Software Vault: The Diamond Collection

home *** CD-ROM | disk | FTP | other *** search

/ Software Vault: The Diamond Collection / The Diamond Collection (Software Vault)(Digital Impact).ISO / cdr05 / wet101.zip / WET.DOC < prev next >

Wrap

Text File | 1994-05-14 | 49KB | 1,387 lines

(C) Copyright 1994 MaeDae Enterprises W I N D O W S E N C R Y P T I O N T O O L K I T (W E T) Version 1.xx Reference Manual Windows Encryption Toolkit (WET) for Windows is provided as user supported software (Shareware). If you use it past the initial 15 day evaluation period, you are required to register it. WET for Windows "Encryption and decryption toolkit -- Fast, secure, and easy to use" is published by MaeDae Enterprises 5430 Murr Road Peyton, CO 80831-7402 U.S.A. (719) 683-3860 Published and printed in the United States of America. Copyright 1994 by MaeDae Enterprises as a licensed, unpublished, proprietary work. All international rights reserved. Page 1 (C) Copyright 1994 MaeDae Enterprises The printed Reference Manual and associated registered software may not be copied, resold, reproduced, disclosed, archived, transmitted, or transferred in any form, electronic or otherwise, without the express written permission of MaeDae Enterprises. You may freely distribute the Shareware version of WET. Registered users may freely distribute WET's standard encryption DLL with their products. Export restrictions apply to WET Pro's DES DLL. The WET DLLs provide the same quality encryption routines as those we use in Encrypt-It for Windows and DOS. These routines have been tested by thousands of registered Encrypt-It users. We have recently provided these quality encryption/decryption routines to the general public in the form of WET. Please let us know of other functions you would like us to provide. REGISTERED USERS: (those who paid us for this product) MaeDae Enterprises hereby grants a "book" license to the original individual (even if purchased by a company) user of this copy of WET. You may use this developer's toolkit on your computer and make one backup for storage as long as there is no possibility of use or residence on more than one machine at any time. Just like two people cannot read the same book in different locations at the same time. You may not sell or give copies of the registered development files or printed documentation to anyone. You may include WET's encryption/decryption DLLs with any products you develop without additional payment to us. Please note that you must restrict the distribution of any product that contains WET Pro's DES DLL. Pricing, specifications, and conditions are subject to change without notice. Send all registrations and inquiries for site (multiple CPU or network) licensing to MaeDae Enterprises at the address on the previous page. Disclaimer: MaeDae Enterprises makes NO claims AND offers NO warranties of any sort with WET. MaeDae Enterprises assumes NO responsibility for any damage resulting from the apparent or actual use of WET (mental or physical). The WET toolkits are not guaranteed as to merchantability or fitness for its ultimate use. The user accepts all responsibility for use and may not resell the program. IBM PC/XT/AT are registered trademarks of the International Business Machines Corporation. WET is a trademark of MaeDae Enterprises. Other trademarks belong to their respective owners. Page 2 (C) Copyright 1994 MaeDae Enterprises PREFACE ABOUT THIS MANUAL You will notice that this manual is concise. This is intentional as we have tried to make WET the easiest toolkit of its type to use. This manual provides information on both the WET Standard and WET Professional version (WET Pro). Please note that WET Pro provides all the WET DLLs plus adds a DES DLL that is currently export restricted. Purchasers of WET Pro will be able to distribute DES enabled products for US and Canadian sales. Our standard encryption/decryption DLL (WETSTD.DLL) can be distributed world-wide. For many of you, this may be your first exposure to Shareware. To help eliminate possible confusion, we have included a short description of the Shareware marketing concept, explaining what it is and why it relies on YOU for its survival. What is Shareware? Shareware is not a kind of software. It is a revolutionary method of marketing Commercial software. Our software is Commercial software that we are allowing you to examine for 15 days before you make the purchase decision. With traditional marketing methods, you have to purchase Commercial software from a computer store or through mail order businesses, then try it out, and hope it does what you want. Shareware allows you to "try before you buy!" We rely upon you, the customer, to examine our software. If you find it useful, please register. Your support is needed for us to continue to improve our products. Enough of this verbage. The real fun and learning begin when you use this toolkit. So, enjoy! With warmest regards, The gang at MaeDae Enterprises. Page 3 (C) Copyright 1994 MaeDae Enterprises Table of Contents ================= Page Description ==== ============ 5. What is WET? An overview of its features. 