M ASTER  S OFTWARE QUALITY SOFTWARE SINCE 1958 |
  |
PROTECT YOUR PRIVACY -- PROTECT YOUR SECURITY
with the strongest line of data file and message encryption software available. |
GK-Crypt Data Security Package Version 03 User Manual - March 12, 2024 1. GK-CRYPT GK-Crypt keeps your computer files secret and private. It keeps them secure against any snooping, industrial espionage, or intrusion via the Internet. Even if your computer or your data disks were stolen, and even if they had the GK-Crypt software on them, nobody could read your data. GK-Crypt is far stronger than any other commercial file encryption product in the world, and stronger than nearly all of the world's diplomatic and military encryption packages, whether software, microchip, electro-mechanical, or any combination. GK-Crypt is strong enough so that governments could use it for their most sensitive data. GK-Crypt could insure the privacy of your computer files even if an opponent had available all of the computing power in the entire world. And, your files will stay private for decades to come. Even if computers increased in power over the next 50 years by the same factor that they improved over the past 50 years, your files would still remain secure. The 128-bit encryption products now in use will become obsolete in 10 to 15 years. The 256-bit products that are designed to replace them will become obsolete in 20 to 30 years. But files encrypted with 640-bit GK-Crypt will still be secure even 50 years from now. GK-Crypt is easy to use. You can encrypt hundreds of files with a single command. You don't need to choose and remember any of the file keys. GK-Crypt will generate a secure 640-bit key for each file, and remember all the keys for you. GK-Crypt is also the safest privacy product you can buy. It is loaded with safety features to prevent loss of data and other problems that are common with lesser data security packages. You cannot decrypt a file with the wrong key, or encrypt a file that is already encrypted. TABLE OF CONTENTS 1. GK-CRYPT 1.1. GK-Crypt Version 03 1.2. GK-Crypt Version 02 1.3. What is encryption? 1.4. Who needs encryption? 2. USING GK-CRYPT 2.1. A GK-Crypt session 2.2. Sample session 2.3. Decrypting files 2.4. Setting shortcuts 2.5. Listing the encrypted files 3. FILES 3.1. Identifying files 3.2. File groups and wildcards 3.3. Defining shortcuts 3.4. Using shortcuts 3.5. Group overlap 4. KEYS 4.1. Key Do's and Don'ts 4.2. Letters, digits and punctuation 4.3. Key blocks 4.4. Pronounceable keys 4.5. Patterns 4.6. Secretaries and clerks 4.7. Key strength 4.8. Summary: Picking a key 5. INSTALLING GK-CRYPT 5.1. Copying the GK-Crypt files 5.2. Multiple copies of GK-Crypt 5.3. Installation 5.4. Practice 6. SAFETY FEATURES 6.1. Lost keys 6.2. Strong Master Key 6.3. Unauthorized users 6.4. Double encryption 6.5. Double copies 6.6. Partial encryption 6.7. Master and cache 6.8. Adding and renaming files 6.9. Backup and recovery 7. COMPARING ALGORITHMS 7.1. The GK-Crypt algorithm 7.2. AES Advanced Encryption Standard 7.3. RSA public key cryptography 7.4. Quantum cryptography 7.4.1. Photon cryptography 7.4.2. Quantum entanglement Appendix A. DOS BASICS A.1. Starting DOS A.2. Sizing the DOS window A.3. Directories A.4. Current directory A.5. Working with directories A.6. Identifying files A.7. Long names A.8. File operations A.9. Batch files 1.1. GK-Crypt Version 03 GK-Crypt Version 03 is easier and safer to use than Version 02. (1) You no longer need to remember which files are encrypted, or to type the names of the files you want to decrypt. GK-Crypt 03 displays the list of files, and you just point to the ones you want to decrypt. (2) You can create shortcuts to reduce the task of typing long file names. For example, you could let bridge represent \DrawMaster\architecture\NJparkproject\bridge.jpg (3) The methods for choosing random file keys have been improved. (4) Only one copy of GK-Crypt is needed. It may be run from anywhere on your computer. (5) Every file is identified with its full path. This prevents problems when there are files with the same name in two or more different directories. 1.2. GK-Crypt Version 02 GK-Crypt Version 02 offers several improvements over the original Version 01. (1) The encryption has been made even stronger, with no significant loss of speed. (2) The operation is now fully automatic. There are no options to choose. You get the highest level of security for every file. (3) You can now change the Master Key without needing to decrypt and re-encrypt any files. (4) The new version automatically detects files encrypted with the old version and converts them to use the new, stronger, encryption. (5) After a file has been encrypted, the old copy is now shredded 3 times. 1.3. What is encryption? Encryption is the process that keeps your data secure. The GK-Crypt program takes your data file and transforms it into a form that nobody can read without the key. The encrypted file looks perfectly random and totally meaningless. Even the most sensitive and sophisticated statistical tests cannot detect any difference between your encrypted file and a pure random file. The reverse process, which is called decryption, takes the garbled, unreadable data file and transforms it back into the original data. The decryption process requires full knowledge of the key in order to reconstruct the original data. Only you, and anyone to whom you give the key, can retrieve and read the data file. For an unauthorized person who does not have the key there is no possibility whatsoever of reversing the process and reading your file. You can think of encryption and decryption as locking and unlocking your data files. The key is just like the combination for a safe or vault. Without the combination the vault cannot be opened. Without the key your data file cannot be read. But, unlike a safe or vault, there is no other way in. The snooper cannot cut through the walls or manipulate the tumblers with magnets. The key is the only way in. 1.4. Who needs encryption? You need encryption whenever you have both of the following conditions: (1) You have data that you need to keep private or confidential, and (2) Someone has access, or could possibly have access to your computer, or to any external media where your data is stored, or to any channel over which you transmit your data. Here are some kinds of data that you might want to keep secure. Private individuals Bank account numbers Health information Book or play manuscripts Inventions Brokerage account numbers Journals or diaries Computer passwords Photos, movies or videos Credit card numbers Private letters and emails Downloaded files Spreadsheets Financial records Companies Ad campaign plans Merger plans Claims data Orders Client records Organization charts Commissions Patient records Compliance data Product specifications Contract terms Recipes Credit histories Real estate plans Customer accounts Research findings Expansion plans Revenue projections Employee health data Salaries Interfaces Sales records Inventory Settlement records Letters and memos Supplier data Mailing lists Tax information Marketing plans Yields Military Armaments Resupply schedules Attack plans Ship movements Contracts Supply levels Defense plans Targets Emplacements Trajectories Munitions depot Troop movements Radar frequencies Troop strength Radar locations Unit readiness Research reports Weapons capabilities For some types of data, you may have a legal obligation to safeguard its privacy. For example, the Gram-Leach-Bliley Act (GLBA) which Congress passed in November 1999 requires that companies protect the security and confidentiality of their customers' private information. Financial institutions and other businesses must assure that their customers' data is kept private and confidential. Similarly, since April 2005, nearly all healthcare institutions need to comply with the security requirements of the Health Insurance Portability and Accountability Act (HIPAA). If you take your legal obligations seriously, then you should use the strongest encryption product available, the GK-Crypt package. Your data could be vulnerable because clients, or unauthorized employees, may be able to enter an area where your computer is located, or where another computer or terminal on the same local network is located. Sometimes a careless employee or family member may leave a computer unattended where someone might use it to find sensitive files. Sometimes a disgruntled employee, or even an angry family member, may copy data files in order to harm you or your company, or to sell the data for profit. The employee could make a disk or print out a file and take it home. An employee who works from home, or someone else in that household, may be able to dial into your computer and obtain access to sensitive files. Access to your data might be gained while your computer is connected to the Internet by using spyware or a computer virus. Files transmitted on the Internet are not secure at all. It is also possible that your computer or data disks or tapes will be stolen, or obtained from the trash. A thief who breaks into a safe looking for valuables may take backup disks containing your sensitive data and later discover what they contain. 2. USING GK-CRYPT Each time you use GK-Crypt is called a session. During each session you can encrypt files (lock them to make them secure), decrypt files (unlock them to use them), or get a list of the encrypted files. You may encrypt or decrypt as many files as you like during each session. You can even encrypt and decrypt the same files in a session, should you wish. You start each session by typing the GK command. This starts the GK-Crypt program. You start a session by typing GK and pressing Enter. After GK-Crypt is started it will tell you exactly what to do at every step. Everything is clearly explained as you go. (But you should still read this manual and the Installation Guide before you begin.) 