home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Monster Media 1994 #1
/
monster.zip
/
monster
/
UTIL_ARC
/
UC2INS.ZIP
/
CRYSAF.UC2
/
UCRYPT.DOC
< prev
next >
Wrap
Text File
|
1994-01-24
|
5KB
|
155 lines
UCRYPT: the use of the UCRYPT command
=====================================
After having archived a set of files with UC, you might want to
protect them from being accessed by others. To achieve this, you can
use UCRYPT.
UCRYPT protects the archive with a password, chosen by you. The
password is case sensitive. This increases the amount of possible
passwords.
This document contains the following paragraphs:
- A. Command summary
- B. Encryption
- C. Encryption with destruction of the original archive
- D. Decryption
- Z. Summary
1.A COMMAND SUMMARY.
====================
General: UCRYPT command archive-name
Starting UCRYPT with no command gives an explanation on screen about
the use of UCRYPT.
Possible commands are:
C for protecting an archive with a password
E for protecting an archive with a password and destroying the
original archive
CF like C, but uses 'faster' encryption
EF like E, but uses 'faster' encryption
D makes an archive accessible again
1.B ENCRYPTION.
===============
Command: UCRYPT C archive-name
With this command the archive will be protected with a password.
The original unprotected archive still exists after the execution
of UCRYPT.
After having entered the command, the password will be asked.
The password must consist of at least eight characters and at
most sixteen.
Every keystroke will be represented by an asterisk, so the password
is never visible.
When you are not sure about a keystroke, use <BACK SPACE> and
the keystroke will be undone.
As usual with passwords, you will be asked to enter the password
twice. When a difference between the passwords is detected, the
encryption will be terminated and you have to start again.
Encrypting an archive in another directory gives an encrypted archive
in the same directory as the original archive.
Command: UCRYPT C archive-name "password"
This command has the same function as the former command.
With this command the archive will also be protected with a password,
but the password is entered on the command line, between double
quotes.
Now you will not be asked to repeat the password, but the protection
will be done at once. Of course the password is visible, when entered
on the command line.
You can also use 'faster' encryption by using the CF instead of the C
command. The normal encryption uses triple-DES (Digital Encryption
Standard) encryption and has some enhancements crippling brute force
attacks. This makes the normal encryption safe according to all
common standards. The 'faster' encryption uses a less proven method.
It is not as established as triple-DES, but for most practical
purposes reliable enough.
1.C ENCRYPTION WITH DESTRUCTION OF THE ORIGINAL ARCHIVE.
========================================================
Commands: UCRYPT E archive-name
UCRYPT E archive-name "password"
UCRYPT EF archive-name
UCRYPT EF archive-name "password"
The E and EF commands work the same as the C and CF commands, the only
difference is the deletion. This deletion is not an ordinary deletion,
but a real destruction of the archive.
On systems with integrated datacompression (e.g. Stacker), or systems
with a very slow deferred write caching, the destruction might fail.
These systems do not allow destruction.
On C2 compliant operating systems (e.g. Windows NT) it is sufficient
to use the C and CF commands, since these systems already destroy
deleted files.
1.D DECRYPTION.
===============
Commands: UCRYPT D archive-name
UCRYPT D archive-name "password"
The (encrypted) archive is decrypted.
For decryption of the archive the password is required.
After decryption the encrypted archive still exists.
The way passwords are handled is the same as in paragraph 1.B.
Entering a wrong password mostly terminates the program with an error
message.
The time UltraCrypt needs to determine that a password is wrong is
almost the same as the time needed to decrypt an archive with the
correct password. This is necessary, since other approaches would
allow someone to try passwords much faster (brute force atack).
The UCRYPT data-encryption format has more specific features to make
brute-force attacks much harder. A side effect of this is that there
is a chance of 1 to 256 the archive will be decrypted into garbage
after entering a wrong password, without an error message.
1.Z SUMMARY.
============
UCRYPT gives explanation about the use of UCRYPT
on screen
UCRYPT C name
UCRYPT C name "password" protects archive, keeping the original
archive
UCRYPT E name
UCRYPT E name "password" protects archive, destroying the original
archive
UCRYPT CF name
UCRYPT CF name "password" like C but uses 'faster' encryption
UCRYPT EF name
UCRYPT EF name "password" like E but uses 'faster' encryption
UCRYPT D name
UCRYPT D name "password" makes archive accessible again