5. What is WET Pro? An overview of its features. 6. What is the Data Encryption Standard (DES)? 7. Hardware Requirements 7. Software Requirements 7. Installation - the "README.DOC" file 8. Installation Notes 9. Getting Started 14. How to use DLLs 15. Tutorial 15. Additional Features 16. Cryptographic Techniques 19. Encrypted Ramblings 21. Basic Definitions Page 4 (C) Copyright 1994 MaeDae Enterprises WHAT IS WET? ============ The Windows Encryption Toolkit (WET) is a powerful encryption/decryption toolkit packaged as Dynamic Link Libraries (DLLs) for Windows 3.0 or later that allows you to: 1. Encrypt any data using the secure Data Encryption Standard (Pro version), 2. Decrypt the data using a confidential key, 3. Perform encryption and decryption on both text and binary data in a 8 byte block or entire blocks in-memory at a time, 4. Use XOR, transpositon, substitution, Data Encryption Standard (DES), or DES+cipher block chaining in any combination or number of layers you want, 5. Calculate cyclic redundancy checks (CRCs) to detect any modifications to your data, 6. Access our secure routines from almost any Windows based language, 7. And do it all without having to invest weeks or months developing your own encryption routines! WHAT IS WET PRO? ================ WET Professional version or WET Pro is the professional version of WET. It provides all the functions and DLLs of WET plus provides DES and DES + cipher block chaining (CBC) encryption/decryption functions. Our DES routines are based on DESNEW and are up to ten times faster than most other DES routines. Thanks to our high performance and secure encryption/decryption functions, you can have the latest in data protection without spending months to develop them. Page 5 (C) Copyright 1994 MaeDae Enterprises WHAT IS THE DATA ENCRYPTION STANDARD (DES)? =========================================== Most encryption schemes are kept secret. One exception is the Data Encryption Standard (DES), which was issued by the U.S. National Bureau of Standards. The National Security Agency (NSA) was intimately involved in the development and acceptance testing of this algorithm. But, how does it work? DES performs its encryption "magic" by working on a block of 64 bits of your data using a 64 bit key (we generate the 64 bit key from the key you supply). Basically, DES is a substitution cipher. We know this sounds very technical, but don't worry, we have hidden all the complexity of DES behind an extremely easy to use interface. Our simple and straight forward encryption functions makes protecting your data a simple task. Technically, DES only uses the first 56 bits of your key. There are several good cryptography books available that discuss the details of DES. We will leave the exact details of DES and key length for more advanced reading on your part. Check your local large bookstore for suitable texts. Why did we choose to implement DES? We chose DES because it is a standard. Its ability to protect your data is well documented. Our goal is to provide you the best possible software tool for the protection of your data. We support multiple layers of encryption, with DES as any layer of protection for your data. Because of this approach, we feel your data is protected far better than using DES by itself. There has been some theoretical discussions recently centering around whether it is just impossibily hard to break DES or whether it could be broken given million dollar computers and months or years of the computer's time. Just to alleviate any concern you might have in this area, we have added cipher block chaining to WET Pro as an additional encryption layer that is applied underneath DES. Page 6 (C) Copyright 1994 MaeDae Enterprises HARDWARE REQUIREMENTS ===================== 1. IBM PC/XT/AT, IBM PS/2, or fully compatible computer capable of running Windows 3.0 or later. 2. At least one 5.25" or 3.5" floppy disk drive. Two floppy disk drives or one floppy and a hard disk (400K free space minimum for the full system) are strongly recommended. SOFTWARE REQUIREMENTS ===================== 1. A Windows based language that supports the use of DLLs. 2. Windows 3.0 or later. 