What the hell is MacBlowfish? It is a suite of three applications implementing the Blowfish block-encryption algorithm developed by Bruce Schneier, originally published in the April 1994 Dr. Dobb's Journal. It uses a 448 bit secret key and at this point no means of breaking the algorithm beyond brute-force attack has been found. This Macintosh implementation of the algorithm was done in Metrowerk's Codewarrior 7 C++. We would like to thank Bruce Schneier for placing the algorithm in the public domain, however, he had nothing to do with this implementation so do not ask him for help or support on these applications. We are also placing these programs in the public domain, do with them what you will. Distribute them anyway you wish, as long as the archive stays complete and intact. These programs are intended for use only in the United States due to government restrictions on export of encryption algorithms with key lengths over 40 bits. The author's assume NO responsibility for improper usage of this software.
MacBlowfish consists of three small applications - Blow Drop, Deblow Drop and BlowKey Generator. Blow Drop encrypt's any file or application dropped on it using the key file, 'BlowKey', located in the same folder as the application. If no file named 'Blowkey' exists in the application folder you will be prompted with a standard open dialog box to select the key file to use for encryption or decryption. Deblow Drop obviously decrypts any previously encrypted file or application dropped on it, you must use the same key for decryption as you used for encryption, duh!?! Lose your key and you're screwed, no one can recover the file, don't even bother asking. Since this is secret key encryption, your files are only as secure as your key, hide it away somewhere and give it out only to those people you really trust. Blowkey Generator is used to generate new random keys for your use, it takes measures to ensure a random and unique key is generated each and every time you use it. BlowKeyGen currently outputs a 4k key, much larger than is currently needed but who knows what kind of plans we have for the future! ;-)
First Step to Using MacBlowfish - Make sure that you use BlowKey Generator to generate a key before trying to encrypt files or applications. We didn't include a key file, that would after all be kind of silly wouldn't it?
Why use MacBlowfish? For security! This is 448 bit secret key encryption, DES has an 80 bit key and Triple DES has a 112 bit key just for comparison. DES is susceptible to attack by differential cryptanalysis, Blowfish is resistant. Some may say, what about PGP? PGP is a public key system that uses a longer key (up to 2k) for encrypting the secret key, however, the data is encrypted with a 128 bit key based on the IDEA algorithm. The security of Blowfish is much stronger than PGP, after all PGP does stand for Pretty Good Privacy. On top of everything MacBlowfish is very fast (approximately 5 Megabytes a minute on a Quadra 840AV), very easy to use and will encrypt any file or application.
Why did we do it? For kicks really, we're certainly no encryption experts. We saw an article and thought it sounded extremely interesting in comparison to the mundane programming tasks we have to deal with every day. This certainly could never have been done without the published, public domain Blowfish algorithm.
Who wrote the programs? A couple of guys...just for kicks. That's about all we have to say and about all you need to know. The code was out there in the 'ether' we just slapped an interface on it, something any competent programmer could do. Anything wrong with that, we don't think so. If you wish to enquire about these programs or send bug reports please post to the COMP.SYS.MAC.MISC newsgroup, we will read the pertinent messages there.