2.1. A GK-Crypt session The first thing GK-Crypt will need is your Master Key. This is the key that opens the Master File which is required to run the GK-Crypt Data Security Package. It is absolutely essential that you choose a very strong Master Key. If the Master Key is weak, or only moderately strong, then your security will be compromised. Using an ultra-strong encryption algorithm like GK-Crypt and then choosing a short or weak key is like building a bank vault from the strongest thickest steel available, and then locking it with a flimsy padlock. Several sections of this manual will be devoted to choosing keys that are both strong and easy to remember. 2.2. Sample session Before getting into the full details of a session, let's take a quick look at a sample session. You start GK-Crypt by typing the command GK The first thing GK-Crypt needs is your Master Key. GK-Crypt will prompt you to enter the Master Key by displaying Please enter the Master Key Key: You type your Master Key exactly the way you entered it when you installed GK-Crypt, for example, Key: KXWVT 39463 HMCTU 90413 GSVIF 85721 Remember that the Master Key is case-sensitive, so KXWVT and kxwvt are different keys. If the Master Key is correct, the session can begin. GK-Crypt will next need to know which files you want to encrypt (lock) or decrypt (unlock). It will first ask what operation you want to perform, like this, Options: E - Encrypt a file. Make it unreadable to protect it. D - Decrypt a file. Make it readable to use it. S - Create shortcuts. L - List the encrypted files. M - Change your Master Key. Q - Quit. Type your choice (E, D, S, L, M or Q): You may encrypt and decrypt as many files as you wish during a session. After each operation you will be returned to this menu until you type Q to quit. Suppose that you want to encrypt a file. You type E to select encryption. GK-Crypt will then need to know the name of the file, or the group of files that you want to encrypt. It will prompt you for the name, Enter the name of the file group to be encrypted, or type Q to quit. File group name: Suppose that you want to encrypt the group of files in the directory patent that start with the name motor. You would respond by typing \patent\motor*, like this File group name: \patent\motor* GK-Crypt will ask you to verify your choice, so that you don't accidentally encrypt the wrong group of files. It will ask Is (\patent\motor*) the correct file group? (Y or N): You would type Y to indicate that it is correct. GK-Crypt will then generate a strong encryption key for each of the files, encrypt each file with its key, and record the keys so that the files can be decrypted when you need them. This sample should give you a good sense of how a GK-Crypt session will proceed. At every step GK-Crypt will instruct you on what information you need to enter. Now let's look at some of these items in detail. 2.3. Decrypting files Decrypting (unlocking) files is very easy in GK-Crypt Version 03. You no longer need to remember which files are encrypted, and you no longer need to type the file names. When you select D on the main menu to decrypt files, you will be shown a list of the encrypted files, like this C:\MEDICAL\CHART\ADAMS.XML > C:\MEDICAL\CHART\SMITH.XML C:\MEDICAL\CHART\WILSON.XML Use arrows to move cursor, D to decrypt file, Q to quit: '); You can use the up arrow, down arrow, PgUp and PgDown keys on the numeric keypad to move the > cursor to the file you want to decrypt. When the cursor is pointing at the right file, press D to decrypt the file. 2.4. Setting shortcuts Press S on the main menu to define or change a shortcut. You will see Shortcut name: Type in the name you want to call the shortcut. If you type the name of an existing shortcut, then you can edit that shortcut, change its name, change its text, or delete the name to delete the shortcut. 2.5. Listing the encrypted files Press L on the main GK-Crypt menu to get a list of all of the encrypted files. The list will be written to the file GKCRYPT.LST. You can use this list, for example, to check whether all of the files that you want to keep private have been encrypted. You could keep a separate file containing the complete list, and compare GKCRYPT.LST to this file using the Comp utility. The Comp utility is a handy and inexpensive tool available from Master Software Corporation (www.mastersoftware.biz). 3. FILES In order to use GK-Crypt you will need to tell it which files to protect. On your computer the files are organized into directories or folders. Directories and folders are two names for the same thing. When you are in Windows, the computer will show you lists of files organized as folders. When you are in DOS, the computer will show you lists of those same files in directories. Directories and folders are equivalent. You need to identify which files contain your private data. These are the files that you need to encrypt. Often these files will be in directories that are named for the program that created them. For example, if you create drawings using a program called EZ-Draw, then the drawings are likely to be in a directory with a name such as \EZ-DRAW\ or \PROGRAMS\EZ-DRAW\ or in a subdirectory of these directories, say \EZ-DRAW\PORTRAIT\ It is generally safe, but not necessary, to encrypt the application program and the files that it uses along with the files you created. For example, it is safe to encrypt word processors, spreadsheet programs, or graphics programs. Of course you must decrypt them before you try to use them. This may take some time, but it may be easier for you to encrypt the entire directory, along with all of its subdirectories, than for you to try to identify all of your data files individually. WARNING!! You must never encrypt a system file. You must never encrypt any file that is part of the operating system on your computer, such as Windows, Unix or Linux. If you encrypt a system file, your computer will be unable to use that file, and therefore may not be able to function correctly. If you simply went ahead and encrypted every file, your computer would stop running, and you would not be able to restart or reboot it, so you would not be able to fix the problem. Similarly, if you encrypted any of the GK-Crypt files, such as GK.EXE, GKMASTER.1, or GKCACHE.1, then you would not be able to use the GK-Crypt package to decrypt them, so all of your encrypted files would be permanently lost. You should always give your data files and folders names that clearly identify what they contain. That way, you will know which files are yours, and which files you want to protect. You can find all of the files on your computer by clicking the "My Computer" icon on the Windows desktop. Equivalently, you can find all of your files by using the DIR command in DOS. 3.1. Identifying files Each time you encrypt files you must identify those files to GK-Crypt. GK-Crypt will prompt you for the file identifier at the appropriate time. You identify files to GK-Crypt the same way that you identify files to DOS, namely by specifying the drive, path, filename and extension. (If you already know DOS, you can skip or just skim this section.) drive is the device where your file is stored, usually C for your hard drive, A or B for a floppy drive, and D or E for a CDROM drive. path is the directory on your drive where the file is located. filename is the name that you gave your file. The name usually indicates the contents or purpose of the file. extension is a suffix that indicates the kind of file, such as TXT for a text file, JPEG for a picture file, EXE for an executable file, etc. A full file identifier might look like this, c:\company\mydepartment\2005\sales.wp In this example, c: identifies that your file is on the C drive, which is your hard drive. \company\mydepartment\2005\ is the path to your data. It shows that the data file is located in the 2005 folder, which is inside the mydepartment folder, in the company folder. So the path consists of nested folders, or a list of directories. sales.wp is the file with the data. The filename is sales, and the extension is wp, which indicates that it is a WordPerfect document. In a file identifier all of the fields except the filename are optional. drive can be omitted if the file is on the current drive, that is, the drive where you are now working. path can be omitted if the file is on the current directory of the drive. extension can be omitted if the file does not have an extension on its name. For example, if the file is just named oldstuff then no extension is needed. Here are some examples of valid file identifiers: a:budget identifies the file budget in the current directory of the A drive. \jones\commissions identifies the file commissions in the \jones directory on the current drive. late\requests.txt identifies the file requests.txt in the late subdirectory of the current directory. 3.2. File groups and wildcards GK-Crypt allows you to encrypt or decrypt groups of files with a single command. There are two ways to do this. The first method is to use wildcards when you give the filename or the extension. Instead of giving the entire filename or extension, you give the first few characters, and then type * asterisk. The file operation will be applied to all files whose names or extensions begin with the letters you gave. Here are some examples. TAX* specifies any file in the current directory whose name begins with TAX. For instance this would include TAX, TAXES and TAX2005 but not TAXES.WP. T\*.DOC specifies any file in the T subdirectory of the current directory, whose extension is DOC. For instance this would include T\SALES.DOC and T\INVEST.DOC. \A\PR*.S* specifies any file in the A directory of the current drive whose filename starts with PR and whose extension starts with S. For instance this would include \A\PROFIT.S and \A\PRICE.SET. The second method for specifying a group of files is to give the path with no filename or extension. In this case, the file operation will be applied to all of the files in the current directory, and all of its subdirectories. For example \MENU\ specifies all of the files in the MENU directory of the current drive, and all of its subdirectories. For instance it would include \MENU\TODAY.TXT, \MENU\BEEF\RECIPES and \MENU\LAYOUT\PIX\SALAD.JPG. Any time you are prompted to give a file group you may give either a single file, a set of files using wildcards, or a directory. 