home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Current Shareware 1994 January
/
SHAR194.ISO
/
virus
/
cipher16.zip
/
CIPHER.DOC
< prev
next >
Wrap
Text File
|
1993-08-20
|
35KB
|
716 lines
CIPHER Ver. 1.6
Copyright (c) 1988-1993 Mike Albert
August 1993
1 INTRODUCTION
Cipher is a program that scrambles files so that no one can use them -
unless they have the correct key. Files are kept secret even when they
can be accessed by others: they can be read, but not understood. Cipher
is designed to protect files on PCs or disks you can't protect
physically, and can also protect messages sent via unprotected channels.
(If you're familiar with earlier versions of Cipher, look at section 8
to learn about new enhancements.) Cipher provides the following
benefits:
o Cipher is easy to use - it protects you from mistakes and helps
you to remember keys.
o Cipher is much faster than other programs that provide
comparable security.
o Cipher can encrypt files in place, so unerase utilities can't
recreate them.
o Cipher can also make a new encrypted file and leave the original
file untouched - this is useful when sending an encrypted file
to someone else.
o Protection is provided by a reliable, documented method that is
highly resistant to attack - even by expert programmers and
cryptographic analysts. For information on the security
provided by Cipher vs. other products, see section 5.
o Cipher checks when decrypting a file to ensure that the file
hasn't been corrupted.
o Cipher can be used from batch files to provide security
automatically.
o Cipher is less expensive than commercially available programs.
o Cipher guards against changes to itself - you can be sure you
have an unmodified Cipher and also detect any subsequent
tampering.
o All proceeds of Cipher go to Oxfam America, an international
self-help and disaster relief organization.
Cipher encrypts and decrypts files using a cryptographically sound
method. Encryption makes a file unintelligible and useless. Decryption
is the reverse - it converts the encrypted information to its original
understandable form. The encryption is controlled by a key that you
provide. You can use any string of characters you like. When you want
to use the files, you decrypt them using the same key to return them to
their original form. Someone who doesn't know the correct key or
doesn't have Cipher is powerless to make the file useful again.
- 1 -
Cipher protects you from common errors such as decrypting a file with
the wrong key, decrypting a file that's not encrypted, or encrypting a
file twice (unless you specifically request it). It also helps you
remember your key - you describe the key when you encrypt (e.g. "my old
Corvette license number"), and Cipher displays your description when you
decrypt. You can control Cipher interactively, with command line
arguments, or via an MS-DOS environment variable.
Cipher runs on any IBM-compatible computer using MS-DOS 2.00 or later,
and uses 64K of memory. All standard display adapters may be used as
long they display at least 80 characters per line. Files may reside on
floppy diskettes, hard disks, or network drives, and be any type or
size. Cipher has been successfully tested on three networks: Novell's
Netware and Netware Lite, and Digital Equipment Corporation's Pathworks.
The only problem occurs with Pathworks: files with some VMS Record
Formats, e.g. Variable, cannot be encrypted. The Stream Record Format
works fine.
Note that Cipher keeps people from understanding and using the contents
of your files, but doesn't prevent normal file operations such as
deleting, copying, or renaming. If you're concerned about someone
destroying your data, Cipher doesn't help. Cipher does protect against
the introduction of false information. Someone can modify an encrypted
file, but they can't achieve a specific result because decryption
affects their changes in an unpredictable way. Consequently a file that
is modified in its encrypted form will have garbage in the changed
portion of the file when it's decrypted.
Remember that you MUST specify the correct key to decrypt a file and
make it useful again. Cipher will help you recall the key and tell you
if you enter the wrong one, but it doesn't remember the key for you. If
you forget the key there are no shortcuts or bypasses - you're stuck
with a useless file! Since Cipher encrypts files in-place to ensure
security, Norton utilities or the like won't help. Cipher has no
trapdoors that let you, me, or anyone else decrypt a file without the
key, so BE CAREFUL!