3. EGA or better graphics adapter. INSTALLATION - README.DOC ========================= For all installation information see the README.DOC on the main distribution diskette. You can view the information on-line or print it out on your printer. README.DOC is constantly updated to contain the latest information. Recently we have added an installation program to our shareware distribution set of files. Run INSTALL.EXE for a simplified installation process. P.S. The Shareware version of WET is complete. However, it is a 15 day trial version. Also, additional product information screens may have been added. Please note that we can't provide the more powerful DES encryption routines for you to review in the shareware version of WET due to DES export restrictions. Feel free to share ONLY the Shareware version with friends and potential users of WET for 15 day trial/evaluation purposes only. You may not use the Shareware version on other machines in order to avoid purchasing additional copies of the full program. You may not give away any copies or make more than one copy of the fully operational program for other than archival purposes. Page 7 (C) Copyright 1994 MaeDae Enterprises IMPORTANT INSTALLATION NOTES: 1. Diskette #1 contains many files in addition to the standard version of WET (WETSTD.DLL). The professional version of WET provides DES encryption (WETDES.DLL + WETSTD.DLL) plus all the functions of the standard version (WETSTD.DLL). Please make sure these files are all installed in the same directory when running an application that accesses the WET DLLs. 2. If WET does not run properly: A. Your machine may not be 100% IBM PC operating system compatible or Windows may be installed incorrectly. This is not always disastrous and a quick call to our phone support staff may solve your problem. B. You may have a slightly incompatible Windows video driver. Usually, updating your driver or re-installing Windows solves the problem. In some cases you may need to delete Windows and re-install it. The Windows installation program doesn't always overwrite existing files. C. If you have any memory resident programs or system drivers, try running without them loaded on your computer. 3. This manual is designed to give you a general overview and familiarity with our developer's toolkit. Our encryption routines are very straight forward and tend to be self documenting. 4. We have included source code to show you how to interface WET to some of the older existing software bases. Inside of MS_DEMO.ZIP you will find a simple example of using WET with Microsoft C6/7. Page 8 (C) Copyright 1994 MaeDae Enterprises GETTING STARTED =============== The WET toolkit provides several different encryption techniques for protecting your data. Listed below is an overview of the different functions in our toolkit. We have provided complete definitions of the functions. Almost any computer language for Windows should be able to call these DLLs using the information listed below. Functions provided using the standard version of WET (WETSTD.DLL): VOID FAR PASCAL EncryptXORBlock(unsigned char far *block, int block_length, unsigned char far *code_key); Where: block - A far pointer to the data you want encrypted or decrypted. block_length - The number of bytes to encrypt or decrypt at the location pointed to by block. code_key - A far pointer the zero terminated string that is to be used to encrypt or decrypt the block data. VOID FAR PASCAL EncryptTranspositionBlock(unsigned char far *block, int block_length, unsigned char far *code_key); Where: block - A far pointer to the data you want encrypted or decrypted. block_length - The number of bytes to encrypt or decrypt at the location pointed to by block. code_key - A far pointer the zero terminated string that is to be used to encrypt or decrypt the block data. Note: This encryption technique is especially strong. Your code_key is used as the seed into a pseudo-random number generator which generates a greatly expanded key of between 1000 and 2000 bytes long using only lengths that are prime numbers (ex: 1009, 1999, 1013, etc). For short blocks this technique will provide you with a key longer than the block ensuring good protection. Page 9 (C) Copyright 1994 MaeDae Enterprises VOID FAR PASCAL EncryptSubstitutionBlock(unsigned char far *block, int block_length, unsigned char far *code_key); Where: block - A far pointer to the data you want decrypted. block_length - The number of bytes to encrypt or decrypt at the location pointed to by block. code_key - A far pointer the zero terminated string that is to be used to encrypt the block data. unsigned int FAR PASCAL CRCBlock(unsigned char far *block, int block_length); Where: block - A far pointer to the data you want encrypted or decrypted. block_length - The number of bytes to encrypt or decrypt at the