3.3. Defining shortcuts Some of the files you wish to keep private may be in deeply nested directories, such as \programs\artshop\drawings\plato\cover.jpg \programs\artshop\drawings\plato\cave.jpg \programs\artshop\drawings\plato\teacher.jpg It would be tedious to continually type these long names when you encrypt these files, especially if you do this often. Starting with GK-Crypt Version 03 you can define shortcuts to make this task easier. To define a shortcut you choose S on the GK-Crypt main menu. You will then see Enter the name of the shortcut. The name may be 1 to 12 letters and digits, for example Plan10X Type = to show the list of shortcuts, or type Q to quit. Shortcut name: Type a suitable short name for your shortcut, for example plato. You will then be prompted to enter the text of the shortcut. This text can be all or part of the directory path and/or the file name. You will see Enter the text of the shortcut or type Q to quit. The text may be any portion of a directory path or file name such as \MyStuff\drawings\bridge.jpg Shortcut text: You then type the text of the shortcut. The shortcut will stand for whatever text you enter. In this case, suitable text might be \programs\artshop\drawings\plato since this occurs in all three of the file names. 3.4. Using shortcuts To use a shortcut when you are telling GK-Crypt which file to encrypt, you type an equal sign = and then the name of the shortcut, plus the rest of the file group name. For example, you could enter the file name as =plato\cover.jpg like this File group name: =plato\cover.jpg This would cause the file \programs\artshop\drawings\plato\cover.jpg to be encrypted. If the name of the shortcut is not followed by a delimiter, such as . or \ then leave a blank after the shortcut name. The blank will be removed when the shortcut name is replaced by the shortcut text. For example, if dime were a shortcut for \coins\catalog\dimes\ then File group name: dime 1952 would cause \coins\catalog\dimes\1952 to be encrypted. You can use more than one shortcut in a file group name, and you can use one shortcut in another shortcut. For example, suppose that you want to encrypt the files \programs\artshop\drawings\plato\cover.jpg \programs\artshop\drawings\plato\cave.jpg \programs\artshop\drawings\plato\teacher.jpg \programs\artshop\drawings\odyssey\siren.jpg \programs\artshop\drawings\odyssey\hydra.jpg \programs\artshop\drawings\odyssey\cyclops.jpg You could define a shortcut draw to represent \programs\artshop\drawings and then you could define two more shortcuts plato and homer using the draw shortcut. plato as =draw\plato homer as =draw\odyssey If you now wanted to encrypt the file \programs\artshop\drawings\odyssey\cyclops.jpg you could simply enter the name as =homer\cyclops.jpg like this File group name: =homer\cyclops.jpg and the correct file would be encrypted. 3.5. Group overlap It would be dangerous to encrypt two groups of files that could potentially overlap. For example, if you were to encrypt the group TOP*.D* and then encrypt the group TO*.DOC the file TOPIC.DOC would get encrypted twice. If you then decrypted those two groups in the same order, the file TOPIC.DOC would get hopelessly garbled. It could never be recovered, because the keys would no longer be in the cache. To prevent this sort of catastrophe, GK-Crypt detects possible overlaps of file groups, and prevents you from encrypting such overlapping groups. This is one of the many safety features built into GK-Crypt. 4. KEYS Choosing the keys for encrypting your files is one of the most critical steps in using the GK-Crypt package. If you choose a short or weak key, it may be easy to remember and easy to type each time you need it, but your data will not be secure. It is a serious mistake to think that you can use a weak key simply because you are using such a strong encryption package. A strong safe with a weak lock is not secure. If you choose a long strong key your data will be more secure, but it will be harder for you to remember it and to type it accurately each time it is needed. This chapter will describe techniques for choosing keys that are both secure and easy to remember and to type accurately. 4.1. Key Do's and Don'ts Many people try to take shortcuts in order to have keys that are easy for them to remember. You need to assume that any opponent will also be aware of the same shortcuts. Here are some simple rules that can help prevent a costly error. When you choose a key, do not base the key on your personal information. Assume that your opponent knows all of your personal data. DO NOT base your key on Your birthday Your telephone number Your Social Security number Your license plate number Your spouse's, child's, parent's, sibling's or even your pet's name, birthday, phone number, etc. DO NOT base your key on commonplace phrases Nursery rhymes Song titles or lyrics Folk sayings Names of famous people, groups, places or events Names of books, plays or TV shows Punchlines from jokes Well-known dates Tongue twisters Words or phrases in other languages DO NOT use data widely known within your specialized field Digits of pi or e Names of bones, nerves, or organs Names of stars, minerals, geological features, bacteria, ancient cultures, alloys, proteins, theorems, etc. Mnemonics Names of people, schools, companies, places, etc. The speed of light, Avogadro's number, the Golden Ratio, etc. DO NOT choose sequences of consecutive letters from the alphabet or from the keyboard, whether forwards, backwards or diagonally. DO NOT use the keys that appear in this manual. Always assume that your opponent has read it, too. DO use a long key. DO try to make your key as random as possible. DO read this entire chapter on picking keys. DO evaluate the strength of your key according to the principles in the following sections. DO make your Master Key extra long and strong. 4.2. Letters, digits and punctuation If there are several people who need access to the data, and who are trusted with the keys, then the problem of recording or memorizing the keys becomes multiplied. Some people have the capacity to memorize long strings of random-looking letters and/or digits, but most people cannot do this. The safest course is to write down your key, and keep it in a secure place, such as a locked safe. Other techniques will be discussed in a later section. It is advisable to have several copies, in case one copy gets lost, stolen or destroyed. The strength of an encryption key is measured in bits, the binary digits that are used by your computer's hardware. Here is a rough guide to how many bits you get from each character in an encryption key when the characters are chosen randomly. Table 1. Strength of each character in a key. Decimal digits = 3.3 bits Single case letters = 4.7 bits Mixed case letters = 5.7 bits Mixed letters and digits = 5.9 bits Mixed letters, digits and punctuation = 6.3 bits Based on this chart, here is the strength of some sample 10-character keys Table 2. Strength of 10-character blocks. 5835701483 = 33 bits Decimal digits CIWMRPTNZX = 47 bits Upper case letters tyuhbivxks = 47 bits Lower case letters DmbHaqREkV = 57 bits Mixed case letters ku8Je94Lg7 = 59 bits Mixed letters and digits g"p5WZc4%F = 63 bits Mixed letters, digits, punctuation As you can see, the strength of the key increases when you choose randomly from a larger set of characters. However, the difficulty of memorizing the keys and typing them accurately becomes much greater as the keys get more random. Note that all of the keys illustrated above are too short to be considered secure. 4.3. Key blocks There are several methods for producing keys that are secure, yet easier for people to manage. The first technique is to break your keys into blocks. It has been a common practice for many years to break coded messages into blocks of 5 characters each so that they can be transcribed more accurately. The same idea works for keys, too. Notice how the key CNWIALVMXBTEPOSBXRNH becomes much easier to read when it is broken into groups of 5 letters CNWIA LVMXB TEPOS BXRNH For longer keys it may be advisable to use additional punctuation to organize the blocks into groups of blocks. For example, 48591-04528-16392, 35207-31654-74925, 09482-71653-42570 GBXTL=PRBUI=LVZEW..BXGMN=LUIQT=SPFAE..VZJOQ=HUKBW=OZCND The second technique is to use groups that have the same structure. Here are some examples, and the strength of each key block 91486 61872 94373 16 bits per block 5 digits T3708 D6204 F5193 18 bits per block 1 letter, 4 digits GS437 BR092 LX528 19 bits per block 2 letters, 3 digits UHM15 XTN63 MYA74 21 bits per block 3 letters, 2 digits QRILC PJRMS OVDZK 23 bits per block 5 letters The strength remains the same when the letters are placed in different positions. For example, all of the following keys have the same strength, namely 2 letters and 3 digits GS437 BR092 LX528 Letters at the start of each block 943KP 471GQ 205YL Letters at the end of each block V107J X219C F738L Letters at both ends of each block 6WF52 9TU48 7JN13 Letters in the middle of each block One advantage of using key blocks that always have the same structure is that there is no confusion between letters and digits. Some letters and digits that may get confused are Letters B G I l O S T Z Digits 8 6 1 1 0 5 7 2 Its position in the block tells you whether the character is a letter or a digit, so there is no need to avoid these characters when you use blocks with a fixed structure. Another variation on this idea is to make each key block uniform, but to vary the types of blocks