If you want to try out Cipher right now, just run Cipher with no command
line arguments. Cipher will display a brief description of its
operation that you can use to get started. While you're getting used to
Cipher, be sure to work in a test directory with test files to ensure
that you don't irrevocably scramble something important.
2 OPERATION
You control Cipher with command line arguments that specify the commands
to be performed, options, and the files to be encrypted or decrypted.
The commands and options must precede the files on the command line and
be separated with blanks. You can specify multiple options, but only
one command. You can use one of the following commands:
COMMAND MEANING EXPLANATION
-e Encrypt Encrypts the files and prompts you for the
key. You are only prompted once - the key
you enter is used for all the files.
-e<key> Encrypt Encrypts the files using <key>.
- 2 -
-d Decrypt Decrypts the files and prompts for the key.
Cipher will only decrypt encrypted files.
If the files were encrypted with the -i
option, Cipher helps you remember the key by
displaying the key description you provided.
If the key you specify is incorrect, Cipher
prompts you for the correct key.
-d<key> Decrypt Decrypts the files using <key>. This
command works like -d above except that the
key provided with the command is used.
-c Checksum Computes the cryptographic checksum of
Cipher files so you can ensure that Cipher
has not been corrupted or modified. See
section 3 for more information.
You can use the following options:
OPTION MEANING EXPLANATION
-i<desc> Info Saves a description of the key used to
encrypt the files. When you encrypt or
decrypt the files, Cipher displays the
description for you in the key prompt. For
example, you could use "my student id number
at Penn State".
-r Re-encrypt Lets you encrypt a file even if it is
already encrypted. This is useful when two
people want to control the use of one file -
each person can encrypt with his own
password. Encrypting a file more than once
also provides even greater security. A file
encrypted more than once must be decrypted
in reverse order of encryption, i.e. the
first decryption must use the key from the
last encryption.
-s Suppress Suppresses screen list of the name of each
file processed or skipped - only a summary
is shown. Error messages are not
suppressed.
-q Quiet Suppresses screen list of all informational
messages. Error messages are not
suppressed.
If you specify the file names on the command line as described above,
Cipher encrypts or decrypts the files in place. File names can include
drive letters, paths, and wild-card characters ("*" and "?") in the
standard MS-DOS format. To specify multiple file names, separate the
names with spaces.
If you want to make a new file and leave the original file untouched,
use input and output redirection (invoked via the "<", ">", and "|"
command line options) to identify the files. File redirection is
described in the MS-DOS Reference manual under "Redirecting Command
Input and Output". You can only process one file at a time this way.
- 3 -
Make sure the input and output file are different, or the file will be
destroyed. An example of redirection is shown below.
Some examples of Cipher use are as follows:
cipher -eMike -i"my first name" test.*
All files in the current directory matching the name test.* are
encrypted in place using key "Mike". When you decrypt the files the
key description (i.e. "my first name") will be shown with the
prompt.
cipher -d a:\mp\data\*.* a:\wp\*.*
All files on drive a: in directory \mp\data and \wp that were
previously encrypted are decrypted in place. Unencrypted files are
left alone. You are prompted for the decryption keys. Cipher
remembers the keys you enter during the run, and only prompts you
for different keys.
cipher -eMike
All files specified interactively (i.e. in response to Cipher's
prompt) are encrypted in place using the key "Mike".
cipher -eMike <letter.src >letter.snd
File letter.src is encrypted with key "Mike" and written to file
letter.snd. File letter.src is not altered.
If you want to interrupt Cipher at any time press Ctrl-C. If Cipher is
waiting for input from you it will terminate immediately. If Cipher is
encrypting or decrypting a file, it will terminate when the operation is
complete.
3 SECURITY ISSUES
Note that Cipher gives you the capability to protect your information,
but doesn't guarantee safety. To be sure your files are secure, there
are several things you should remember:
1. Don't hard-code your keys in batch files. Anyone can run or
examine them and decrypt your files.
