home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
JCSM Shareware Collection 1996 September
/
JCSM Shareware Collection (JCS Distribution) (September 1996).ISO
/
butility
/
wet100.zip
/
WET.DOC
< prev
next >
Wrap
Text File
|
1994-05-14
|
49KB
|
1,387 lines
(C) Copyright 1994 MaeDae Enterprises
W I N D O W S E N C R Y P T I O N T O O L K I T
(W E T)
Version 1.xx
Reference Manual
Windows Encryption Toolkit (WET) for Windows is provided as user
supported software (Shareware). If you use it past the initial
15 day evaluation period, you are required to register it.
WET for Windows
"Encryption and decryption toolkit -- Fast, secure, and easy to use"
is published by
MaeDae Enterprises
5430 Murr Road
Peyton, CO 80831-7402 U.S.A.
(719) 683-3860
Published and printed in the United States of America.
Copyright 1994 by MaeDae Enterprises as a licensed, unpublished,
proprietary work. All international rights reserved.
Page 1
(C) Copyright 1994 MaeDae Enterprises
The printed Reference Manual and associated registered software
may not be copied, resold, reproduced, disclosed, archived,
transmitted, or transferred in any form, electronic or otherwise,
without the express written permission of MaeDae Enterprises.
You may freely distribute the Shareware version of WET.
Registered users may freely distribute WET's standard encryption
DLL with their products. Export restrictions apply to WET Pro's
DES DLL.
The WET DLLs provide the same quality encryption routines as
those we use in Encrypt-It for Windows and DOS. These routines
have been tested by thousands of registered Encrypt-It users. We
have recently provided these quality encryption/decryption
routines to the general public in the form of WET. Please let us
know of other functions you would like us to provide.
REGISTERED USERS: (those who paid us for this product)
MaeDae Enterprises hereby grants a "book" license to the original
individual (even if purchased by a company) user of this copy of
WET. You may use this developer's toolkit on your computer and
make one backup for storage as long as there is no possibility of
use or residence on more than one machine at any time. Just like
two people cannot read the same book in different locations at
the same time. You may not sell or give copies of the registered
development files or printed documentation to anyone.
You may include WET's encryption/decryption DLLs with any
products you develop without additional payment to us. Please
note that you must restrict the distribution of any product that
contains WET Pro's DES DLL.
Pricing, specifications, and conditions are subject to change
without notice.
Send all registrations and inquiries for site (multiple CPU or
network) licensing to MaeDae Enterprises at the address on the
previous page.
Disclaimer:
MaeDae Enterprises makes NO claims AND offers NO warranties of
any sort with WET. MaeDae Enterprises assumes NO
responsibility for any damage resulting from the apparent or
actual use of WET (mental or physical). The WET toolkits are
not guaranteed as to merchantability or fitness for its ultimate
use. The user accepts all responsibility for use and may not
resell the program.
IBM PC/XT/AT are registered trademarks of the International
Business Machines Corporation.
WET is a trademark of MaeDae Enterprises. Other trademarks
belong to their respective owners.
Page 2
(C) Copyright 1994 MaeDae Enterprises
PREFACE
ABOUT THIS MANUAL
You will notice that this manual is concise. This is intentional
as we have tried to make WET the easiest toolkit of its type to
use.
This manual provides information on both the WET Standard and WET
Professional version (WET Pro). Please note that WET Pro
provides all the WET DLLs plus adds a DES DLL that is currently
export restricted. Purchasers of WET Pro will be able to
distribute DES enabled products for US and Canadian sales. Our
standard encryption/decryption DLL (WETSTD.DLL) can be
distributed world-wide.
For many of you, this may be your first exposure to Shareware. To
help eliminate possible confusion, we have included a short
description of the Shareware marketing concept, explaining what
it is and why it relies on YOU for its survival.
What is Shareware? Shareware is not a kind of software. It is a
revolutionary method of marketing Commercial software. Our
software is Commercial software that we are allowing you to
examine for 15 days before you make the purchase decision. With
traditional marketing methods, you have to purchase Commercial
software from a computer store or through mail order businesses,
then try it out, and hope it does what you want. Shareware
allows you to "try before you buy!"