randomly. Here are two 30-character keys with uniform blocks. Each block consists of all digits, or all uppercase letters, or all lowercase letters. KNUHW 50258 fewrz 39274 gyakf obqnk doztc 81463 69917 AGNDL rdefo PUIZH 4.4. Pronounceable keys Another technique that can be used to produce keys which are secure, yet easy to remember, is to make the keys pronounceable. That is, you would use pronounceable combinations of vowels and consonants to form syllables, and combine these syllables to form artificial words. This method may be valuable in situations where it is unsafe to write down the keys, and they must be memorized. Here are some examples. shambu dilp prelec oltu domex sarbuti shum obior Yotz doruc flean jadmek pra kerazi, Lagatu limbrazon. You can burn the key into your memory by starting with just a few artificial words, say DOZEK ULM HAPLICO, and repeat these to yourself for a day or two. Then add another few words, say DOZEK ULM HAPLICO GRUX ANTIAM, and repeat those in your head for a few more days. You can add some more words the following day. dozek ulm haplico grux antiam ludovesk gur amesqi You can complete the process by adding capitalization and punctuation, like Dozek ulm Haplico "Grux Antiam" ludo-vesk gur a'mesqi. Using mixed-case letters and punctuation increases the strength of your key. You can imagine the key to be a saying in some private language, and make up a translation, in order to fix it more firmly in your mind. For example, Wise king Haplico "Lion of Antioch" out-witted a sorcerer. In a pronounceable key each letter has a strength of about 3.3 bits if the words are fairly uniform in length, and about 3.5 bits if the words are more variable in length. For example, the first key below is fairly uniform in length, while the second is more variable. panek dilbap greho drung fasdop ulben bukty crivan lobykar elb dixiat glem urbiqeo dhorsh uz vilagump 4.5. Patterns When choosing a key, avoid creating any patterns, such as repeated letters or syllables. Patterns weaken the keys by making them easier to guess. Here are some examples of keys with patterns. BBXXTT KKUUVV WWYYCC The letters are all in pairs. aaa3gg5yyyy9ccc7uu2 There are runs of equal letters. 10704 20906 50803 The second and fourth digit in each group is zero. 51615 38183 29092 Each group has an ABCBA pattern. zampana reveske flogoto The vowels in each group are all the same. tuntam memescu saksoli The first and second syllable start with the same letter. debendik devogi delakt Every group starts with de. ABC ghi LMN def XYZ Each group has 3 consecutive letters of the alphabet. 500XD 711TJ 822GN The second and third digits in each group are the same. 31734 23839 30376 Every group has two 3's. dobaku levoti wafigo Consonants and vowels alternate. vgy7 2wdc zse4 7ujm Has diagonal runs on the keyboard. KAZ VEK CIF ZOP HUQ The vowels run in order AEIOU. Once you have chosen a key, inspect it for patterns, and change it to remove them. If your key is a long string of letters or digits, look to see if there are any letters or digits that are used too often, or that are missing. You may want to make some changes. However, don't overdo it. If you use every letter or every digit exactly the same number of times, or if all the letters and digits in each block of your keys are always different, those are also patterns which weaken the key. 4.6. Secretaries and clerks Sometimes lower-echelon employees will not safeguard file keys as zealously as other workers. It is common for these employees to write down keys in places that are easily accessible, such as on the computer itself, on their desk pads or wall calendars, or on slips of paper on a bulletin board. Anybody could see the keys and write them down. It is absurd for the company president to keep the Master Key in a locked box inside a walk-in vault, and for the secretary's assistant to write the Master Key on a gummed label on the wall next to the computer. The employee might assume that nobody will ever guess that those cryptic letters and digits are actually the Master Key that unlocks all of the company's secret files. The employee might assume incorrectly. If these employees must be trusted with the keys then it is essential that they be educated to avoid such security breaches. Keys should never be written or pasted on the computer itself, the computer desk, a desk pad or calendar, the cover of a notebook or steno pad, the bottom of a stapler, telephone or flowerpot, the back of a clipboard, letter tray or desk organizer, or any similar place. Intruders know to look in such places. Don't make their job easy. 4.7. Key strength The following table is a guide to how long a key must be in order to achieve various levels of security. For example, if you want a key strength of 200 bits, and you use a decimal key, then you need 60 digits. With the speed of current computers 100 bits is the lowest level of security that can be considered safe. The table assumes that the letters or digits of the key are chosen completely randomly. If the letters or digits follow some pattern then your key needs to be longer. For example, a key such as TC174 JF296 BH583 KD629 would be measured as 8 single-case letters and 12 digits, for a total strength of 77 bits. Because of the LLDDD pattern it would not be considered to be 20 mixed letters and digits, which would have a strength of 118 bits. Table 3. For each type of key, this table shows how long to make the key in order to achieve the desired strength. Desired key strength measured in bits Type of key 100 125 150 200 250 300 400 --------------------------------------------------------------- Decimal digits 30 38 45 60 75 90 120 Single-case letters 21 27 32 43 53 64 85 Mixed-case letters 18 22 26 35 44 53 70 S-C letters + digits 19 24 29 39 48 58 77 M-C letters + digits 17 21 25 34 42 50 67 Letters, digits, punc 16 20 24 32 40 47 63 Uniform blocks 22 27 33 44 55 66 88 Pronounceable, uniform 30 38 45 60 75 90 120 Pronounceable, variable 29 36 43 57 71 86 114 For example, if you wanted a decimal key you would read across the top row of this table. If you wanted the decimal key to have a strength of 125 bits, you would look at the second column in the top row to find that you would need 38 decimal digits. If you wanted a key of mixed-case letters and digits with a strength of 250 bits, you would need 42 letters and digits. Note that the longest input line you can enter is 126 characters. (This is a limitation of DOS, not a limit set by GK-Crypt.) So if you wanted 400 bits of strength, and you chose to have a decimal key which requires 120 digits, then you would have only 6 characters left to separate the blocks. Your blocks would need to average over 17 characters each. (A pattern of 17, 17, 17, 17, 17, 17, 18 would fit.) 4.8. Summary: Picking a key The best way to pick a key is to follow these steps. (1) Decide how strong you want your key to be, say 200 bits. (2) Choose the type of key, say blocks of letters and digits. (3) Use the tables above to determine the key length. (4) Randomly choose a key of the required length. (5) Inspect the key for patterns. (6) Adjust the key to remove or reduce the patterns. (7) If you will need the key again, write down the key and keep a copy in a secure place. (8) Type the key when GK-Crypt asks for it. 5. INSTALLING GK-CRYPT The key to using GK-Crypt effectively is planning. Before you install GK-Crypt on your computer, you should determine which files you need to protect. The list of sensitive data in the first chapter can provide a starting point. 5.1. Copying the GK-Crypt files The first step in installing GK-Crypt is to copy the GK-Crypt files from the distribution disk onto your computer's hard disk. Suppose that you have inserted the distribution disk into the d drive on your computer, and that you want to install GK-Crypt in a directory called GK on your c drive. You would copy the files by issuing the command copy d:* c:\gk\ This is a good way to get started. After you have been using GK-Crypt for a while, you may wish to install additional copies on your computer so that you have less typing of file names. 5.2. Multiple copies of GK-Crypt Earlier versions of GK-Crypt suggested that users could install multiple copies of GK-Crypt on their computers. These copies would be placed in the same directories that contained the data to be encrypted. This would save typing of long data paths. However, it also created the potential for errors, since the same file could get encrypted using two different copies of GK-Crypt. The error would not be detected because each copy of GK-Crypt would have its own cache file. GK-Crypt Version 03 has been redesigned to eliminate this problem. You should have only one copy of GK-Crypt on your computer. This copy will have one cache that will keep track of all the encrypted files on your computer, and prevent such errors as encrypting the same file twice, or decrypting a file with the wrong key. This is not only safer, but it saves the extra disk space needed for multiple copies. To access GK-Crypt from other directories you create a batch file named gk.bat. Suppose that you have placed the GK-Crypt program into the \myprogs\security\gkcrypt directory. Then the gk.bat file should contain the single line \myprogs\security\gkcrypt\gk.exe You would place a copy of gk.bat in each directory where you normally work with sensitive files that you may wish to encrypt. 