Beruflich Dokumente
Kultur Dokumente
INTRODUCTION
DLOCK is a Data LOCK program that uses the Diamond encryption algorithm. It
also tests the correct implementation of the Diamond and Diamond Lite
encryption algorithms in the enclosed library files.
I've studied too much cryptography to make a brash claim of security for any
algorithm, but my confidence level in Diamond and Diamond Lite is very high
because of the failure of anyone I've dared to break MPJ to do so for several
years. See the challenge section below.
LEGAL NOTICES
Documentation files, executable files, and source code files not marked
otherwise are Copyright (C) 1994 Michael Paul Johnson. All rights reserved.
There is NO WARRANTY expressed or implied for any of this. Diamond and
Diamond Lite are Trade Marks of Michael Paul Johnson. Other trade marks
mentioned herein belong to their owners and are mentioned for identification
purposes only.
SYSTEM REQUIREMENTS
To test Diamond and Diamond Lite against the validation data in DIAMOND.DAT:
DLOCK /T
To encrypt a file:
DLOCK /E [/S] infilename outfilename [/Ppass phrase | /Kkeyfile]
/E = Encrypt.
/P = Pass phrase follows on the command line. The pass phrase is case
sensitive, and every character counts. Embedded spaces are OK. /P, if used,
MUST be the lase command line parameter, since all characters after it are
considered to be part of the passphrase.
/K = Get the pass phrase from the file name provided. The passphrase in a
key file may include ANY binary data, up to 256 bytes.
Note that if /P or /K is not used, then DLOCK looks for the passphrase in the
environment variable DLOCK_KEY. If no passphrase is found there, then DLOCK
will prompt you to enter the passphrase at the keyboard. Spaces and other
special characters are allowed in the passphrase.
For example,
DLOCK /E MARCH.WK1 MARCH.ENC /PNone of YoUr BuSiness! Really!
encrypts MARCH.WK1 with the passphrase "None of YoUr BuSiness! Really!",
placing the results in MARCH.ENC. If you wish to get rid of the plain text
version, use another utility to overwrite and delete the original.
To decrypt a file:
DLOCK /D [/S] infilename outfilename [/Ppass phrase | /Kkeyfile]
Switches used here are the same as for encryption, except that the /D (for
Decrypt) replaces /E.
For example,
DLOCK /D MARCH.ENC MARCH.WK1 /PNone of YoUr BuSiness! Really!
decrypts the file encrypted above.
Command line switches are not case sensitive, and may start with - or /.
There should be a space or tab between adjacent switches. Except for /P,
which must be last, the switches may occur in any order (before, between, or
after the file names).
ADVANTAGES OF DLOCK
1. To the best of my knowledge, no one has broken Diamond (or its
predecessors, MPJ and MPJ2), yet. See the US$271.82 challenge, below.
5. It is free.
6. You are free to use the algorithms and/or code in this distribution to
incorporate encryption into your own applications, without payment of
royalties or delays.
7. Diamond and Diamond Lite, when incorporated into a system that weakens
the effective key length and resists modification by the user to the
satisfaction of the NSA, may be exportable. Contact the Department of State
and the NSA for details and additional requirements.
9. If you don't like the way DLOCK works and you can program in C or C++,
you can fix it to your liking.
12. Identical files, encrypted with identical keys, always yield identical
ciphertext. This is good for validating algorithms.
DISADVANTAGES OF DLOCK
4. The ciphertext reveals the size of the plain text (but not its contents).
DATA COMPRESSION
DLOCK doesn't compress data, but if you compress your data before encrypting
it (i.e. with PKZIP, ARJ, etc.), you will decrease the size of the ciphertext
and improve security. Attempted compression after encryption does neither.
RECOMPILING DLOCK
You don't really need to recompile DLOCK unless you want to modify it or port
it to another platform. I compiled DLOCK.EXE with Borland C++ 4.0, using the
commands in MAKDLOCK.BAT. This batch file also applies PKLITE compression,
but that is optional. I compiled the Unix version of DLOCK on a Netcom
interactive host machine with the command:
If you have PGP, you can check my detached signatures on the files in this
distribution with the file VALIDATE.BAT, which should look like:
If you don't have a copy of PGP, you can buy a copy from Viacrypt or get the
freeware version from numerous sites, including the Colorado Catacombs BBS
(303-938-9654) or ftp, see ftp:csn.org//mpj/README.MPJ.
OK, US$271.82 is not enough to pay for the time it would take to do serious
cryptanalysis of the Diamond Encryption Algorithm, but it is enough to prove
that data encrypted with DLOCK is secure against the average hacker. The
file CHALLENG.ENC was encrypted with DLOCK.EXE. If you are the first person
to (1) decrypt CHALLENGE.ENC and (2) follow the instructions in the decrypted
file to claim your prize before midnight UTC, 29 April 1997, then you will
get US$271.82 of my hard-earned money. To claim this prize, you must reveal
how you deciphered the ciphertext. You must also not break the law
(including any currently valid export laws) in the process of earning this
prize. If the ciphertext is not broken, I get to keep my money.
The plain text that CHALLENGE.ENC was encoded from is plain, uncompressed,
7-bit ASCII with both CR and LF at the ends of lines. It contains English
text, including instructions on how to claim the prize and contact the
author.
The US$271.82 challenge given above is probably unfair, unless I really goofed
badly in the implementation of DLOCK or the invention of the Diamond
Encryption Algorithm. On the other hand, if you find what you think is a
weakness or error in either DLOCK or Diamond (other than the disadvantages
listed above), please let me know. There is no cash reward for such
information, but I will use the information to help improve the encryption
programs that I write.
Check for the latest version of this program on the Colorado Catacombs BBS,
303-938-9654, or for ftp from csn.org//mpj or ftp.netcom.com//pub/mpj.
REGISTRATION