location pointed to by block. Note: This function returns a 16 bit unsigned int which contains a 16 bit CRC for the data pointed to by the block far pointer. unsigned int FAR PASCAL GetVersionWETSTD(void); This function returns the current revision number of WET. The format is to return the entire revision as an unsigned integer. For example: v1.00 would be returned as 100. Additional functions provided with the professional version of WET (WETSTD.DLL+WETDES.DLL) include: VOID FAR PASCAL DESKeyloadEncrypt(unsigned char far *key); Where: key - A far pointer to the eight byte block that contains the DES key for encryption. This is binary data, no need for a zero terminated string. You need to load the key once at the start of the encryption process. Page 10 (C) Copyright 1994 MaeDae Enterprises VOID FAR PASCAL DESKeyloadDecrypt(unsigned char far *key); Where: key - A far pointer to an eight byte block that contains the DES key for decryption. This is binary data, no need for a zero terminated string. You need to load the key once at the start of the decryption process. VOID FAR PASCAL CryptDES(unsigned char far *datablock); Where: datablock - A far pointer to an eight byte block that is to be encrypted or decrypted in place. The plain text data will be overwritten by the encrypted version. VOID FAR PASCAL EncryptDESBlock(unsigned char far *block, int block_length); Where: block - A far pointer to the data you want encrypted. block_length - The number of bytes to encrypt at the location pointed to with block. Note: DES works with 64 bits (8 bytes) of your data at one time. We recommend additional steps if your block is not exactly an even multiple of 8 bytes long. One approach to work around this limitation is to apply one of the conventional encryption methods such as transposition underneath the DES level of encryption. VOID FAR PASCAL DecryptDESBlock(unsigned char far *block, int block_length); Where: block - A far pointer to the data you want decrypted. block_length - The number of bytes to decrypt at the location pointed to with block. VOID FAR PASCAL EncryptDESBlockCBC(unsigned char far *block, int block_length); Where: block - A far pointer to the data you want encrypted. block_length - The number of bytes to encrypt at the location pointed to with block. Notes: DES works with 64 bits (8 bytes) of your data at one time. We recommend additional steps if your block is Page 11 (C) Copyright 1994 MaeDae Enterprises not exactly an even multiple of 8 bytes long. One good approach to work around this limitation is to apply one of the conventional encryption methods such as transposition underneath the DES level of encryption. Data cannot be encrypted in place when you use the cipher block chaining option. Because of this, we have to allocate a temporary work buffer from the stack of the same size as the block_length you pass. Please be aware of this and limit your block length to no more that 2048 bytes! VOID FAR PASCAL DecryptDESBlockCBC(unsigned char far *block, int block_length); Where: block - A far pointer to the data you want decrypted. block_length - The number of bytes to decrypt at the location pointed to by block. Note: Data cannot be decrypted in place when you use the cipher block chaining option. Because of this, we have to allocate a temporary work buffer from the stack of the same size as the block_length you pass. Please be aware of this and limit your block length to no more that 2048 bytes! unsigned int FAR PASCAL GetVersionWETDES(void); This function returns the current revision number of WET PRO. The format is to return the entire revision as an unsigned integer. For example: v1.00 would be returned as 100. Page 12 (C) Copyright 1994 MaeDae Enterprises General argument descriptions: block - A far pointer to your data to be encrypted/decrypted block_length - The length of the block you are pointing to code_key - A zero terminated string containing the phrase to be used for encryption/decryption key - An eight byte block that contains the DES key for encryption/decryption data_block - An eight byte block that contains the data to be encrypted using DES Application notes: * For XOR, transposition, and substitution, process your data once thru the routines to encrypt. Process the encrypted data thru a second time to decrypt. * DES works with 64 bits (8 bytes) of your data at one time. We recommend additional steps if your block is not exactly an even multiple of 8 bytes long. One good approach to work around this limitation is to apply one of the conventional encryption methods such as transposition underneath the DES level of encryption. * Data cannot be encrypted in place when you use the DES+cipher block chaining. Because of