5.3. Installation The first time you run GK-Crypt the program will install itself. You run GK-Crypt by typing the command GK and pressing Enter. During the installation you will choose your Master Key. You need to choose the Master Key carefully so that you do not forget it. We suggest that you read the chapter on choosing keys before you start the installation. The first thing GK-Crypt will need is the installation password. You will find this password enclosed with the GK-Crypt installation disk, unless you have made specific arrangements to have it mailed separately. The password is not case-sensitive. You can type it in either upper or lower case. The installation password is not related to any encryption key used by GK-Crypt. Knowledge of the installation password will not enable, or even help, anyone to read your data files. After you have entered the password, you will be asked to accept the GK-Crypt Software License. GK-Crypt can be used only under the terms of the Software License. The next installation step is to enter your Master Key. It is essential that you choose a long and strong Master Key. The types of passwords that are used for logging onto websites are not nearly strong enough to provide any real data security. See the Keys chapter of this manual to learn how to choose a suitable Master Key. Be certain that you write down your Master Key and keep several copies in secure places, such as locked in a safe, and off-site in a bank safe deposit box. However, just to get started, you could use a simple key at first, and change to a more secure Master Key later. Some people find it easier to build up a secure key by adding one element at a time. Maybe they start with their childhood pet's name, say Fido. The next time they run GK-Crypt they add another layer, say #Fido#. After a few more runs they add a prefix, maybe zIx-#Fido#. When they have that securely committed to memory, they add another bit, perhaps zIx-#Fido#-Q?4. When they reach 5 or 6 such elements, they will have a secure Master Key. Just remember that each time you change the Master Key you need to replace the copies you have made. After setting the Master Key, and verifying that you have typed it correctly, GK-Crypt will start your first session. The only key that you must remember is the Master Key. All other keys are generated and recorded for you by GK-Crypt. 5.4. Practice Before you use GK-Crypt on valuable data, it's a good idea to make some practice runs. Create a few small temporary files and encrypt them. Take a look at the encrypted files. Then decrypt the files and look at them again. Verify that the files are back to their original contents. It looks miraculous. The encrypted files are complete chaos, total gibberish. Not even the most sophisticated statistical tests can distinguish them from true random data. But GK-Crypt restores them to their original form. Try encrypting a group of files starting with the same letters, such as GKTEST1, GKTEST2 and GKTEST3. Encrypt and decrypt the group as GKTEST*. Try creating a directory and a subdirectory, such as \GKSAMPLE and \GKSAMPLE\SUB. Put some test files in both directories. Then encrypt and decrypt the whole group of files as \GKSAMPLE\. You might also want to try a few mistakes, just to see what happens. Try typing your Master Key incorrectly. Try encrypting a file that does not exist. Try encrypting a file that is already encrypted. You will see that GK-Crypt protects you against these types of errors. Once you have gotten the hang of it, you are ready to try encrypting some real files. For your own peace of mind, you should back up the files first. After you have been using GK-Crypt for a while, and you have gained confidence in your ability to use it correctly, you may want to take all of your old backups, the ones where the data files are not encrypted, and destroy them. Don't just toss them away. Cut the tapes into shreds. Chop the disks into shards. Don't discard all of the bits in the same place. From this point on, all of your backups will contain your sensitive files only in encrypted form, along with the corresponding GK-Crypt Master File and cache. 6. SAFETY FEATURES The GK-Crypt data security package is designed with safeguards against all of the common problems that plague other data encryption programs. It is therefore the safest, as well as the strongest, data encryption package you can get. 6.1. Lost keys The most frequent problem with encryption occurs when the user forgets or loses a file key. The GK-Crypt package has two safeguards against this problem. The first safety feature is the cache. GK-Crypt records all of the file keys in the cache. You never need to remember or record any of your file keys in order to decrypt your data. The only key you need to record and remember is your Master Key. GK-Crypt remembers all of the other file keys for you. The second feature that safeguards against loss of keys is GK-Crypt's automatic key generation. GK-Crypt generates all of your file keys for you, so you never have to remember file keys, or type file keys, or even see any file keys. GK-Crypt takes care of all that work for you. It also means that the file keys can be much stronger than user-selected keys. The file keys can be long and completely random, since they never need to be typed or remembered. 6.2. Strong Master Key Some other encryption packages generate all of the keys, not just the file keys, but the Master Key and the cache key, too. The user does not have to remember any keys at all. This is convenient, but it is not safe or secure. Anyone who gets access to your computer can use the program to decrypt your files. Anyone who gets one of your data disks can buy a copy of that program and read your files. Other packages use strong file keys, but require only a simple password to operate the program. This means that anyone who can guess the password can read your files. It is possible to use a program to generate and try millions of passwords per second, so it is fairly easy for somebody to get at your data. GK-Crypt lets you use strong Master Keys, up to 126 characters long. If you follow the guidelines in the chapter on choosing keys, then nobody can guess your Master Key, not with all the computing power on earth. 6.3. Unauthorized users Suppose that a malicious person obtained access to your computer, and tried to disrupt your business by encrypting some of your files with an unknown key. That person might try to ransom your data, and ask for a large fee to supply the key to recover your data. Even if this person, perhaps a disgruntled employee or business partner, possessed the Master Key you would still be safe. The cache protects you. The cache records the key, so you can recover the data even under those difficult circumstances. 6.4. Double encryption Another large source of problems with other data security packages is double encryption, or double decryption. This happens when the user forgets whether a file is encrypted or not. The user might encrypt a file that has already been encrypted, or decrypt a file that has not been encrypted, or that has already been decrypted. Suppose that the user of some lesser security package encrypts a file with key 1, and then encrypts it again with key 2. After the user decrypts the file with key 2, the file is still encrypted with key 1, and therefore unreadable. If the user does not figure this out, and decrypts again with key 2, then the data is lost. Now, suppose that the user of this other program has encrypted the file first with key 1 and then with key 2. Suppose that the user did this intentionally to get extra security because the other program was not as strong as GK-Crypt. If the user then decrypted the file with key 1, and then with key 2, the file would be completely garbled. Unless the user could figure out what had happened, and then unravel all of the steps, the data would be lost. (To recover the data, the user would need to encrypt the data with key 2, encrypt it with key 1, decrypt it with key 2 and finally decrypt it with key 1. Any other sequence of steps would garble the file even further.) These types of problems cannot happen with GK-Crypt. GK-Crypt uses the cache to prevent all such problems. It will not let you encrypt a file twice, or decrypt a file that is not encrypted. It will not let you encrypt a file with one key and decrypt it with a different key. 6.5. Double copies Another problem with other data privacy packages is that they may make multiple copies of a file. They encrypt a file by reading the file one section at a time, encrypting that portion, and writing the encrypted data to a new file. After they finish they delete the original file. This leaves two copies of the file on your disk, the original file and the encrypted file. Even though your original file has been deleted, the data is still there on your disk, and someone could read it. There are well-known utility programs widely available for this purpose. Files often get erased accidentally, so utility programs have been written that can recover the data from an erased file. This problem is insidious, because the user may never know that it has happened. The file looks fine when it is decrypted. The file looks totally random when it is encrypted. The user may never realize that copies of the original file are still right there on the hard disk where anyone with a simple utility program can read them. GK-Crypt eliminates this problem by writing random gibberish over the old file before it gets deleted. This is called shredding the file. Starting with GK-Crypt Version 02, the old file is shredded 3 times. 6.6. Partial encryption Some other data security packages use an alternate approach to prevent your original data from remaining on your disk. They write the encrypted data on top of your original file. The problem with this solution is if the power should go down, or even flicker for a fraction of a second, you will be left with a partially encrypted file. (A surge protector may get you a few seconds, but any longer interruption will shut down your computer right in the middle of whatever it happened to be doing.) It may be possible to recover the data, if the key is known, but it will take a great deal of work to figure out the exact spot where the encrypted portion ends and the original data starts. GK-Crypt takes a different, safer approach to encrypting a file. If the power goes down during encrypting a file, your original file will be untouched. You will not need to perform a data recovery process. You can proceed as if the power failure never happened. 