We rely upon you, the customer, to examine our software. If you
find it useful, please register. Your support is needed for us
to continue to improve our products.
Enough of this verbage. The real fun and learning begin when you
use this toolkit. So, enjoy!
With warmest regards,
The gang at MaeDae Enterprises.
Page 3
(C) Copyright 1994 MaeDae Enterprises
Table of Contents
=================
Page Description
==== ============
5. What is WET? An overview of its features.
5. What is WET Pro? An overview of its features.
6. What is the Data Encryption Standard (DES)?
7. Hardware Requirements
7. Software Requirements
7. Installation - the "README.DOC" file
8. Installation Notes
9. Getting Started
14. How to use DLLs
15. Tutorial
15. Additional Features
16. Cryptographic Techniques
19. Encrypted Ramblings
21. Basic Definitions
Page 4
(C) Copyright 1994 MaeDae Enterprises
WHAT IS WET?
============
The Windows Encryption Toolkit (WET) is a powerful
encryption/decryption toolkit packaged as Dynamic Link Libraries
(DLLs) for Windows 3.0 or later that allows you to:
1. Encrypt any data using the secure Data Encryption Standard
(Pro version),
2. Decrypt the data using a confidential key,
3. Perform encryption and decryption on both text and binary data
in a 8 byte block or entire blocks in-memory at a time,
4. Use XOR, transpositon, substitution, Data Encryption Standard
(DES), or DES+cipher block chaining in any combination or number
of layers you want,
5. Calculate cyclic redundancy checks (CRCs) to detect any
modifications to your data,
6. Access our secure routines from almost any Windows based
language,
7. And do it all without having to invest weeks or months
developing your own encryption routines!
WHAT IS WET PRO?
================
WET Professional version or WET Pro is the professional version
of WET. It provides all the functions and DLLs of WET plus
provides DES and DES + cipher block chaining (CBC)
encryption/decryption functions.
Our DES routines are based on DESNEW and are up to ten times
faster than most other DES routines. Thanks to our high
performance and secure encryption/decryption functions, you can
have the latest in data protection without spending months to
develop them.
Page 5
(C) Copyright 1994 MaeDae Enterprises
WHAT IS THE DATA ENCRYPTION STANDARD (DES)?
===========================================
Most encryption schemes are kept secret. One exception is the
Data Encryption Standard (DES), which was issued by the U.S.
National Bureau of Standards. The National Security Agency (NSA)
was intimately involved in the development and acceptance testing
of this algorithm.
But, how does it work? DES performs its encryption "magic" by
working on a block of 64 bits of your data using a 64 bit key
(we generate the 64 bit key from the key you supply). Basically,
DES is a substitution cipher. We know this sounds very technical,
but don't worry, we have hidden all the complexity of DES behind an
extremely easy to use interface. Our simple and straight
forward encryption functions makes protecting your data a simple
task. Technically, DES only uses the first 56 bits of your key.
There are several good cryptography books available that discuss
the details of DES. We will leave the exact details of DES and
key length for more advanced reading on your part. Check your
local large bookstore for suitable texts.
Why did we choose to implement DES? We chose DES because it is a
standard. Its ability to protect your data is well documented.
Our goal is to provide you the best possible software tool for
the protection of your data. We support multiple layers of
encryption, with DES as any layer of protection for your
data. Because of this approach, we feel your data is protected
far better than using DES by itself.
There has been some theoretical discussions recently centering
around whether it is just impossibily hard to break DES or
whether it could be broken given million dollar computers and
months or years of the computer's time. Just to alleviate any
concern you might have in this area, we have added cipher block
chaining to WET Pro as an additional encryption layer that is
applied underneath DES.
Page 6
(C) Copyright 1994 MaeDae Enterprises
HARDWARE REQUIREMENTS
=====================
1. IBM PC/XT/AT, IBM PS/2, or fully compatible computer capable
of running Windows 3.0 or later.
2. At least one 5.25" or 3.5" floppy disk drive. Two floppy disk
drives or one floppy and a hard disk (400K free space minimum for
the full system) are strongly recommended.