this, we have to allocate a temporary work buffer from the stack of the same size as the block_length you pass. Please be aware of this and limit your block length to no more that 2048 bytes! Page 13 (C) Copyright 1994 MaeDae Enterprises HOW TO USE DLLS =============== You can access DLLs in C/C++ using two basic methods. The function prototypes for C access are in WET.H. WET.HPP contains the function prototypes for C++ use. Basic DLL access methods are: 1. Link an access library into your program. To do this you need to run IMPLIB against the WET DLL(s) to create a .LIB file. Add this .LIB file with your other .LIBs for your project. Include WET.H into your C module that access WETSTD.DLL or WETDES.DLL. Call the WET functions from your program just as any other function. To use IMPLIB enter the following command at your DOS prompt: IMPLIB WETSTD.LIB WETSTD.DLL Note: IMPLIB should be in your path and will probably be located in your compiler's BIN subdirectory. 2. You can access DLLs in C/C++ thru the LoadLibrary command. You use the LoadLibrary command to load the DLL and then access the functions via GetProcAddress. When your program finishes execution it should unload the DLL via the FreeLibrary command. Refer to your compiler vendor's documentation for exact details on how to do this. Many other languages also support DLL function calls. Refer to your manuals for more details on DLL use. Page 14 (C) Copyright 1994 MaeDae Enterprises TUTORIAL (ENCRYPTING/DECRYPTING SAMPLE DATA) ============================================ Now let's do something simple to demonstrate how WET works. All the encryption/decryption functions provided with the standard version of WET are used once to encrypt the data. Then used a second time with the same key to decrypt the data. In C this example would look like: #include "WET.H" /* WET.H contains C prototypes for DLLs */ /* WET.HPP contains C++ prototypes for DLLs */ char test_data[50]; int data_length; lstrcpy(test_data,"This is a test 1234567890"); data_length=strlen(test_data); EncryptXORBlock(&test_data,data_length,"my key"); /* Test_data now contains the encrypted data */ /* To decrypt you would use the same function again */ EncryptXORBlock(&test_data,data_length,"my key"); /* the test_data should now have "This is a test 1234567890" */ Notes: The XOR, transposition, and DES encryption routines alter the data distribution causing 0s to appear at different portions of the encrypted string. Because of this, we can't use strlen(...) to get the length of the encrypted data. You need to get the string length before encryption and then refer to that length during the decryption process. The WET DLLs were written using the large memory model C/C++ which assumes far data pointers. To use these DLLs with other memory model programs you must first typecast the data pointers (the char far *block pointer) to be char far * also. The professional version of WET comes provides DES in addition to the standard encryption techniques. The following code fragment shows how to use the DES+CBC encryption within a BC++ 4.0 program. The majority of our example source code will also work with MicroSoft's C/C++ with only minor changes. Our DLLs are fully compatible across a wide range of compilers. Only the calling mechanism varies slightly between the different vendor's products. Page 15 (C) Copyright 1994 MaeDae Enterprises You will notice that for DES+CBC either DESKeyloadEncrypt or DESKeyloadDecrypt is called first to load the key. Then you call the encrypt or decrypt function. When using the DES function without CBC you can just call the appropriate function to load the key and then call CryptDES for both encryption and decryption. DES+CBC's additional buffer manipulation for cipher block chaining forces a unique encrypt and decrypt functions. Listed below is an example of DES+CBC in C++ code: unsigned char work_string[100]; // create a 64 bit key unsigned char use_key[8]={'0','1','2','3','4','5','6','7'}; // create a string (0 terminated) // we will encrypt only 1st 16 characters lstrcpy(work_string,"This is a test 0123456789"); MessageBox(wndw->HWindow,work_string, "DES Encryption test - Clear Text", MB_ICONEXCLAMATION); // Load the 64 bit key into the DES encryption keyload function DESKeyloadEncrypt(use_key); // Encrypt the 1st 16 characters of the block using DES+CBC EncryptDESBlockCBC(work_string,16); MessageBox(wndw->HWindow,work_string, "DES Encryption test - DES Encrypted (1st 16 char)",MB_ICONEXCLAMATION); // Load the 64 bit key into the DES decryption keyload function DESKeyloadDecrypt(use_key); // Decrypt the first 16 characters of the block using DES+CBC DecryptDESBlockCBC(work_string,16); MessageBox(wndw->HWindow,work_string, "DES