6.7. Master and cache The same safety features that are used for your data files are also used for the Master File and the cache file. The new Master File or cache is always written to your disk before the old one is deleted. 6.8. Adding and renaming files Although GK-Crypt takes every possible safety precaution with the operations under its control, it is still possible for problems to occur because of things that the user does outside of GK-Crypt. The first problem occurs if a user renames a file within a group of encrypted files. GK-Crypt bases the key for each file within a file group on its file name. If you renamed the file, or moved it to another directory, GK-Crypt would be unable to decrypt it correctly. You should never rename a file while it is encrypted. Only decrypted files can be renamed or moved. Likewise, if you restore an encrypted file from a backup disk, it must be restored with the same name and to the same directory. If the file has not been encrypted or decrypted since the backup was made, then simply copying the backup file to its old location is sufficient. But, if the file has been decrypted and then encrypted again since the backup was made, then its encryption key on the hard drive, and its encryption key on the backup disk will be different. There are specific steps that must be taken in order to make sure that the file is decrypted with the correct key, without affecting the decryption of other files. See the section "Backup and recovery" for full details. If this problem happens, you can still recover the file if you have a backup that also contains the Master File and the cache. The need to make frequent backups is always important, but it is doubly important when you are using encryption. The second problem occurs if you add a new file within a group of files that has been encrypted. Suppose that you have encrypted the file group *.JPG and then you add a new picture, SHEEP.JPG to the group. When you decrypt the group, the file SHEEP.JPG will be decrypted along with all of the other picture files. This will leave SHEEP.JPG garbled, because it had not been encrypted. If this happens, get a new copy of SHEEP.JPG from the original source, or from a backup. This is perfectly safe when the file and the group are not encrypted. Files operations, such as creating new files, deleting old files, and renaming files, should be done only when the files are decrypted. 6.9. Backup and recovery There are a number of situations where you may need to restore your data from a backup disk. The most serious is when your hard disk fails completely. In this situation, you need to install a new hard drive, and reinstall the Windows operating system before you can even address the issue of your data files. Once your computer is up and running, you can restore your data files. If you have included the GK-Crypt Master File and cache on your backup disk, then encrypted files can be restored right along with your other files. They do not require any special measures or treatment. Once you have recovered your files, your data will be in the same state as it was when you made your backup. The other, more common situation, is when you decide that you want to restore a specific file to an earlier state. Suppose that you have an encrypted file \novel\chapter6.wp that you wish to restore. Let's assume the worst case, namely that you have many encrypted files, and that you have decrypted some, changed some, re-encrypted some, added and deleted files, and so forth. You want to restore only the file \novel\chapter6.wp and none others. This can be done, but it requires care. You have to decrypt your file with the same key that was used to encrypt it, but without altering the encrption keys for any other file. Begin by decrypting the current version of the file. This removes the file name from the cache. Now, save the current Master File and cache in a new directory. To be extra safe, also copy the current version of \novel\chapter6.wp to that directory. Then you can safely copy the old Master File, cache and the encrypted file from the backup disk to their former places on your hard disk. Decrypt \novel\chapter6.wp using the old master and cache. Finally, copy the current Master File and cache back from where you saved them to the GK directory. This process is harder than a normal recovery, but with most other encryption programs it is not possible at all. 7. COMPARING ALGORITHMS In the first chapter of this manual it states that GK-Crypt is far stronger than any other commercial file encryption product. This is a bold claim. In this chapter the claim will be justified by comparing GK-Crypt to some other encryption algorithms (methods) that are in widespread use today. 7.1. The GK-Crypt algorithm In order to explain why GK-Crypt is so much stronger than other encryption algorithms, it will be helpful to explain some of the technical details of its algorithm. GK-Crypt is a secret-key algorithm. Its strength depends on secret keys which are known to the legitimate user, but not to an eavesdropper or intruder. These secret keys are the Master Key, the cache key, the shortcut key and the key for each encrypted file. There are two basic kinds of secret-key algorithms, block ciphers and stream ciphers. In a block cipher each block of message characters is subjected to a sequence of substitution, permutation, and combination steps in order to produce a new block of thoroughly scrambled text. The algorithm combines each block of the original message with some part of the key in a fixed way. In a stream cipher there is some method of extending the original key to generate a stream of key characters as long as the message. Each character of the message is combined with the corresponding character of the key to produce one character of the encrypted message. In very strong stream ciphers the next character of the key will depend on both the original key, and the contents of the message. GK-Crypt combines both of these methods. It uses a very strong block cipher and a very strong stream cipher. Either of these encryption methods taken alone would be much stronger than any current commercial encryption method. Combined, they become stronger than nearly all military and diplomatic encryption methods as well. GK-Crypt treats the contents of your data file as a sequence of blocks that vary from 16 characters to 32 characters, or 128 bits to 256 bits long. Each block is encrypted using a block cipher. The block cipher has a 690-character, or 5520-bit key. The original key, which is kept in the cache, is 80 characters, or 640 bits. This is expanded into the 690-character, or 5520-bit block key. The expansion uses non-linear functions, so that the expanded key has no linear relationship with the original key. The block cipher uses 9 rounds of substitutions in which each character of the block is combined with one character of the expanded key. Then each character of the block is combined with another character of the block. These character pairs are combined using three independent strongly non-linear functions. This means that the bits of the output are not correlated to the bits of the input. After each round of substitutions the 16 to 32 character block is thoroughly mixed using a key-dependent permutation. The 9 rounds insure that every character of the encrypted block depends on every character of the file block, and every character of the original key. After each block is encrypted a new key block is generated, so that every block of the file is encrypted with a completely different key block. The new key is also generated using 9 rounds of non-linear character combination and key-dependent permutation. This results in an ultra-strong stream cipher that combines 16 to 32 character data blocks with 690-character key blocks to produce 16 to 32 character encrypted blocks. At every stage in the design of GK-Crypt care was taken to make each element of the encryption as strong as possible. The substitution tables were constructed to be as non-linear as possible. The substitution and permutation portions of the block cipher use independent keys in each round. The generation of the next block key is done using yet a third independent key. This was done so that if any information about any part of these keys can be learned by an opponent, that does not reveal anything about the other parts. Additional safeguards assure that even if an opponent somehow knew all of the substitution keys and all of the permutation keys for some block, it would still be impossible to determine the keys for any other block. There is no revolutionary breakthrough here. GK-Crypt is just a solidly engineered process combining powerful encryption techniques that have proved reliable for centuries. For every conceivable attack on the encryption, counter-measures have been designed and incorporated. 7.2. AES Advanced Encryption Standard AES is an encryption method which was adopted for widespread use after a lengthy evaluation of some 35 different proposed cryptographic algorithms. This might lead people to believe that AES is therefore the strongest available cryptographic algorithm. This is not true. The selection process for AES was based on several criteria including strength, speed, size, and ease of implementation. The algorithm that was chosen, called Rijndael, was judged to have only medium strength. 