/[mcrypt]/libmcrypt-nm/doc/README.mcrypt
ViewVC logotype

Contents of /libmcrypt-nm/doc/README.mcrypt

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.1.1.1 - (show annotations) (vendor branch)
Mon May 22 13:09:18 2000 UTC (23 years, 10 months ago) by nmav
Branch: MAIN, mcrypt
CVS Tags: start, HEAD
Changes since 1.1: +0 -0 lines

1 This is the old documentation of mcrypt 2.1. Refer to the program for
2 a more accurate and up to date documentation.
3
4
5 MINI-crypt v2.1
6
7 Mcrypt is a simple crypting program, a replacement for the old unix crypt(1).
8 Mcrypt uses the symmetric algorithms:
9
10 DES:
11 The traditional DES algorithm designed by IBM and NSA. Uses 56 bit key
12 and 64 bit block.
13 Written 12 Dec 1986 by Phil Karn, KA9Q; large sections adapted from
14 the 1977 public-domain program by Jim Gillogly
15 Modified for additional speed - 6 December 1988 Phil Karn
16 Modified for parameterized key schedules - Jan 1991 Phil Karn
17 I extracted this from the modified version for linux by Chris Cappucio
18 (chris@g386bsd.first.gmd.de).
19
20 3DES or Triple DES:
21 DES but with multiple (triple) encryption. It encrypts the plaintext
22 once, then decrypts it with the second key, and encrypts it again with
23 the third key (outer cbc mode used for cbc). Those keys(56bit each) are expanded
24 from the given key.
25 Much better than traditional DES since the key is now 56*3 bits,
26 or in the worst case the size of the minimum key.
27 Keys should be over 12 characters long (strongly recomended 24).
28
29 CAST:
30 CAST was designed in Canada by Carlisle Adams and Stafford Tavares.
31 The original algorithm used a 64bit key and block. The algorithm
32 here is CAST-128 which uses a 128bit key and 64bit block.
33 Written by Steve Reid <sreid@sea-to-sky.net>, and placed in Public Domain.
34 Released in 1997.10.11.
35
36 TEA:
37 TEA stands for the Tiny Encryption Algorithm. It is a feistel cipher
38 designed by David Wheeler & Roger M. Needham (extended version).
39 Uses a 128bit key and 64bit block.
40
41 SAFER:
42 (Secure And Fast Encryption Routine) is a block cipher developed
43 by Prof. J.L. Massey at the Swiss Federal Institute of Technology.
44 There exist four versions of this algorithm, namely:
45 SAFER K-64, SAFER K-128, SAFER SK-64 and SAFER SK-128.
46 The numerals 64 and 128 stand for the length of the user-selected
47 key, 'K' stands for the original key schedule and 'SK' stands for the
48 strengthened key schedule (in which some of the "weaknesses" of the
49 original key schedule have been removed). In mcrypt only SAFER SK-64 and
50 SAFER SK-128 are used.
51
52 UNIX crypt:
53 A one-rotor machine designed along the lines of Enigma but considerable
54 trivialized. Very easy to break for a skilled cryptanalist. I suggest not
55 to use it. The code used here is from the public domain program called Crypt
56 Breakers Workbench (cbw).
57
58 3-WAY:
59 The 3way algorithm designed by Joan Daemen. It uses a 96bit size
60 key and block. This is the C specification of the algorithm found
61 in ftp.funet.fi/pub/crypt/cryptography/symmetric.
62
63 BLOWFISH:
64 The Blowfish algorithm designed by Bruce Schneier. It is better and faster
65 than DES. It uses a (non-fixed) key up to 448 bits or 56 characters. This
66 is the only algorithm that allows keys of different sizes below 448 bits (without
67 being padded with zeros).
68 This algorith is implemented according to the code in the designer's book
69 'Applied Cryptography'.
70 (This is the default algorithm)
71
72 TWOFISH:
73 Twofish was designed by Counterpane systems. Intended to be highly secure
74 and highly flexible. It is well suited for large microprocessors, 8-bit
75 smart card microprocessors, and dedicated hardware. Uses a 128bit block
76 and 128bit key.
77
78 GOST:
79 A former soviet union's algorithm. An acronym for "Gosudarstvennyi Standard"
80 or Government Standard. It uses a 256 bit key and a 64 bit block.
81 The S-boxes used here are described in the Applied Cryptography book
82 by Bruce Schneier. They were used in an application for the Central Bank
83 of the Russian Federation.
84 Some quotes from gost.c:
85 The standard is written by A. Zabotin (project leader), G.P. Glazkov,
86 and V.B. Isaeva. It was accepted and introduced into use by the
87 action of the State Standards Committee of the USSR on 2 June 89 as
88 No. 1409. It was to be reviewed in 1993, but whether anyone wishes
89 to take on this obligation from the USSR is questionable.
90 This code is based on the 25 Movember 1993 draft translation
91 by Aleksandr Malchik, with Whitfield Diffie, of the Government
92 Standard of the U.S.S.R. GOST 28149-89, "Cryptographic Transformation
93 Algorithm", effective 1 July 1990. (Whitfield.Diffie@eng.sun.com)
94 Some details have been cleared up by the paper "Soviet Encryption
95 Algorithm" by Josef Pieprzyk and Leonid Tombak of the University
96 of Wollongong, New South Wales. (josef/leo@cs.adfa.oz.au)
97
98
99 When one of these algorithms is specified, The program prompts something like:
100 (for DES) Enter key (8 chars): ...
101 This is the number of characters that should be used as a key. If a string
102 with less than 8 characters is given, it is padded with zeros.
103 If a string with more than 8 characters is given only the first 8 are read.
104 Only the blowfish algorithm (56 chars) allows keys that are less than
105 56 (448 bits) characters.
106 GOST, DES, 3DES, SAFER and 3-WAY require the key to be exactly the number of
107 their key bytes. If a key of less bytes is specified it is padded with zeros
108 (Do not even try, it would be better to leave it unencrypted).
109
110 * Warning: Keep in mind that the characters on your keyboard are 7bit only.
111 So by default this program will ignore the first bit(msb) of the characters
112 of your input (one problem with the 7bit mode is that some bits of the last character typed
113 may be ignored, but I don't think that this is too critical). Use the parameter --8bit or
114 -8 to use 8bit input.
115
116 ---
117 All the above algorithms support three modes of encryption:
118
119 ECB:
120 The Electronic CodeBook mode. It is the simplest mode to use with a
121 block cipher. It encrypts each block independently. (I do not recommend
122 using it)
123
124 .B CFB:
125 The Cipher-Feedback Mode (in 8bit). This is a something like
126 a stream cipher implemented from a block cipher. Encrypts one
127 character (8bits) a time.
128
129 CBC:
130 The Cipher Block Chaining mode. It is better than ECB since the plaintext
131 is XOR'ed with the previous ciphertext. A random block is placed as the
132 first block so the same block or messages always encrypts to something
133 different. (This is the default mode)
134 ---
135
136 For better results(safety of your data) compress the plaintext before
137 encryption.
138
139
140 Nikos Mavroyanopoulos
141 nmav@i-net.paiko.gr
142 nmav@hellug.gr
143
144 Look at COPYING for license information and the individual files for more
145 information. COPYING applies only for the mcrypt program and not the
146 algorithms which most of them are public domain. COPYING.LIB applies to the
147 files in lib/ directory. If you want to test the algorithm's implementation
148 and integrity you can use the cipher.c in the tests/ directory. Do a
149 'make cipher' in the same directory.
150
151 Updated versions of mcrypt can be found at:
152 ftp://argeas.cs-net.gr/pub/unix/mcrypt
153
154 An rpm version of mcrypt for linux can be found at:
155 ftp://ftp.fazekas.hu/pub/linux/rpms
156 Maintained by Koblinger Egmont <egmont@fazekas.hu>

webmaster@linux.gr
ViewVC Help
Powered by ViewVC 1.1.26