Encryption test - Decrypted",MB_ICONEXCLAMATION); Page 16 (C) Copyright 1994 MaeDae Enterprises For DES the core steps would be: DESKeyloadEncrypt(use_key); CryptDES(work_string,16); // 1st 16 characters of the data is now encrypted DESKeyloadDecrypt(use_key); CryptDES(work_string,16); // the entire string is now decrypted An example of using multiple layers of encryption follows. char test_data[50]; int data_length; lstrcpy(test_data,"This is a test 1234567890"); data_length=strlen(test_data); EncryptXORBlock(&test_data,data_length,"my key"); EncryptTranspositionBlock(&test_data,data_length,"my key"); // now encrypted two layers deep EncryptTranspositionBlock(&test_data,data_length,"my key"); EncryptXORBlock(&test_data,data_length,"my key"); // now back to clear text Did you notice that the decryption steps must be the mirror image of the encryption steps? The encryption layers can be applied in any order or number. The encryption process can only be reversed as long as you use exactly the same steps in reverse order for decryption process. Page 17 (C) Copyright 1994 MaeDae Enterprises CRYPTOGRAPHIC TECHNIQUES ======================== Cryptographic techniques provide a very cost effective method of protecting your important data. There are many computer techniques available today for protecting your sensitive data. WET provides the following four basic encryption methods to help fill these needs: 1. Transposition - Changes the natural order of data so that a different order for the characters is used. It swaps characters within a message to place them in a different order based on the encryption key (text string) you use for encryption. For example, "THIS IS A TEST" could become "ISTHA SI TAEST". You will notice that the characters are the same. However, their order is totally mixed up or transposed. This process is repeated during decryption to return the data back to its original state. 2. Substitution - Substitution is one of the simplest encryption techniques. It creates a new order for the characters. For example, the order of the text ABCDEFGHIJKLMNOPQRSTUVWXYZ could be changed to the new order CADMYNZEOFPBQGSRHTUIVWJKXL. The message "THIS IS A TEST" would then become "IEOU OU C IYUI". This example is simplified for illustration purposes. When substitution is used within a computer, all 256 possible characters are used so that it is possible to use the technique on different types of computer files. 3. Exclusive Or - This is a logic operation used by the computer to manipulate the data at the bit level. For example, a character which consists of 10011001 (shown as bits) could be encrypted with 1101010 to give you 01001100 when the exclusive or is performed. When either the data or the key contains a 1, the result is a 1, otherwise it is a 0. To reverse the process, you exclusive or the encrypted data with the key a second time. This operation is very easy for computers to perform and is used when only a minimum of protection is required. 4. Data Encryption Standard (DES) - The professional version of WET also provides DES which performs its encryption by working on a block of 64 bits of your data using a 64 bit key. DES makes a total of 16 passes through each 8 character (64 bit) block of your data substituting a different character for the one initially there. As you can guess, DES is practically impossible to break. To eliminate even that small possibility, cipher block chaining (CBC) is often used to strengthen DES. CBC provides an exclusive or encryption layer underneath DES that chains the encryption of the data from one unencrypted 64 bit block to the next. Page 18 (C) Copyright 1994 MaeDae Enterprises ENCRYPTED RAMBLINGS - SOME GOOD INFORMATION =========================================== As networks proliferate, the need for data security increases. The world in the past has largely depended on physical security, that is safes and locks. Computers, much to everyone's consternation, are rapidly eroding the possibility of physical security (wherever a modem is connected to a phone line). Laws will be passed, but in the final result, honesty depends on good locks and all the ministrations of legislators and bureaucrats will have little positive effect on security. Human nature will win out. The easier it is to get, the more likely it is to be stolen. Encryption provides part of the answer to the need for increased security. It is especially useful in systems that are open to all users but which have some confidential data. Instead of complex levels of user verification through passwords, everyone can get the file but only the people with the key can decode the information. Encryption in its present state is cumbersome