1 |
This is the old documentation of mcrypt 2.1. Refer to the program for |
2 |
a more accurate and up to date documentation. |
3 |
|
4 |
|
5 |
MINI-crypt v2.1 |
6 |
|
7 |
Mcrypt is a simple crypting program, a replacement for the old unix crypt(1). |
8 |
Mcrypt uses the symmetric algorithms: |
9 |
|
10 |
DES: |
11 |
The traditional DES algorithm designed by IBM and NSA. Uses 56 bit key |
12 |
and 64 bit block. |
13 |
Written 12 Dec 1986 by Phil Karn, KA9Q; large sections adapted from |
14 |
the 1977 public-domain program by Jim Gillogly |
15 |
Modified for additional speed - 6 December 1988 Phil Karn |
16 |
Modified for parameterized key schedules - Jan 1991 Phil Karn |
17 |
I extracted this from the modified version for linux by Chris Cappucio |
18 |
(chris@g386bsd.first.gmd.de). |
19 |
|
20 |
3DES or Triple DES: |
21 |
DES but with multiple (triple) encryption. It encrypts the plaintext |
22 |
once, then decrypts it with the second key, and encrypts it again with |
23 |
the third key (outer cbc mode used for cbc). Those keys(56bit each) are expanded |
24 |
from the given key. |
25 |
Much better than traditional DES since the key is now 56*3 bits, |
26 |
or in the worst case the size of the minimum key. |
27 |
Keys should be over 12 characters long (strongly recomended 24). |
28 |
|
29 |
CAST: |
30 |
CAST was designed in Canada by Carlisle Adams and Stafford Tavares. |
31 |
The original algorithm used a 64bit key and block. The algorithm |
32 |
here is CAST-128 which uses a 128bit key and 64bit block. |
33 |
Written by Steve Reid <sreid@sea-to-sky.net>, and placed in Public Domain. |
34 |
Released in 1997.10.11. |
35 |
|
36 |
TEA: |
37 |
TEA stands for the Tiny Encryption Algorithm. It is a feistel cipher |
38 |
designed by David Wheeler & Roger M. Needham (extended version). |
39 |
Uses a 128bit key and 64bit block. |
40 |
|
41 |
SAFER: |
42 |
(Secure And Fast Encryption Routine) is a block cipher developed |
43 |
by Prof. J.L. Massey at the Swiss Federal Institute of Technology. |
44 |
There exist four versions of this algorithm, namely: |
45 |
SAFER K-64, SAFER K-128, SAFER SK-64 and SAFER SK-128. |
46 |
The numerals 64 and 128 stand for the length of the user-selected |
47 |
key, 'K' stands for the original key schedule and 'SK' stands for the |
48 |
strengthened key schedule (in which some of the "weaknesses" of the |
49 |
original key schedule have been removed). In mcrypt only SAFER SK-64 and |
50 |
SAFER SK-128 are used. |
51 |
|
52 |
UNIX crypt: |
53 |
A one-rotor machine designed along the lines of Enigma but considerable |
54 |
trivialized. Very easy to break for a skilled cryptanalist. I suggest not |
55 |
to use it. The code used here is from the public domain program called Crypt |
56 |
Breakers Workbench (cbw). |
57 |
|
58 |
3-WAY: |
59 |
The 3way algorithm designed by Joan Daemen. It uses a 96bit size |
60 |
key and block. This is the C specification of the algorithm found |
61 |
in ftp.funet.fi/pub/crypt/cryptography/symmetric. |
62 |
|
63 |
BLOWFISH: |
64 |
The Blowfish algorithm designed by Bruce Schneier. It is better and faster |
65 |
than DES. It uses a (non-fixed) key up to 448 bits or 56 characters. This |
66 |
is the only algorithm that allows keys of different sizes below 448 bits (without |
67 |
being padded with zeros). |
68 |
This algorith is implemented according to the code in the designer's book |
69 |
'Applied Cryptography'. |
70 |
(This is the default algorithm) |
71 |
|
72 |
TWOFISH: |
73 |
Twofish was designed by Counterpane systems. Intended to be highly secure |
74 |
and highly flexible. It is well suited for large microprocessors, 8-bit |
75 |
smart card microprocessors, and dedicated hardware. Uses a 128bit block |
76 |
and 128bit key. |
77 |
|
78 |
GOST: |
79 |
A former soviet union's algorithm. An acronym for "Gosudarstvennyi Standard" |
80 |
or Government Standard. It uses a 256 bit key and a 64 bit block. |
81 |