2. Don't use keys that can be easily guessed, such as your initials
or your children's names. This sort of thing is the first
method most attackers will try.
3. Don't write your keys down and leave them somewhere they can be
found.
4. Be careful with the -i (key description) option. To be safe,
you must refer to information only YOU know.
5. Use long keys. It's common to use short keys because they're
easy to remember and enter. The problem is that exhaustive
testing of all short keys could succeed with relatively little
- 4 -
effort. Use at least 8 randomly-chosen characters for good
protection, and 20 for maximum security. Another good approach
is to use a phrase, e.g. "other red system". Phrases are easy
to remember, and provide excellent protection if chosen
randomly.
6. Make sure that no copies of confidential files remain on unused
portions of your disk. This problem can occur any time a
program (e.g. a WP editor or spreadsheet) updates a file. A
knowledgeable user can poke around the disk (using an undelete
utility or disk editor) looking for interesting stuff. If you
aren't careful, copies of information that you've carefully
encrypted can be recovered by an unauthorized person.
The first place your data may appear is in unallocated disk
clusters. This happens when you delete a file that contains
confidential data. An undelete program can recreate the file if
it is run before the space is used for another file. You can
zero this space with Zerofree, a shareware program I distribute.
Zerofree can clear all unallocated data space and directory
entries so your data cannot be recovered.
The second location is tougher because your confidential data
can be at the end of ANY file, not just the one you're using.
This problem occurs when you delete a confidential file, and the
freed space is allocated to another file (but only partially
written into) when the file is created or extended. Cipher
takes care of the file being encrypted by zeroing the unused
area at its end, but it doesn't do the same for other files on
the disk. You can use Zerofree to clear this space too. Make
sure that you run Zerofree on any files created or changed by
any program that runs after any file containing confidential
information has been deleted or changed.
7. Use the cryptographic checksum feature to protect against Trojan
horses or other attacks. It's surprisingly simple for a
knowledgeable attacker to patch a program so it does what he
wants.
To compute the cryptographic checksum, run Cipher with the -c
command. Cipher asks you for a key, combines this key
cryptographically with the file, computes the checksum, and
displays it. You can use any key you want. If anyone changes
the file or you use a different key, the checksum changes too.
Someone who wants to compromise Cipher is frustrated because
they don't know what key you are using, so they can't make the
corrupted Cipher display the right checksum. If you compute the
checksum when you receive Cipher and write down the key and
checksum in a safe place, you can recompute the checksum at any
time to check for changes. As long as you keep your key secret
(and you started with an unmodified Cipher), no one can change
Cipher and still have it produce the same checksum.
The cryptographic checksum feature can also detect corruption of
Cipher that occurred before you received it. You can detect
Trojan horses, viruses, or any other alterations to both the
program and this documentation. To test for changes you use a
key/checksum combination that you can request from me you when
you register. You compute the checksum for your Cipher using
the key I provide. If your Cipher doesn't display the checksum
I send, your copy of Cipher is corrupted. Since I send a
- 5 -
different key (and checksum) to each registered user, no
attacker will be able to obtain your key and checksum and
circumvent the protection. (Note that when you run any unknown
program, including Cipher, you run the risk of it performing
mischief on your system, so be careful. It's probably not too
helpful to learn that the checksum is invalid if a Trojan horse
has just erased your disk!)
This all sounds obvious (except for items 6 and 7), but many attempts at
security are compromised because of this type of carelessness.
4 OPERATIONAL DETAILS
If you don't specify enough information via the command line, Cipher
prompts you. If you don't code -e or -d, Cipher asks if you want to
encrypt or decrypt. Cipher also prompts you for the key, the key
description, or the file names if you don't specify them. You can press
ESC at a key or description prompt to skip the current file and go on.
File names can include drive letters, paths, and wild-card characters in
the standard MS-DOS format. To specify multiple file names separate the
names with spaces. When you enter file names from the prompt, Cipher
lists the name of any files skipped, even if you specified the -s or -q
option.