SOFTWARE REQUIREMENTS
=====================
1. A Windows based language that supports the use of DLLs.
2. Windows 3.0 or later.
3. EGA or better graphics adapter.
INSTALLATION - README.DOC
=========================
For all installation information see the README.DOC on the main
distribution diskette. You can view the information on-line or
print it out on your printer. README.DOC is constantly updated
to contain the latest information.
Recently we have added an installation program to our shareware
distribution set of files. Run INSTALL.EXE for a simplified
installation process.
P.S. The Shareware version of WET is complete. However,
it is a 15 day trial version. Also, additional product
information screens may have been added. Please note that we
can't provide the more powerful DES encryption routines for you to
review in the shareware version of WET due to DES export
restrictions.
Feel free to share ONLY the Shareware version with friends and
potential users of WET for 15 day trial/evaluation
purposes only. You may not use the Shareware version on other
machines in order to avoid purchasing additional copies of the
full program. You may not give away any copies or make more than
one copy of the fully operational program for other than archival
purposes.
Page 7
(C) Copyright 1994 MaeDae Enterprises
IMPORTANT INSTALLATION NOTES:
1. Diskette #1 contains many files in addition to the standard
version of WET (WETSTD.DLL). The professional version of
WET provides DES encryption (WETDES.DLL + WETSTD.DLL) plus all
the functions of the standard version (WETSTD.DLL). Please make
sure these files are all installed in the same directory when
running an application that accesses the WET DLLs.
2. If WET does not run properly:
A. Your machine may not be 100% IBM PC operating system
compatible or Windows may be installed incorrectly. This
is not always disastrous and a quick call to our phone
support staff may solve your problem.
B. You may have a slightly incompatible Windows video
driver. Usually, updating your driver or re-installing
Windows solves the problem. In some cases you may need to
delete Windows and re-install it. The Windows installation
program doesn't always overwrite existing files.
C. If you have any memory resident programs or system
drivers, try running without them loaded on your computer.
3. This manual is designed to give you a general overview and
familiarity with our developer's toolkit. Our encryption
routines are very straight forward and tend to be self
documenting.
4. We have included source code to show you how to interface
WET to some of the older existing software bases. Inside of
MS_DEMO.ZIP you will find a simple example of using WET with
Microsoft C6/7.
Page 8
(C) Copyright 1994 MaeDae Enterprises
GETTING STARTED
===============
The WET toolkit provides several different encryption
techniques for protecting your data. Listed below is an overview
of the different functions in our toolkit. We have provided
complete definitions of the functions. Almost any computer
language for Windows should be able to call these DLLs using the
information listed below.
Functions provided using the standard version of WET
(WETSTD.DLL):
VOID FAR PASCAL EncryptXORBlock(unsigned char far *block,
int block_length, unsigned char far *code_key);
Where: block - A far pointer to the data you want encrypted
or decrypted.
block_length - The number of bytes to encrypt or
decrypt at the location pointed to
by block.
code_key - A far pointer the zero terminated string
that is to be used to encrypt or decrypt
the block data.
VOID FAR PASCAL EncryptTranspositionBlock(unsigned char far *block,
int block_length, unsigned char far *code_key);
Where: block - A far pointer to the data you want encrypted
or decrypted.
block_length - The number of bytes to encrypt or
decrypt at the location pointed to
by block.
code_key - A far pointer the zero terminated string
that is to be used to encrypt or decrypt
the block data.
Note: This encryption technique is especially strong. Your
code_key is used as the seed into a pseudo-random
number generator which generates a greatly expanded
key of between 1000 and 2000 bytes long using only
lengths that are prime numbers (ex: 1009, 1999, 1013,
etc). For short blocks this technique will provide you
with a key longer than the block ensuring good
protection.
Page 9
(C) Copyright 1994 MaeDae Enterprises
VOID FAR PASCAL EncryptSubstitutionBlock(unsigned char far *block,
int block_length, unsigned char far *code_key);
Where: block - A far pointer to the data you want decrypted.
block_length - The number of bytes to encrypt or
decrypt at the location pointed to
by block.
code_key - A far pointer the zero terminated string
that is to be used to encrypt the block
data.
unsigned int FAR PASCAL CRCBlock(unsigned char far *block,
int block_length);
Where: block - A far pointer to the data you want encrypted
or decrypted.
block_length - The number of bytes to encrypt or
decrypt at the location pointed to
by block.
