			MINI-crypt v2.1

Mcrypt is a simple crypting program, a replacement for the old unix crypt(1). 
Previous versions of mcrypt do not relate to this in any way. This version
is completely different in all ways. It uses the symmetric algorithms:

DES: 
 The traditional DES algorithm designed by IBM and NSA. Uses 56 bit key 
 and 64 bit block size.
   Written 12 Dec 1986 by Phil Karn, KA9Q; large sections adapted from
 the 1977 public-domain program by Jim Gillogly
 Modified for additional speed - 6 December 1988 Phil Karn
 Modified for parameterized key schedules - Jan 1991 Phil Karn
 I extracted this from the modified version for linux by Chris Cappucio 
 (chris@g386bsd.first.gmd.de). 

3DES or Triple DES:
 DES but with multiple (triple) encryption. It encrypts the plaintext
 once, then decrypts it with the second key, and encrypts it again with
 the third key (outer cbc mode used for cbc). Those keys(56bit each) are expanded 
 from the given key.
 Much better than traditional DES since the key is now 56*3 bits,
 or in the worst case the size of the minimum key.
 Keys should be over 12 characters long (strongly recomended 24).

CAST:
 CAST was designed in Canada by Carlisle Adams and Stafford Tavares.
 The original algorithm used a 64bit key and block size. The algorithm
 here is CAST-128 which uses a 128bit key and 64bit block size.

SAFER:
 (Secure And Fast Encryption Routine) is a block cipher developed
 by Prof. J.L. Massey at the Swiss Federal Institute of Technology.
 There exist four versions of this algorithm, namely:
  SAFER K-64, SAFER K-128, SAFER SK-64 and SAFER SK-128. 
 The numerals 64 and 128 stand for the length of the user-selected
 key, 'K' stands for the original key schedule and 'SK' stands for the
 strengthened key schedule (in which some of the "weaknesses" of the
 original key schedule have been removed). In mcrypt only SAFER SK-64 and
 SAFER SK-128 are used.

UNIX crypt:
A one-rotor machine designed along the lines of Enigma but considerable
trivialized. Very easy to break for a skilled cryptanalist. I suggest not
to use it. The code used here is from a public domain version of crypt
called pdcrypt.

3-WAY:
 The 3way algorithm designed by Joan Daemen. It uses a 96bit size 
 key and block. This is the C specification of the algorithm found
 in ftp.funet.fi/pub/crypt/cryptography/symmetric.

BLOWFISH: 
 The Blowfish algorithm designed by Bruce Schneier. It is better and faster 
 than DES. It uses a (non-fixed) key up to 448 bits or 56 characters. This
 is the only algorithm that allows keys of different sizes below 448 bits (without
 being padded with zeros).
  This algorith is implemented according to the code in the designer's book 
 'Applied Cryptography'.
  (This is the default algorithm)

GOST:
 A former soviet union's algorithm. An acronym for "Gosudarstvennyi Standard" 
 or Government Standard. It uses a 256 bit key and a 64 bit block size.
   The S-boxes used here are described in the Applied Cryptography book
 by Bruce Schneier. They were used in an application for the Central Bank
 of the Russian Federation. 
 Some quotes from gost.c:
   The standard is written by A. Zabotin (project leader), G.P. Glazkov,
 and V.B. Isaeva.  It was accepted and introduced into use by the
 action of the State Standards Committee of the USSR on 2 June 89 as
 No. 1409.  It was to be reviewed in 1993, but whether anyone wishes
 to take on this obligation from the USSR is questionable.
   This code is based on the 25 Movember 1993 draft translation
 by Aleksandr Malchik, with Whitfield Diffie, of the Government
 Standard of the U.S.S.R. GOST 28149-89, "Cryptographic Transformation
 Algorithm", effective 1 July 1990.  (Whitfield.Diffie@eng.sun.com)
 Some details have been cleared up by the paper "Soviet Encryption
 Algorithm" by Josef Pieprzyk and Leonid Tombak of the University
 of Wollongong, New South Wales.  (josef/leo@cs.adfa.oz.au)
 

 When one of these algorithms is specified, The program prompts something like:
 (for DES) Enter key (8 chars): ...
 This is the number of characters that should be used as a key. If a string
 with less than 8 characters is given, it is padded with zeros. 
 If a string with more than 8 characters is given only the first 8 are read. 
   Only the blowfish algorithm (56 chars) allows keys that are less than 
 56 (448 bits) characters. 
   GOST, DES, 3DES, SAFER and 3-WAY require the key to be exactly the number of 
 their key bytes. If a key of less bytes is specified it is padded with zeros 
 (Do not even try, it would be better to leave it unencrypted).

* Warning: Keep in mind that the characters on your keyboard are 7bit only.
So by default this program will ignore the first bit(msb) of the characters
of your input (one problem with the 7bit mode is that some bits of the last character typed
may be ignored, but I don't think that this is too critical). Use the parameter --8bit or 
-8 to use 8bit input.

---
All the above algorithms support two modes of encryption:

ECB: 
 The Electronic CodeBook mode. It is the simplest mode to use with a 
 block cipher. It encrypts each block independently. (I do not recommend
 using it)

CBC:
 The Cipher Block Chaining mode. It is better than ECB since the plaintext
 is XOR'ed with the previous ciphertext. A random block is placed as the
 first block so the same block or messages always encrypts to something
 different. (This is the default mode)
---

For better results(safety of your data) compress the plaintext before 
 encryption.


					Nikos Mavroyanopoulos
						nmav@i-net.paiko.gr


Look at COPYING for license information and the individual files for more 
information. COPYING applies only for the mcrypt program and not the 
algorithms which most of them are public domain. I think that there are not 
any implementation errors, but I'm still checking it out. 
