Poni (stylized poni) is a file/stream encryption software meant to aid in the symmetric encryption of files, messages, and anything that can come through the standard input. This software is largely untested and no warranty is made about its security. Using this software is to be done at your own risk. This is not to say that the code is unsafe or that the primitives that it relies on are insecure but rather that this specific repository has not been audited by anyone with the qualifications to do so.
Poni aims to protect your personal information using strong symmetric encryption in the form of AES-256 in GCM mode providing both message encryption and authentication in one go. This means that your ciphertext cannot be tampered with without failing the authentication check. Data integrity is important which is why it is not enough to encrypt alone. To this end poni bakes in authenticated encryption.
To make things easier on the end user poni includes a keygen which can both create a new key from a password or a passphrase or rederive a key from a known passphrase and salt. The keygen function leverages the scrypt key derivation function with an N-factor of 131,072 to derive a strong, secure key from a password or passphrase. Poni enforces a minimum password/passphrase length of 10 characters to provide the strongest keys possible.
Poni currently supports the following commands, though more are planned for the future:
- encrypt
- decrypt
- keygen
- keyexchange
Each of these commands have their own respective usages which can be accessed through the -h flag for each.
This command provides message, file, and stdin encryption using a pre-generated key. The key can be generated using the keygen command.
poni encrypt -k <key> [-p <messag