F A S T E N C R Y P T Version 1.2 Copyright (c) 1994 by Michael J. Harris OVERVIEW: Fast Encrypt is a state-of-the-art Encryption/Decryption program. It is orders of magnitude more secure than DES, very fast, can use any 16 byte string as a key, and is very simple to use. It was written entirely in 386 Assembler (for speed) and makes full use of the 386's capabilities. It won't run on XT/PC/AT (8088/8086/80286) systems. SHAREWARE NOTICE: Fast Encrypt is SHAREWARE: This means that if you want to continue to use product, you are expected to support the author for all his time spent developing/writing/debugging the program. To register the program, simply print the file ORDER.FRM and send it in, or just write out the information by hand if you don't have a printer. Fast Encrypt is not "cripple-ware". There are no features disabled and the program will not "self-destruct" after a certain period of time. I ask that you register it after 14 days of use. This should be more than enough time to test it and see it's capabilities. Registration is only $15. Site licenses are also available; write for information. HOW TO USE IT The Key: ~~~ ~~~ When you first run Fast Encrypt you will be asked for a 16 character key. You then must enter 16 characters of your choice. You may use symbols or any other ASCII character, remember that it is CASE SENSITIVE. DO NOT FORGET YOUR KEY! You will not be able to unencrypt your file without the key. There are no "backdoors" or "magic-keys", so if you to forget your key I won't be able to help you. Examples of valid keys are: BarbersAre Neat! $#)'[p0p9ovm,d.a Anything will work, but remember you must type EXACTLY the same thing when you want to decrypt. That means: BarbersAre Neat! and Barbersare neat! are *NOT* the same Tips for key selection: ~~~~ ~~~ ~~~ ~~~~~~~~~ Use keys that are totally unrelated to anything (don't use phone numbers, Social Securtity number, etc). Include both upper AND lower case letters. You should also have at least one symbol in your key (!@#$%^&*)_=+-/.,;' and the like. Using weird characters increases the difficulty of a brute force cracking your key since more character combinations have to be tried instead of just the alphabet. The Substitution Boxes: ~~~ ~~~~~~~~~~~~ ~~~~~ After you type in your key, it will fill the substitution boxes. This may take several seconds (on slower 386s). Substitution is one of the main ways that Fast Encrypt encrypts your data (see below for a more technical explanation). After it fills the substitution boxes it will ask you if you want to save the substitution boxes to disk. Saving the substitution boxes to disk will allow you to encrypt/decrypt as much as you want with the same Key, without having to build the substitution boxes every time you run the program (it can save LOTS of time). HOWEVER - anyone that has access to the substitution boxes saved to your disk can decrypt your data. So never save the substitution box on a computer or diskette that somebody can get access to. Fast Encrypt will automatically find your saved substitution boxes and ask you if you want to use them. If you answer no you will be prompted to enter a new key. The substitution boxes are stored on disk in a file called: EXTERNAL.KEY Encrypt/Decrypt: ~~~~~~~~~~~~~~~ After the subsitution boxes have been created/loaded from disk, it will ask you if you want to Encrypt or Decrypt. Encrypt scrambles up your files; Decrypt unscrambles them. The Files: ~~~ ~~~~~ You must then enter two file names. The first one is the file that will be processed (encrypted or decrypted) the second file is where the output will be placed. Example: Encrypt or Decrypt E/D: e Enter the name of the file: WHATEVER.XXX Enter the name of the output file; it MUST be different than the input file: WHATEVER.CPT In the above example, WHATEVER.XXX is being encrypted, and the encrypted version of it is placed in WHATEVER.CPT. Any valid DOS names/extentions are valid. Use of paths is also OK, so C:\DOS\WHATEVER.XXX is allowed for either input or output. Encryption/Decryption: ~~~~~~~~~~~~~~~~~~~~~ After all of the above is entered, the data is encrypted or decrypted. This goes very quickly (except for really big files, of course). You may find that your encrypted files are slightly larger than the originals; they are never more than 16 bytes larger, so it shouldn't matter much. When the files are decrypted the files return to their original size (the reason why is discussed in the technical section at the end of the documentation). COMMAND LINE SUPPORT: ~~~~~~~~~~~~~~~~~~~~ If desired, Fast Encrypt can be run completely from the command line. The structure of the command line is very simple. The first thing entered on the command line is the Encrypt/Decrypt selector. This also indicates whether to process the files with a key on the command line, or to load EXTERNAL.KEY. If a capital letter ( 'E' or 'D' ) is entered, a key will be loaded from the command line. If a lower case letter ( 'e' or 'd' ) is entered, EXTERNAL.KEY will be used. The next information entered is the input file. This is the file that will be processed. After that is the output file. This is where the output will be put. If command line key was selected, then the key is the final thing entered on the command line. If MORE than 16 characters are entered, only the first 16 will be used. If LESS than 16 characters are entered then the unused spaces will be assigned a zero value. EXAMPLES: fe E whatever.in whatever.out HereIsMyKeyOK:-) Encrypts WHATEVER.IN and places the out put in WHATEVER.OUT Uses