IDEA.COM - Simple Private Key File Encryption Software of DOS

** Description **

This software (which is written in assembler, so it's less than 3K 
long) is a DOS program which performs full 128 bit IDEA encryption 
on files.  An arbitrary length key (actually limited to about 32000 
bytes, but a couple of hundred should be enough for even the most 
paranoid) or pass-phrase is required for encryption and decryption, 
and this is hashed using the MD5 algorithm to create a 128 bit 
internal key.  IDEA is used in CFB (cipher-feedback) mode with 8 
byte blocks and a pseudo-random SV (starting value) is prepended 
to the encrypted file.  I have verified that both IDEA and MD5 are 
implemented as defined in the appropriate standards.  

This really is a *very high* level of security, and you can forget 
about anyone (outside of a few spook organizations) being able to 
decrypt your file, if they don't know the pass-phrase.  

You should be aware, of course, that it may be possible for an 
adversary to determine your original message via some other means, 
such as by un-deleting files.

Note also that this software does not violate the US export 
restrictions on encryption software.  The IDEA algorithm was 
developed in Switzerland.  The MD5 was developed in the US, but is 
a hash-code rather an encryption algorithm, and is therefore exempt.  
The software itself was written in Australia.  (I must add that 
IDEA, which is patented, may be used for *non-commercial* purposes 
only).  

Feel free to disassemble this software if you are paranoid that it 
might contain back-doors.  The small file size renders this quite 
practical.  

** Usage **

- Type the program as if it were a text file for version 
information. 

- Run it without any parameters for usage information.  

Usage is fairly obvious. eg:

C:\>type idea.com
IDEA V1.03 (C) 1995-99 The Grey Knight

C:\>idea
Usage: IDEA E|D <infile> <outfile>
        E = Encipher
        D = Decipher
Prompts for key

C:\>idea e plain.txt secret.id
Key : ############
Key : ############
100% Done

C:\>idea d secret.id plain.txt 
Key : ############
Key : ############

Output file already exists. Overwrite (Y/N) ? Y
100% Done   ** Notes **

- The program makes no assumptions regarding file names or 
extensions and it is up to you to choose meaningful names for your 
encrypted files.  I would recommend using a unique extension, such 
as .ID, for all encrypted files, but if you're really paranoid you 
can use something like .DLL and hide them in your windoze 
directory.  

- The program makes no assumptions about file contents either.  This 
means it can't tell you if it is trying to decrypt a file that was 
not encrypted, or was encrypted using a different key.  This is a 
security feature.  

- You will notice that it sets the file date to 0/0/80 for all 
encrypted files.  This is also a security feature - a snooper 
cannot tell old files from new ones.  

- It prompts for you to enter the key or pass-phrase twice in order 
to guard against typos.  This key may be greater than a single line 
in length and may contain any printable character, including spaces, 
tabs and extended ASCII.  It is case-sensitive.  

- Doesn't support long file names.

** Algorithms **

- The MD5 algorithm (officially known as the "RSA Data Security, Inc.
  MD5 Message-Digest Algorithm") is described in the document RFC1321.
  This algorithm was developed in 1992 by R.L.Rivest to provide a 16 byte
  fingerprint that is cryptographically infeasible to forge.
  The author is contactable at "rivest@theory.lcs.mit.edu"

- The IDEA algorithm was originally developed by Xuejia Lai and James L.
  Massey, of ETH Zurich.  
  " The IDEA(tm) block cipher is covered by patents held by ETH and
  a Swiss company called Ascom-Tech AG.  The Swiss patent number is
  PCT/CH91/00117, the European patent number is EP 0 482 154 B1, and
  the U.S. patent number is US005214703.  IDEA(tm) is a trademark of
  Ascom-Tech AG.  There is no license fee required for non-commercial
  use.  Commercial users may obtain licensing details from Dieter
  Profos, Ascom Tech AG, Solothurn Lab, Postfach 151, 4502 Solothurn,
  Switzerland, Tel +41 65 242885, Fax +41 65 235761. "