Note: This function returns a 16 bit unsigned int which
contains a 16 bit CRC for the data pointed to by the
block far pointer.
unsigned int FAR PASCAL GetVersionWETSTD(void);
This function returns the current revision number of WET.
The format is to return the entire revision as an unsigned
integer. For example: v1.00 would be returned as 100.
Additional functions provided with the professional version of
WET (WETSTD.DLL+WETDES.DLL) include:
VOID FAR PASCAL DESKeyloadEncrypt(unsigned char far *key);
Where: key - A far pointer to the eight byte block that
contains the DES key for encryption. This is
binary data, no need for a zero terminated
string. You need to load the key once at the
start of the encryption process.
Page 10
(C) Copyright 1994 MaeDae Enterprises
VOID FAR PASCAL DESKeyloadDecrypt(unsigned char far *key);
Where: key - A far pointer to an eight byte block that
contains the DES key for decryption. This is
binary data, no need for a zero terminated
string. You need to load the key once at the
start of the decryption process.
VOID FAR PASCAL CryptDES(unsigned char far *datablock);
Where: datablock - A far pointer to an eight byte block that
is to be encrypted or decrypted in place.
The plain text data will be overwritten
by the encrypted version.
VOID FAR PASCAL EncryptDESBlock(unsigned char far *block,
int block_length);
Where: block - A far pointer to the data you want encrypted.
block_length - The number of bytes to encrypt at the
location pointed to with block.
Note: DES works with 64 bits (8 bytes) of your data at one
time. We recommend additional steps if your block is
not exactly an even multiple of 8 bytes long. One
approach to work around this limitation is to apply
one of the conventional encryption methods such as
transposition underneath the DES level of encryption.
VOID FAR PASCAL DecryptDESBlock(unsigned char far *block,
int block_length);
Where: block - A far pointer to the data you want decrypted.
block_length - The number of bytes to decrypt at the
location pointed to with block.
VOID FAR PASCAL EncryptDESBlockCBC(unsigned char far *block,
int block_length);
Where: block - A far pointer to the data you want encrypted.
block_length - The number of bytes to encrypt at the
location pointed to with block.
Notes: DES works with 64 bits (8 bytes) of your data at one
time. We recommend additional steps if your block is
Page 11
(C) Copyright 1994 MaeDae Enterprises
not exactly an even multiple of 8 bytes long. One
good approach to work around this limitation is to
apply one of the conventional encryption methods such
as transposition underneath the DES level of
encryption.
Data cannot be encrypted in place when you use the
cipher block chaining option. Because of this, we
have to allocate a temporary work buffer from the
stack of the same size as the block_length you pass.
Please be aware of this and limit your block length
to no more that 2048 bytes!
VOID FAR PASCAL DecryptDESBlockCBC(unsigned char far *block,
int block_length);
Where: block - A far pointer to the data you want decrypted.
block_length - The number of bytes to decrypt at the
location pointed to by block.
Note: Data cannot be decrypted in place when you use the
cipher block chaining option. Because of this, we
have to allocate a temporary work buffer from the
stack of the same size as the block_length you pass.
Please be aware of this and limit your block length to
no more that 2048 bytes!
unsigned int FAR PASCAL GetVersionWETDES(void);
This function returns the current revision number of WET PRO.
The format is to return the entire revision as an unsigned
integer. For example: v1.00 would be returned as 100.
Page 12
(C) Copyright 1994 MaeDae Enterprises
General argument descriptions:
block - A far pointer to your data to be encrypted/decrypted
block_length - The length of the block you are pointing to
code_key - A zero terminated string containing the phrase to be
used for encryption/decryption
key - An eight byte block that contains the DES key for
encryption/decryption
data_block - An eight byte block that contains the data to be
encrypted using DES
Application notes:
* For XOR, transposition, and substitution, process your data
once thru the routines to encrypt. Process the encrypted data
thru a second time to decrypt.
* DES works with 64 bits (8 bytes) of your data at one time. We
recommend additional steps if your block is not exactly an even
multiple of 8 bytes long. One good approach to work around this
limitation is to apply one of the conventional encryption
methods such as transposition underneath the DES level of
encryption.