3 of the 5 finalists in the selection process (called Mars, Serpent and Twofish) were judged to be stronger. They were not chosen because they were slower, more complex, or required more storage. The GK-Crypt algorithm is far stronger than all 5 of the AES finalists. There are several more reasons why GK-Crypt is much stronger than the AES algorithm. GK-Crypt was developed several years after AES was made public. This means that all the features of AES which made it secure were known when GK-Crypt was developed. All of the secure features of AES were used in GK-Crypt, and several new features were added to make GK-Crypt vastly stronger than AES. GK-Crypt versions 02 and higher use variable block size and other features that make it even stronger. AES was necessarily a compromise. It had to be small and simple in order to be suitable for use in a broad range of applications, including tiny low-cost chips imbedded in credit cards, passports, medical ID bracelets, military ID tags, and so forth. In the future, even smaller AES chips may be imbedded in, or printed directly onto banknotes (paper currency), checks, stock certificates, and similar documents. Such chips have very limited storage and computing power, so AES had to be limited in size to make it fit. It also had to be kept simple because it was going to be implemented many times by many different programmers and chip designers, most of whom have no expertise in cryptography. GK-Crypt was designed solely for use on computers. It did not have to meet stringent constraints on key size and program size. So GK-Crypt can use more storage, take more steps, and use longer keys than AES. It was implemented by an expert computer programmer who is also an experienced cryptographer with several published papers on cryptography, so it did not need to be small and simple. (Some of the papers are available online. Links to these papers can be found at http://www.mastersoftware.biz/gkcrypt.htm.) The absence of these size and complexity constraints allow GK-Crypt to be far stronger than AES. In terms of key size and number of steps, GK-Crypt is roughly equivalent to encrypting 4 times with AES using 4 independent keys. AES uses 128-bit keys that are expanded internally to 1024-bit keys. GK-Crypt uses 640-bit keys that are expanded internally to 5520-bit keys. However, GK-Crypt has some features that make it much stronger than 4 times AES. For example, GK-Crypt uses a new key for every block of data. This means that an opponent cannot accumulate a large number of data blocks that are all encrypted with the same key. Many cryptographic systems have been broken by using a large number of messages encrypted with the same key. AES is vulnerable to such an attack, but GK-Crypt is not. 7.3. RSA public key cryptography The security of the RSA public key algorithm rests solely on the fact that it is difficult to factor large numbers. If you are given two numbers, say 1511 and 1747 it is easy to find their product, 2639717. It is much more difficult to go the other way, given a large number to find the numbers that were multiplied to produce it. These numbers are called its factors, hence the factors of 2639717 are 1511 and 1747. The difficulty grows the larger the factors get. When the factors get up to 100 decimal digits or more, it takes a great deal of sophisticated mathematics and computing time to factor the number. The problem with RSA public key cryptography is that it is subject to advances in mathematics. A few years ago mathematicians learned how to use elliptic curves to factor large numbers. Suddenly many public keys that seemed totally secure could now be broken, and all of the messages sent using those keys could now be read. The users of public key cryptography had to develop new keys that were larger than the old keys. But, for some, it was too late. Their secret messages and private files had already been read. 7.4. Quantum cryptography The newest development in secret communications is quantum cryptography. There are two separate forms of quantum cryptography, which may be called "photon cryptography" and "quantum entanglement." 7.4.1. Photon cryptography Photon cryptography uses a beam of light in which each individual photon, or light particle, has been put into one of two different quantum states. Each photon, therefore, carries one bit of the encrypted message. So photon cryptography is basically ordinary cryptography, except that a beam of photons is being used to transmit the message, rather than a wire or radio waves. The advantage of photon cryptography is that anybody trying to eavesdrop, and determine the state of the photons, would change their state. Therefore eavesdropping could easily be detected. That may be true, but the end result is that the eavesdropper would receive the message, while the intended receiver would not. A more sophisticated approach would be for the eavesdropper to read the message, and then generate a new photon beam with the same quantum states. The receiver would never know that the photons are not the originals. 7.4.2. Quantum entanglement This method is not available to the public, may never be available outside of government, and may still be years away from practical use. We discuss it here because it has the potential to become an extremely strong cryptographic method. The basic idea in quantum entanglement is that the sender and the legitimate receiver of a message each have a set of quantum particles that are synchronized, or "entangled" with each other. That is, the particles are always in the same quantum state, even though they may be many miles apart. A change to one particle causes the same change to its mate. The method has a great advantage, which may also be a fatal flaw. Any attempt by an outsider to determine the state of either particle can change its state, and thus alert the parties that there is an eavesdropper. However, this property means that an opponent can completely disrupt communications simply by listening in. The receiver cannot know if a change in the particle is a message from the sender or an attempt by someone else to listen in. This property, therefore, may doom quantum entanglement cryptography. Appendix A. DOS BASICS GK-Crypt runs under DOS, not under Windows. DOS was the primary operating system for personal computers from about 1975 to 1995. Older versions of Windows, prior to the introduction of Windows 95, ran as tasks under DOS. Since 1995 the situation has reversed, and DOS now runs as a task under Windows. Every computer user before 1995 knew DOS well. However, newer computer users may not be familiar with DOS, so that a little basic orientation may be helpful. A.1. Starting DOS On newer computers it may be difficult even to find DOS in order to use it. There are two methods for running DOS. The first method is to click on a DOS icon from your desktop, or from a taskbar at the top or bottom edge of the desktop. The icon may say DOS, or MSDOS, or possibly CMD or COMMAND. Clicking any one of these icons will start DOS. If there is a DOS icon on your desktop or in a taskbar, you can skip the rest of this section. If there is no DOS icon on your desktop or taskbar you may find one elsewhere. Start by clicking on "Start" in the corner of the screen. This will bring up a menu listing various programs and options. If there is a DOS icon there, you can use it directly, or you could drag it onto the desktop for future use. If it is not there, click on "Programs" or "All Programs." This will bring up a long list of various programs that are on your computer. If one of these is DOS, you can click it, or you can drag it to the desktop. If you still don't see a DOS or CMD icon, put your mouse on each of the icons that you see. Don't click, just let the mouse cursor rest on the icon. This will often bring up another list of programs, and DOS may be among them. If DOS still is not there, don't give up. You just need to search deeper. In the list of All Programs there will be some folders with names such as "Applications" or "System Utilities." Click to open each of these folders. In those folders you may find DOS or CMD. Or, you may find more folders. Again, rest the mouse on the names of programs, and click on folders to find even more well-hidden programs and folders. Once you find the DOS icon, drag it to the desktop. Put the mouse cursor on the DOS icon and hold down the left button. Move the mouse to drag the cursor onto the desktop, and then release it to drop the icon on the desktop. Click the desktop to close all of the other windows. Then drag the DOS icon to wherever you want it on the desktop. If all of this fails, it is time to try the second method. Go back to the desktop, and click on "Start" again. In the list of options click on "Run" or "Run Program." This will open a small window with a box where you can type the name of a program that you wish to run. Type CMD in this box, and then press Enter. This will open a DOS window. A.2. Sizing the DOS window The DOS window will often be a small window in the middle of the screen, probably off-center. It is easier to work with DOS in full-screen mode, with no distracting windows or borders. To do this, right click on the top border of the DOS window, and select "Properties" from the pop-up window that appears. Use the various options to select full-screen mode. This may take several tries before it works, so don't get frustrated if the next time you use DOS you get the same small window, and need to resize it again. When you do get the full screen mode, the screen is likely to be set to 50-line mode. This makes the characters small and crudely formed. You may be more comfortable using 25-line mode. To switch, you can type the command mode con lines=25 This will double the size of the characters and make them easier to read. A.3. Directories In DOS your computer's hard disk is organized into directories. All of the files on your computer are in directories. These correspond to the folders in Windows. Directories and folders are the same thing. A directory or a folder can contain files and more directories or folders, so that the folders or directories are nested one inside the other in a hierarchy. The top of the hierarchy is called the "root directory." Typically the root directory does not contain any files. Rather, it contains all of the principal directories on the computer, such as \Windows \Program Files \Documents and Settings and so forth. The backslash \ in front of these directory names shows