You may also specify commands and options (but not files) in the
environment variable CIPHROPT. You can use all commands and options
available from the command line.
Here are some other points that may be of interest:
1. Cipher is careful not to encrypt itself. This protects you from
scrambling Cipher and having no way to unscramble it.
2. When Cipher encrypts or decrypts a file it doesn't alter the
file's attributes or date/time stamp.
3. Cipher will not alter files with the system, hidden, or read-
only attributes.
4. Encrypted files contain all 256 character combinations even if
the original file only contained ASCII. If you want to transmit
an encrypted file via a modem make sure you use a communication
protocol that supports binary files.
5. The key may consist of up to 50 printable characters. Upper and
lower case characters are considered to be different. If you
enter too many characters or a non-printable character you are
notified.
6. Cipher checks files when it decrypts them to determine if they
have been damaged. When Cipher detects a damaged file it
notifies you of the problem. Cipher does its best to decrypt a
damaged file, but cannot proceed if the encryption mark at the
end of the file is damaged.
7. It is possible that on a full disk Cipher will run out of disk
space when it tries to append the encryption mark to the end.
(The mark is described in section 5.) If this occurs you will
- 6 -
be warned. No damage results - Cipher does not encrypt the file
in this case. This problem doesn't occur with decryption.
8. It is possible that even with the safeguards built into Cipher
and careful use you will find yourself with an encrypted file
and only a vague memory of the key. If you just can't guess the
right key, you're stuck. Perhaps a close personal friend who
works for the National Security Agency could help, but short of
that there is no way to recover. I can't help you. Sorry, but
that is, after all, the whole point of this product.
5 TECHNICAL INFORMATION
The encryption method used in Cipher is described in the paper "Wide-
Open Encryption Design Offers Flexible Implementations" by Robert Scott,
CRYPTOLOGIA, January 1985. Scott's method uses principles derived from
the Data Encryption Standard (DES), a standard for commercial and non-
military governmental data encryption adopted by the National Bureau of
Standards in 1977. The Scott method employs a longer key (providing
greater security) and executes more rapidly than the DES method. The
algorithm is coded in assembly language and optimized to make it as fast
as possible.
Cipher uses the Scott method in Cipher Feed Back mode. This makes the
encrypted text more secure, and ensures that patterns in the source file
cannot be detected in the encrypted file. It also allows a random value
(based on the time of day) to be introduced into the encryption
calculation, so that each time a file is encrypted it's represented
differently. This increases the difficulty of applying cryptanalysis
techniques to attempt to decrypt a file without the key, and prevents
attackers from identifying equal files.
Cipher takes additional measures to ensure security. Files are
encrypted and decrypted in place (except when file redirection is used)
to ensure that the original contents of the file are overwritten. This
also avoids running out of space on full disks. When files are
encrypted in place, the unused portion of the last cluster of the file
(which often replicates data in the file) is zeroed so that no
unencrypted information can be found there.
It should be noted that methods used by many commercial encryption
products are not as secure as claimed. The paper "A survey of Data
Insecurity Packages" by Martin Kochanski, CRYPTOLOGIA, January 1987,
evaluated the methods used by SuperKey (Borland International), Padlock
(Sovereign Software), PS3 (Stralfors Data Products), Crypt (BCS), and
N-Code (K+L Software). Kochanski found that "all these packages are
vulnerable to known-plaintext attacks; some with as few as 6 bytes of
plaintext needed. Moreover, all the packages except N-Code can be
broken quite effectively without any known plaintext at all." He
demonstrated his point by breaking the packages using standard
cryptanalysis techniques and an IBM PC.
Kochanski did not examine Cipher. He did point out the weakness of the
methods he examined - "All the packages we have looked at suffer from a
lack of diffusion: a small change in the plaintext causes only a small
change in the ciphertext." In the Scott method, each bit of plaintext
affects 64 bits of ciphertext. This diffusion is the same provided with
the DES method.