* Data cannot be encrypted in place when you use the DES+cipher
block chaining. Because of this, we have to allocate a
temporary work buffer from the stack of the same size as the
block_length you pass. Please be aware of this and limit your
block length to no more that 2048 bytes!
Page 13
(C) Copyright 1994 MaeDae Enterprises
HOW TO USE DLLS
===============
You can access DLLs in C/C++ using two basic methods. The
function prototypes for C access are in WET.H. WET.HPP contains
the function prototypes for C++ use. Basic DLL access methods
are:
1. Link an access library into your program. To do this you
need to run IMPLIB against the WET DLL(s) to create a .LIB file.
Add this .LIB file with your other .LIBs for your project.
Include WET.H into your C module that access WETSTD.DLL or
WETDES.DLL. Call the WET functions from your program just as any
other function. To use IMPLIB enter the following command at
your DOS prompt: IMPLIB WETSTD.LIB WETSTD.DLL
Note: IMPLIB should be in your path and will probably be located
in your compiler's BIN subdirectory.
2. You can access DLLs in C/C++ thru the LoadLibrary command.
You use the LoadLibrary command to load the DLL and then access
the functions via GetProcAddress. When your program finishes
execution it should unload the DLL via the FreeLibrary command.
Refer to your compiler vendor's documentation for exact details
on how to do this.
Many other languages also support DLL function calls. Refer to
your manuals for more details on DLL use.
Page 14
(C) Copyright 1994 MaeDae Enterprises
TUTORIAL (ENCRYPTING/DECRYPTING SAMPLE DATA)
============================================
Now let's do something simple to demonstrate how WET works.
All the encryption/decryption functions provided with the standard
version of WET are used once to encrypt the data. Then used a
second time with the same key to decrypt the data. In C this
example would look like:
#include "WET.H" /* WET.H contains C prototypes for DLLs */
/* WET.HPP contains C++ prototypes for DLLs */
char test_data[50];
int data_length;
lstrcpy(test_data,"This is a test 1234567890");
data_length=strlen(test_data);
EncryptXORBlock(&test_data,data_length,"my key");
/* Test_data now contains the encrypted data */
/* To decrypt you would use the same function again */
EncryptXORBlock(&test_data,data_length,"my key");
/* the test_data should now have "This is a test 1234567890" */
Notes: The XOR, transposition, and DES encryption routines
alter the data distribution causing 0s to appear at
different portions of the encrypted string. Because of
this, we can't use strlen(...) to get the length of the
encrypted data. You need to get the string length
before encryption and then refer to that length during
the decryption process.
The WET DLLs were written using the large memory model
C/C++ which assumes far data pointers. To use these
DLLs with other memory model programs you must first
typecast the data pointers (the char far *block
pointer) to be char far * also.
The professional version of WET comes provides DES in addition to
the standard encryption techniques. The following code fragment
shows how to use the DES+CBC encryption within a BC++ 4.0
program.
The majority of our example source code will also work with
MicroSoft's C/C++ with only minor changes. Our DLLs are fully
compatible across a wide range of compilers. Only the calling
mechanism varies slightly between the different vendor's
products.
Page 15
(C) Copyright 1994 MaeDae Enterprises
You will notice that for DES+CBC either DESKeyloadEncrypt or
DESKeyloadDecrypt is called first to load the key. Then you call
the encrypt or decrypt function.
When using the DES function without CBC you can just call the
appropriate function to load the key and then call CryptDES for
both encryption and decryption. DES+CBC's additional buffer
manipulation for cipher block chaining forces a unique encrypt
and decrypt functions.