that they are directories within the root directory. A directory within another directory is sometimes called a subdirectory. In the example above the directory Windows would be a subdirectory of the root directory. A.4. Current directory Files are identified in DOS by using a path, a filename and a filetype. For example, direc1\direc2\file1.doc Here the path is direc1\direc2, the filename is file1 and the filetype is doc. The path consists of the sequence of nested directories which contain the desired file. If the path starts with a \ backslash, then the sequence of directories start from the root directory. If the backslash is omitted, then the path starts from the current directory. For example, if the current directory is Windows, then the file identifier direc1\direc2\file1.doc would refer to the file \Windows\direc1\direc2\file1.doc By setting the current directory you can shorten the names of programs and files that you must type. For example, if you want to use the program \direc1\direc2\prog1.exe to process the data files \direc1\direc2\file1.dat and \direc1\direc2\file2.dat you could type \direc1\direc2\prog1 \direc1\direc2\file1.dat \direc1\direc2\file2.dat If you changed the current directory to \direc1\direc2 then this could be shortened to prog1 file1.dat file2.dat The command to change the current directory is cd. To change the current directory to \direc1\direc2 you would type cd \direc1\direc2\ If you later wanted to change the current directory to \direc1\direc2\direc3 it is sufficient to type cd direc3 since you were already in the directory \direc1\direc2. A.5. Working with directories You can make your own directories by using the Make Directory command. For example, if the current directory is \direc1\direc2 and you wanted to make a subdirectory called direc3, then you could type md direc3 Starting from the root directory, the new directory would be \direc1\direc2\direc3. To remove a directory, you can use the Remove Directory command. For example, to remove the directory \direc1\direc2\direc3 you would type rd \direc1\direc2\direc3 As a safety precaution, you cannot remove a directory until you have deleted all of the files in the directory, and removed all of its subdirectories. This prevents you from accidentally deleting files that you meant to keep. To list the contents of a directory, you can use the Directory command. The basic format is dir mydirec /options Here mydirec is the directory you want to list. There are many possible options. Here are a few of the most useful: /s List the contents of all subdirectories /on Sort the files by name /os Sort the files, smallest to largest /o-s Sort the files, largest to smallest /od Sort the files, oldest to newest /o-d Sort the files, newest to oldest /p Pause after every 20 lines You can use several options in the same command. For example, dir \direc1 /s /od /p would list the files in \direc1 and all of its subdirectories sorted from oldest to newest, and pausing after every 20 lines. You can also list specific files, files that have a given filename or filetype, or files whose filenames and filetypes begin with specific letters. Here are some examples dir tax.ref Lists the file tax.ref. dir tax.* Lists all files with the name tax. dir *.doc Lists all files of type doc. dir st*.c* Lists all files whose filename starts with st and whose filetype begins with c, such as startup.cfg, study.com or state.core. The * asterisks in these commands are called wildcards because they can be replaced by any set of letters. These commands can tell you whether these files exist, their sizes, and the date they were last updated. A.6. Identifying files All of the data in your computer resides in files. Files contain the operating system, all of the application programs, and all of the data that they use and create. Files are identified to DOS by four fields, namely the drive, path, filename and extension. drive is the device where your file is stored, usually C for your hard drive, A or B for a floppy drive, D or E for a CDROM drive. path is the directory on your drive where the file is located. filename is the name that you gave your file. The name usually indicates the contents or purpose of the file. extension is a suffix that indicates the kind of file, such as TXT for a text file, JPEG for a picture file, EXE for an executable file, etc. A full file identifier might look like this, c:\mycompany\mydepartment\2005\sales.wp In this example, c: identifies that your file is on the C drive, which is your hard drive. \mycompany\mydepartment\2005\ is the path to your data. It shows that the data file is located in the 2005 folder, which is inside the mydepartment folder, in the mycompany folder. So the path consists of nested folders, or a list of directories. sales.wp is the file with the data. The filename is sales, and the extension is wp, which indicates that it is a WordPerfect document. In a file identifier all of the fields except the filename are optional. drive can be omitted if the file is on the current drive, that is, the drive where you are now working. path can be omitted if the file is on the current directory of the drive. extension can be omitted if the file does not have an extension on its name. For example, if the file is just named oldstuff then no extension is needed. Here are some examples of valid file identifiers: a:budget identifies the file budget in the current directory of the A drive. \jones\commissions identifies the file commissions in the jones directory on the current drive. late\requests.txt identifies the file requests.txt in the late subdirectory of the current directory. A.7. Long names Some Windows files and directories have long names, or names containing blanks or dots, such as Documents and Settings My Music Microsoft.Net SharedReg12.dll Microsoft has made the naming of files and directories incompatible between Windows and DOS. DOS limits directory names to 8 characters, and does not allow blanks in names. To refer to these directories, you need to shorten the names down to 8 characters. The short name is formed by taking the first 6 non-blank characters of the name plus the combination ~1. When the name of a directory contains a . dot character, each of the parts of the name is treated separately. For example, for the directories above, Documents and Settings would be called Docume~1 My Music would be called MyMusi~1 Microsoft.Net would be called Micros~1.Net SharedReg12.dll would be called Shared~1.dll Thus a full path and file name such as \Windows\Microsoft.Net\Framework\SharedReg12.dll in DOS would be called \Windows\Micros~1.Net\Framew~1\Shared~1.dll It is a good idea to give all of your own files and directories names that are compatible with DOS. The names should be no more than 8 characters long and should not contain blanks. A.8. File operations Besides the encryption and decryption operations that you perform using GK-Crypt, it can be useful to know several other common file operations. There is no DOS operation to create a file. Files are created by application programs such as word processors, picture editors, spreadsheets, etc. Once created, files can be copied, renamed and deleted. It is important to remember that encrypted files should not be renamed, and files should not be copied into or out of a group of encrypted files. It is safest to decrypt files before renaming or copying. To copy a file to a new location, the command is copy oldfile newfile The old file and new file identifiers can be fully qualified, that is, they may have drive, path, filename and filetype. So the copy command can be used to copy files to other directories or to other drives. Wildcards can be used in the copy command to copy groups of files. For example, the command copy \oldpath\*.doc \newpath\*.* would copy all files of type doc from the \oldpath directory to the \newpath directory. The rename command works similarly to the copy command. The form is ren oldfile newname Here oldfile can be fully qualified, with drive, path, filename and filetype. However, newname can have only a new filename and filetype. There cannot be a new drive or new path because the file does not change its location, only its name and/or type. For example, ren target\x3*.jpg x4*.* would rename all of the jpg files in the target directory that start with x3 to start with x4. The command to delete files takes the form del file Here, file can be a fully-qualified file identifier, with drive, path, filename and filetype. It can also have wildcards so that you can delete several files with a single command. For example, del a:old*.* would delete all files in the current directory of the a drive whose filenames start with old. Note that deleting a file does not erase it. The file still exists on the disk, where it can be read by various utility programs that are available for that purpose. The file will remain there until some other file eventually gets written on top of it. A.9. Batch files Batch files are a useful way to reduce the number and complexity of the DOS commands that you must type. Each batch file can contain any number of DOS commands. You execute the entire sequence of DOS commands just by typing the name of the batch file. Here is a simple example. Suppose that you frequently use the program GK-Crypt. If the current directory is \plans\tower but GK-Crypt is in the directory \programs\download then to use GK-Crypt you would type \programs\download\gk To make this easier, you could create a batch file named gk.bat on the current directory. This file would contain the single line \programs\download\gk Now when you wanted to execute GK-Crypt all you would need to type is gk You could place a copy of the batch file gk.bat in every directory where you usually work. Then you could run GK-Crypt from anywhere just by typing gk. You would not need to have multiple copies of GK-Crypt. There are many other DOS commands and options. This is just a small sample of useful DOS commands.