key functions, Interface tweaks.
1.4KeyStore, interface and speed tweaks.

Licence and Registration

Permission is given to evaluate CryptIt for a period of 30 days. After this time you are required to either register or remove CryptIt. Permission is given for all forms of distribution, including CD compilations and Websites, providing the ZIP file is unaltered and it is made clear that CryptIt is a Shareware program and that registration is required for continued usage. CryptIt can be registered using PayPal, Reg.Net or Mail. For details on the terms of our licences and of our Buy-Three-Get-All policy please refer to the payments page.

CryptIt is a copyrighted work and thus permission is not given for you to decompile, disassemble, modify, translate, enhance or create derivative works from this program. If you feel that you need to do any of those actions, and that those rules do not apply to you, contact us first.

Single User
PayPal $8.00 USD
Reg.Net $8.50 USD Bulk deals are also available here. Buy Now at Reg.Net
Mail, Cash $8.00 USD or $10 AUDPostal details in About box
Mail, Australian Cheque $10 AUD
Mail, Non-Australian Cheque $15.00 USD
PayPal $100 USD
Reg.Net $100 USD Buy Now at Reg.Net
Mail, Cash or Cheque $100 USD or $120 AUDPostal details in About box


ACAPsoft accepts no liability for this software to the maximum extent allowable by law. Installing this software is the decision of the installer, and signifies that you agree with this liability statement. Thus, any damage/loss caused by the use of this software is not in any way the responsibility of ACAPsoft. This includes, but is not limited to, physical damage and loss of income/time. In no event shall the maximum liability of ACAPsoft exceed the registration fee paid by the user, if any. Because some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, in such jurisdictions the liability of ACAPsoft shall be limited to the extent permitted by law. If at any time you do not find these conditions agreeable you are required to remove this software.


Advice/insults (on the subject of the program, not the programmer) are always welcome. To help users keep up to date we send out newsletters whenever there is a major new version of CryptIt. To join this list simply send an EMail with "CryptADD" in the subject. To be removed from this list, write an EMail with "CryptREMOVE" in the subject. (ACAPsoft does not sell your EMail address or any other personal information to anyone.) In addition, we have a RSS feed that is updated whenever there is a new version of any program.

RSS Feed

© Copyright 2017 Sinner Computing. All Rights Reserved. • PrivacyContact