Listed below is an example of DES+CBC in C++ code:
unsigned char work_string[100];
// create a 64 bit key
unsigned char use_key[8]={'0','1','2','3','4','5','6','7'};
// create a string (0 terminated)
// we will encrypt only 1st 16 characters
lstrcpy(work_string,"This is a test 0123456789");
MessageBox(wndw->HWindow,work_string,
"DES Encryption test - Clear Text",
MB_ICONEXCLAMATION);
// Load the 64 bit key into the DES encryption keyload function
DESKeyloadEncrypt(use_key);
// Encrypt the 1st 16 characters of the block using DES+CBC
EncryptDESBlockCBC(work_string,16);
MessageBox(wndw->HWindow,work_string,
"DES Encryption test - DES Encrypted (1st 16 char)",MB_ICONEXCLAMATION);
// Load the 64 bit key into the DES decryption keyload function
DESKeyloadDecrypt(use_key);
// Decrypt the first 16 characters of the block using DES+CBC
DecryptDESBlockCBC(work_string,16);
MessageBox(wndw->HWindow,work_string,
"DES Encryption test - Decrypted",MB_ICONEXCLAMATION);
Page 16
(C) Copyright 1994 MaeDae Enterprises
For DES the core steps would be:
DESKeyloadEncrypt(use_key);
CryptDES(work_string,16);
// 1st 16 characters of the data is now encrypted
DESKeyloadDecrypt(use_key);
CryptDES(work_string,16);
// the entire string is now decrypted
An example of using multiple layers of encryption follows.
char test_data[50];
int data_length;
lstrcpy(test_data,"This is a test 1234567890");
data_length=strlen(test_data);
EncryptXORBlock(&test_data,data_length,"my key");
EncryptTranspositionBlock(&test_data,data_length,"my key");
// now encrypted two layers deep
EncryptTranspositionBlock(&test_data,data_length,"my key");
EncryptXORBlock(&test_data,data_length,"my key");
// now back to clear text
Did you notice that the decryption steps must be the mirror image
of the encryption steps? The encryption layers can be applied in
any order or number. The encryption process can only be reversed
as long as you use exactly the same steps in reverse order for
decryption process.
Page 17
(C) Copyright 1994 MaeDae Enterprises
CRYPTOGRAPHIC TECHNIQUES
========================
Cryptographic techniques provide a very cost effective method of
protecting your important data. There are many computer
techniques available today for protecting your sensitive data.
WET provides the following four basic encryption methods to help
fill these needs:
1. Transposition - Changes the natural order of data so that a
different order for the characters is used. It swaps characters
within a message to place them in a different order based on the
encryption key (text string) you use for encryption. For
example, "THIS IS A TEST" could become "ISTHA SI TAEST". You
will notice that the characters are the same. However, their
order is totally mixed up or transposed. This process is
repeated during decryption to return the data back to its
original state.
2. Substitution - Substitution is one of the simplest encryption
techniques. It creates a new order for the characters. For
example, the order of the text ABCDEFGHIJKLMNOPQRSTUVWXYZ could
be changed to the new order CADMYNZEOFPBQGSRHTUIVWJKXL. The
message "THIS IS A TEST" would then become "IEOU OU C IYUI".
This example is simplified for illustration purposes. When
substitution is used within a computer, all 256 possible
characters are used so that it is possible to use the technique
on different types of computer files.
3. Exclusive Or - This is a logic operation used by the computer
to manipulate the data at the bit level. For example, a
character which consists of 10011001 (shown as bits) could be
encrypted with 1101010 to give you 01001100 when the exclusive or
is performed. When either the data or the key contains a 1, the
result is a 1, otherwise it is a 0. To reverse the process, you
exclusive or the encrypted data with the key a second time. This
operation is very easy for computers to perform and is used when
only a minimum of protection is required.
4. Data Encryption Standard (DES) - The professional version of
WET also provides DES which performs its encryption by working on
a block of 64 bits of your data using a 64 bit key. DES makes a
total of 16 passes through each 8 character (64 bit) block of
your data substituting a different character for the one
initially there. As you can guess, DES is practically impossible
to break. To eliminate even that small possibility, cipher block
chaining (CBC) is often used to strengthen DES. CBC provides an
exclusive or encryption layer underneath DES that chains the
encryption of the data from one unencrypted 64 bit block to the
next.
Page 18
(C) Copyright 1994 MaeDae Enterprises
ENCRYPTED RAMBLINGS - SOME GOOD INFORMATION
===========================================
As networks proliferate, the need for data security increases.