- 7 -
Weaknesses similar to those found by Kochanski exist in the encryption
provided in many popular spreadsheet, word processing, and compression
products. Commercial cryptanalysis programs that can decrypt such files
without the password are available. If you rely on such encryption
you're vulnerable not only to cryptanalysts, but also to anyone who buys
a cryptanalysis program! The bottom line is that if you want to be sure
that your files are secure, you must be very careful in selecting an
encryption package.
The marking feature that enables Cipher to recall information about an
encrypted file is implemented by appending information to the end of a
file when it is encrypted. This information contains an encryption
signature (used to determine if the file is encrypted), the key
description (that is displayed in the decryption key prompt), the random
initial Cipher Feed Back value (used to initialize the decryption
calculation), a checksum (used to detect corruption of the file), and
some encrypted text (used to recognize the correct key at decryption
time). Note that the encryption key itself if NOT included. The file
is returned to its original length when it is decrypted.
The cryptographic checksum feature was suggested by Dr. Fred Cohen in
the paper "A Cryptographic Checksum for Integrity Protection",
Computers & Security #6, 1987. Cipher uses the Scott encryption method
instead of the RSA cryptosystem and reduction in modulus described by
Cohen. Each block of the file is combined with a number indicating its
position in the file, encrypted with the user-provided key, and added
(without carry) into the cumulative checksum. As a result any change in
a character of the file or its position is reflected in the checksum.
6 LICENSING, WARRANTY, and REGISTRATION
Cipher is distributed as shareware. I encourage you to try the program
and share it with friends as long as:
1. The Cipher program, this documentation, and any other Cipher
files are not modified and are distributed together.
2. Cipher is not provided as a part of any other product.
3. No fees, beyond a reasonable fee for media, duplication, or
downloading costs, are charged.
4. Cipher is not used for commercial, government, or business
purposes without registration. Each registration is for a
single person or a single computer.
If you decide to use Cipher regularly you are required to register. All
proceeds from Cipher are directed to Oxfam America, an international
self-help and disaster relief organization that I've supported for many
years. You can find more about Oxfam by reading section 7. If you
register you get the satisfaction of saving lives in Africa, Asia, and
South America, and encourage me to produce more software at reasonable
prices. You also get the following benefits:
If you request, I'll provide a key/checksum pair for each Cipher
file. You can then verify that the Cipher you have received is
unmodified and contains no Trojan horses, computer viruses, or other
illegitimate changes.
- 8 -
I'll answer questions on Cipher and its use. You can contact me at
the address shown below or via CompuServe mail.
I'll make an attempt (but no guarantee!) to fix any problems you
find.
If any important bugs are found I will notify you. I'll do the same
for any flaws found in the encryption method that compromise
security.
I'll send an updated version of Cipher to you at no additional cost.
You can request this when I notify you of a new version, when I've
fixed a bug you have found, or any other time. I'll only do this
once per registered user.
Registration is $40. Please make your check payable to Oxfam America -
I'll send your checks to Oxfam and record your registration information.
I'll also accept original canceled checks or receipts from Oxfam that
list you as the donor. Please send payments, registration information,
and any other correspondence to:
Mike Albert
P. O. Box 535
Bedford, MA 01730
I can also be reached via CompuServe mail; my userid is [70325,1134].
Anyone can order the latest version of Cipher directly from me for a fee
of $5.00. Just send the order (make sure it contains your mailing
address) with your check to the above address. You'll receive a 5 1/4
inch 360K floppy disk containing the Cipher executable and documentation
files. If you need other formats (5 1/4 inch 1.2Mb or 3 1/2 inch 720Kb
or 1.44Mb) I can provide them. If you live outside North America,
please send extra money for the increased postage.
I welcome all comments and suggestions concerning Cipher. I'd like to
know how you are using Cipher and what problems, bugs, or weaknesses you
find. If you tell me about enhancements or changes you're interested
in, I'll make an effort to provide them. I'll also include other
shareware products I produce. I'd also like to know what other products
you would like to see.