The S-boxes used here are described in the Applied Cryptography book |
82 |
by Bruce Schneier. They were used in an application for the Central Bank |
83 |
of the Russian Federation. |
84 |
Some quotes from gost.c: |
85 |
The standard is written by A. Zabotin (project leader), G.P. Glazkov, |
86 |
and V.B. Isaeva. It was accepted and introduced into use by the |
87 |
action of the State Standards Committee of the USSR on 2 June 89 as |
88 |
No. 1409. It was to be reviewed in 1993, but whether anyone wishes |
89 |
to take on this obligation from the USSR is questionable. |
90 |
This code is based on the 25 Movember 1993 draft translation |
91 |
by Aleksandr Malchik, with Whitfield Diffie, of the Government |
92 |
Standard of the U.S.S.R. GOST 28149-89, "Cryptographic Transformation |
93 |
Algorithm", effective 1 July 1990. (Whitfield.Diffie@eng.sun.com) |
94 |
Some details have been cleared up by the paper "Soviet Encryption |
95 |
Algorithm" by Josef Pieprzyk and Leonid Tombak of the University |
96 |
of Wollongong, New South Wales. (josef/leo@cs.adfa.oz.au) |
97 |
|
98 |
|
99 |
When one of these algorithms is specified, The program prompts something like: |
100 |
(for DES) Enter key (8 chars): ... |
101 |
This is the number of characters that should be used as a key. If a string |
102 |
with less than 8 characters is given, it is padded with zeros. |
103 |
If a string with more than 8 characters is given only the first 8 are read. |
104 |
Only the blowfish algorithm (56 chars) allows keys that are less than |
105 |
56 (448 bits) characters. |
106 |
GOST, DES, 3DES, SAFER and 3-WAY require the key to be exactly the number of |
107 |
their key bytes. If a key of less bytes is specified it is padded with zeros |
108 |
(Do not even try, it would be better to leave it unencrypted). |
109 |
|
110 |
* Warning: Keep in mind that the characters on your keyboard are 7bit only. |
111 |
So by default this program will ignore the first bit(msb) of the characters |
112 |
of your input (one problem with the 7bit mode is that some bits of the last character typed |
113 |
may be ignored, but I don't think that this is too critical). Use the parameter --8bit or |
114 |
-8 to use 8bit input. |
115 |
|
116 |
--- |
117 |
All the above algorithms support three modes of encryption: |
118 |
|
119 |
ECB: |
120 |
The Electronic CodeBook mode. It is the simplest mode to use with a |
121 |
block cipher. It encrypts each block independently. (I do not recommend |
122 |
using it) |
123 |
|
124 |
.B CFB: |
125 |
The Cipher-Feedback Mode (in 8bit). This is a something like |
126 |
a stream cipher implemented from a block cipher. Encrypts one |
127 |
character (8bits) a time. |
128 |
|
129 |
CBC: |
130 |
The Cipher Block Chaining mode. It is better than ECB since the plaintext |
131 |
is XOR'ed with the previous ciphertext. A random block is placed as the |
132 |
first block so the same block or messages always encrypts to something |
133 |
different. (This is the default mode) |
134 |
--- |
135 |
|
136 |
For better results(safety of your data) compress the plaintext before |
137 |
encryption. |
138 |
|
139 |
|
140 |
Nikos Mavroyanopoulos |
141 |
nmav@i-net.paiko.gr |
142 |
nmav@hellug.gr |
143 |
|
144 |
Look at COPYING for license information and the individual files for more |
145 |
information. COPYING applies only for the mcrypt program and not the |
146 |
algorithms which most of them are public domain. COPYING.LIB applies to the |
147 |
files in lib/ directory. If you want to test the algorithm's implementation |
148 |
and integrity you can use the cipher.c in the tests/ directory. Do a |
149 |
'make cipher' in the same directory. |
150 |
|
151 |
Updated versions of mcrypt can be found at: |
152 |
ftp://argeas.cs-net.gr/pub/unix/mcrypt |
153 |
|
154 |
An rpm version of mcrypt for linux can be found at: |
155 |
ftp://ftp.fazekas.hu/pub/linux/rpms |
156 |
Maintained by Koblinger Egmont <egmont@fazekas.hu> |