The world in the past has largely depended on physical security,
that is safes and locks. Computers, much to everyone's
consternation, are rapidly eroding the possibility of physical
security (wherever a modem is connected to a phone line). Laws
will be passed, but in the final result, honesty depends on good
locks and all the ministrations of legislators and bureaucrats
will have little positive effect on security. Human nature will
win out. The easier it is to get, the more likely it is to be
stolen. Encryption provides part of the answer to the need for
increased security. It is especially useful in systems that are
open to all users but which have some confidential data. Instead
of complex levels of user verification through passwords,
everyone can get the file but only the people with the key can
decode the information. Encryption in its present state is
cumbersome and time consuming but, faster computers and better
programs can ease this problem. This is where WET comes to the
rescue.
Encryption is a fascinating exercise and is considered
unbreakable if two conditions are met. First, the key is longer
than the message and second, the key is only used once, sometimes
called a "one time pad." Typically the files you will be
encrypting are much longer than the key (also much longer than
the one we build from your key) thereby weakening the encryption.
Distribution and maintenance of keys is unworkable in the day-to-
day operation of any communications operation of any size.
WET builds a much more complex key in its substitution encryption
method from your simple key, in an effort to provide a means to
ease this problem. It creates a one time pad based on your
unique key. Most random keys are not truly random since all
random functions are repeatable and their true randomness is
somewhat suspect. What is the solution? The specter of bigger
and faster computers looms in the future to provide even faster
encryption. Thinkers build on the best thoughts of those
preceding them. More powerful computers and better encryption
techniques will eventually provide a good solution to this
problem.
WET provides encryption methods that range from the fairly
secure to the very secure. Choose the level of protection you
need for your sensitive data. You can even apply all the
different encryption techniques to your data one level after
another. This further complicates the process of breaking the
code making it virtually impossible.
The best encryption in the world won't protect your data if you
give away the key. Secure encryption of the data is our job.
The choice of a good key and its protection is your job.
How do you select a good key? Several things should be
Page 19
(C) Copyright 1994 MaeDae Enterprises
considered. The key should not have a lot of repeating
characters. If they have any pattern to the eye they should not
be used. Keys should be kept secure.
WET supports keys of any length for the standard levels of
encryption. We recommend you use as long a key as practical.
Phrases or short sentences should work well as the key and still
be easy to remember. Spaces may be used in your key, but we
recommend not using spaces at the beginning or end of the key.
These spaces are easily forgotten.
NOTE: If there is any question about the randomness of the
encrypted data, WET could be used on it multiple times
using different keys and different techniques. The true
randomness of the key should not matter since the use of more
than one key should make unraveling very difficult, if not
impossible. This process could be repeated until the paranoia of
the person generating the keys was satisfied.
Page 20
(C) Copyright 1994 MaeDae Enterprises
BASIC DEFINITIONS:
==================
The terms used in WET and cryptography in general may be a
little confusing. Listed below are terms frequently used when
discussing cryptography. We have tried to pick a handful of the
most important terms and define them for you. They are:
Data Encryption Standard (DES) - The Data Encryption Standard was
issued by the U.S. National Bureau of Standards. The National
Security Agency (NSA) was intimately involved in the development
and acceptance testing of the algorithm. DES performs its
encryption by working on a block of 64 bits of your data using a
64 bit key. Basically, DES is a substitution cipher.
Cryptography -- The general study of hiding the meaning of
messages and the general techniques used for the hiding.
Cryptanalysis -- The solving or breaking of codes without any
knowledge of the key.
Cipher -- Any technique, method, or scheme (substitution,
transposition, and XOR) used to encrypt and decrypt text,
without regard to its linguistic structure.
Plaintext -- The unencrypted or totally decrypted readable text.
Ciphertext -- The unintelligible text, after encrypting it.
Cipher Block Chaining -- This is an additional layer of
encryption beneath DES. It is typically an extra XOR layer that
chains the results of one block of data to the next. Usually
this involves encrypting the current block of data using the
plaintext contents of the previous block as the key.
Encrypting -- The process of encoding/encrypting a plaintext file
to hide the intelligence.
Decrypting -- Decoding an encrypted/ciphertext file.
Key -- The text used to encrypt or decrypt a file. Sometimes
called a code word. Keys can be simple everyday words or very
complex combinations of characters that have no meaning. Some
electronic information services pick your password by combining
two regular words with a character between them. Examples keys:
abc,1234 and Never:Again.
Page 21