and time consuming but, faster computers and better programs can ease this problem. This is where WET comes to the rescue. Encryption is a fascinating exercise and is considered unbreakable if two conditions are met. First, the key is longer than the message and second, the key is only used once, sometimes called a "one time pad." Typically the files you will be encrypting are much longer than the key (also much longer than the one we build from your key) thereby weakening the encryption. Distribution and maintenance of keys is unworkable in the day-to- day operation of any communications operation of any size. WET builds a much more complex key in its substitution encryption method from your simple key, in an effort to provide a means to ease this problem. It creates a one time pad based on your unique key. Most random keys are not truly random since all random functions are repeatable and their true randomness is somewhat suspect. What is the solution? The specter of bigger and faster computers looms in the future to provide even faster encryption. Thinkers build on the best thoughts of those preceding them. More powerful computers and better encryption techniques will eventually provide a good solution to this problem. WET provides encryption methods that range from the fairly secure to the very secure. Choose the level of protection you need for your sensitive data. You can even apply all the different encryption techniques to your data one level after another. This further complicates the process of breaking the code making it virtually impossible. The best encryption in the world won't protect your data if you give away the key. Secure encryption of the data is our job. The choice of a good key and its protection is your job. How do you select a good key? Several things should be Page 19 (C) Copyright 1994 MaeDae Enterprises considered. The key should not have a lot of repeating characters. If they have any pattern to the eye they should not be used. Keys should be kept secure. WET supports keys of any length for the standard levels of encryption. We recommend you use as long a key as practical. Phrases or short sentences should work well as the key and still be easy to remember. Spaces may be used in your key, but we recommend not using spaces at the beginning or end of the key. These spaces are easily forgotten. NOTE: If there is any question about the randomness of the encrypted data, WET could be used on it multiple times using different keys and different techniques. The true randomness of the key should not matter since the use of more than one key should make unraveling very difficult, if not impossible. This process could be repeated until the paranoia of the person generating the keys was satisfied. Page 20 (C) Copyright 1994 MaeDae Enterprises BASIC DEFINITIONS: ================== The terms used in WET and cryptography in general may be a little confusing. Listed below are terms frequently used when discussing cryptography. We have tried to pick a handful of the most important terms and define them for you. They are: Data Encryption Standard (DES) - The Data Encryption Standard was issued by the U.S. National Bureau of Standards. The National Security Agency (NSA) was intimately involved in the development and acceptance testing of the algorithm. DES performs its encryption by working on a block of 64 bits of your data using a 64 bit key. Basically, DES is a substitution cipher. Cryptography -- The general study of hiding the meaning of messages and the general techniques used for the hiding. Cryptanalysis -- The solving or breaking of codes without any knowledge of the key. Cipher -- Any technique, method, or scheme (substitution, transposition, and XOR) used to encrypt and decrypt text, without regard to its linguistic structure. Plaintext -- The unencrypted or totally decrypted readable text. Ciphertext -- The unintelligible text, after encrypting it. Cipher Block Chaining -- This is an additional layer of encryption beneath DES. It is typically an extra XOR layer that chains the results of one block of data to the next. Usually this involves encrypting the current block of data using the plaintext contents of the previous block as the key. Encrypting -- The process of encoding/encrypting a plaintext file to hide the intelligence. Decrypting -- Decoding an encrypted/ciphertext file. Key -- The text used to encrypt or decrypt a file. Sometimes called a code word. Keys can be simple everyday words or very complex combinations of characters that have no meaning. Some electronic information services pick your password by combining two regular words with a character between them. Examples keys: abc,1234 and Never:Again. Page 21