This program is provided "as is" without warranty of any kind, either
express or implied, but not limited to the implied warranties of
merchantability or fitness for a particular purpose. The entire risk as
to the results and performance of the program is assumed by the user.
Should the program prove defective, the user assumes the entire cost of
all necessary servicing, repair, or correction.
7 OXFAM AMERICA
As stated in Oxfam literature,
"Oxfam America is an international agency that funds self-help
development projects and disaster relief in poor countries in
Africa, Asia, and Latin America, and also prepares and distributes
educational materials for people in the United States on the issues
of development and hunger. The name "Oxfam" comes from the Oxford
- 9 -
Committee for Famine Relief, founded in England in 1942. Oxfam
America, based in Boston, was formed in 1970, and is one of seven
autonomous Oxfams around the world (Great Britain, Australia,
Belgium, Canada, Quebec, Hong Kong and the United States). Oxfam is
a nonsectarian, nonprofit agency that neither seeks or accepts U.S.
government funds. All contributions are tax-deductible to the
extent permitted by law."
For more information, you can phone Oxfam at 617-482-1211, or write to
them at:
Oxfam America
26 West Street
Boston, MA 02111-1206
8 REVISION HISTORY
CIPHER version 1.6 - 8/20/93
Fixed a bug introduced in version 1.5: when decrypting a file
encrypted with a 1, 2, or 3 character key, Cipher would
sometimes reject the correct key.
CIPHER version 1.5 - 12/5/92
Changed operation of the Scott encryption algorithm from
Electronic Code Book mode to Cipher Feed Back mode to improve
security.
Added use of a random number when encrypting so that every time
a file is encrypted it's represented differently. This
increases the difficulty of applying cryptanalysis techniques to
attempt to decrypt a file without the key, and prevents
attackers from identifying equal files.
Added use of a random number when creating the key checking text
stored in the encrypted file. This prevents an attacker from
examining two files to determine if they were encrypted with the
same key.
Encoded the key description (specified by the -i option) in the
encrypted file so that it's not visible when the file is viewed.
Corrected a problem that precluded encrypting files residing on
Novell network drives.
Corrected a problem that precluded encrypting files residing on
DEC PathWorks network drives and very large conventional drives.
Note: Earlier versions of Cipher can't decrypt files encrypted
by version 1.5. Version 1.5, however, can decrypt files
encrypted by earlier Cipher versions.
CIPHER version 1.4 - 9/25/92
Added a test for corruption of encrypted files. The test is
performed when a file is decrypted.
- 10 -
Added the option to skip a file when entering a decryption key.
This is useful when you can't remember the key of one file, but
want to continue with the rest. To bypass the file, press Esc
at the key prompt.
Corrected minor problems.
Updated the documentation to show new mailing address and
CompuServe contact information.
Note: Earlier versions of Cipher can't decrypt files encrypted
by version 1.4. Version 1.4, however, can decrypt files
encrypted by earlier Cipher versions.
CIPHER version 1.3 - 3/18/90
Added -q option to suppress all informational messages.
CIPHER version 1.2 - 8/1/89
Added decryption of files encrypted by earlier versions of
Cipher. Version 1.2 will decrypt files encrypted by versions
1.00 and 1.1. Versions 1.00 and 1.1 can only decrypt files
encrypted by themselves.
Added encryption of files that are already encrypted. This lets
two people control the use of one file - each person can encrypt
with his own password. It also provides even greater security.
The feature is invoked via the -r option.
CIPHER version 1.1 - 7/1/89
Added encryption/decryption of files without overwriting
original file.
Enhanced encryption method to ensure that patterns in the
original file cannot be detected by examining the encrypted
file. Note that files generated by Cipher versions 1.00 and 1.1
are incompatible.
Directed all Cipher proceeds to Oxfam America.
Improved some messages.
CIPHER version 1.00 - 3/30/88
Original program.
- 11 -