HereIsMyKeyOK:-) as the key. fe d myfile.in myfile.out Decrypt MYFILE.IN and places the decrypted copy in MYFILE.OUT, uses the external file EXTERNAL.KEY as the key. fe D c:\dos\command.com c:\whatever\it.out ThisIsTheBestKey? Decrypts c:\dos\command.com and places the unencrypted file in c:\whatever\it.out using ThisIsTheBestKey? as the key. CONTACTING THE AUTHOR: If you still have problems getting the program to work or have suggestions/comments, you may feel free to contact the author (even if you haven't registered yet). There are no known bugs in Fast Encrypt, but I'd be very greatfull if you would let me know if you do find one. E-Mail/U.S. Mail is the perfered method of contact, however phone service is provided for registered users. Be sure to include ALL necessary details in any mail sent to me. Fast Encrypt has been tested under DOS, OS/2 2.0, OS/2 2.1 (in fact, it was developed mostly under OS/2-DOS), OS/2 HPFS drives, and on several 386 and 486 systems running various DOS and OS/2 configurations. No problems were encountered. INTERNET: mharris@clovis.felton.ca.us U.S. Mail: Michael Harris 125 Blueberry Dr. Scotts Valley, CA 95066 TECHNICAL INFO: The Encryption Method: ~~~ ~~~~~~~~~~ ~~~~~~ The method that Fast Encrypt uses to encrypt data is basically a much improved version of DES. While there is nothing known to be wrong with the DES algorithm itself, many (including the author) feel that the key size that DES uses is too small to adequetly protect data. The key size that Fast Encrypt uses is 128 bits. (16 characters at 8 bits each make up the 128 bits). The total number of possible keys if some massive number with over 20 digits. I haven't taken the time to calculate it exactly. There are two methods that Fast Encrypt uses to encrypt: Substitution and Permutation. Substitution does what the name implies: it takes a group of bytes out and places a different group of bytes in its place. You can think of it like one of those puzzles where each letter has been switched with a different letter and you have to figure out what it says. This is essentially what Fast Encrypt is doing, but on a much larger scale. It is substituting 16 byte blocks (2^128 (2 to the 128th power) possible values) where in the puzzle example there are only 26 letters in the alphabet. Fast Encrypt goes through this substitution process 10 times, each time with a different substitution box. The substitution boxes are functionally dependant on the key. In between each substitution is a permutation. The permutations switch the order in which the bits occur. The combination of these makes it virtually impossible to break the encryption even with multiple arrays of the fastest supercomputers working for literally hundreds (if not thousands) of years. Of course, there is no practical encryption program that is 100% secure (Fast-Encrypt isn't 100% secure, and doesn't claim to be. No other methods can truthfully claim to be totally safe either, because they aren't). The only encryption method that can be mathmatically proven un-crackable is the "one-time-tape" method. However, this method requires that the key is longer than what is being encrypted and the key must contain totally random numbers and the key must never be repeated. For example, if you wanted to encrypt a 1 megabyte file, you would have to have a key that was greater than 1 megabyte in size. This makes it totally useless for daily use. Why files grow slightly when encrypted: ~~~ ~~~~~ ~~~~ ~~~~~~~~ ~~~~ ~~~~~~~~~ As stated above, Fast Encrypt works on blocks of 16 bytes. This means that it is impossible for it to encrypt a group of bytes that is smaller than 16 bytes. However, not all files in this world will divide evenly into 16 byte blocks. This means that Fast Encrypt must "fill in" the needed bytes before encrypting the last block. It also must save a byte that indicates how many bytes in the last block are "original" ones so that when it decrypts the file it can return it to the correct size. About the program: ~~~~~ ~~~ ~~~~~~~ Fast Encrypt was written entirely in 386 assembler. This was done because most good encryption programs are painfully slow. It makes full use of the 386's 32-bit processing abilities. In a lot of areas the programming was easier and the program ran much faster because of the larger registers. It was built with Borland(tm) Turbo Assembler Version 2.0 on a 386-40 with 8 megs of RAM running OS/2 version 2.1 (HPFS on one drive, FAT on the other one. Fast Encrypt runs fine on both drives). DISCLAIMER: Use of this software and/or documentation for any purpose whatsoever constitutes your unqualified acceptance of the following statements. No encryption program is totally secure. The author makes no warranty that this software will protect your data in any way whatsoever. The author makes no warranty that this software/documentation will be error free. The author disclaims any warranties, either express or implied, including but not limited to any implied warranty of merchantability or fitness for any particular purpose. The user agrees to take full responsibility for any selection of and any use whatsoever made of the software and documentation. In no event will the author be liable for any damages whatsoever (including without limitation damages for loss of business profits, business interruption, loss of business information or the like) arising out of the use, interruption in the use of, or inability to use this software, even if the author has been advised of any possibility or likelihood of such damages. END OF DOCUMENTATION Feb. 4, 1994