-----BEGIN PGP SIGNED MESSAGE----- __ / \ New Cryptographic Freeware Available: Data Lock /____\ \ / * Uses the Diamond Encryption Algorithm (slight variation on MPJ2) \ / * Includes complete source code \/ * No patent infringement problems * Includes source code library for Diamond & Diamond Lite * Can be strong enough to protect very valuable data (see below) * Can be weakened enough to be exportable in executable form only * Ciphertext doesn't advertise its algorithm or key (stealth) Documentation only (exportable): ftp:csn.org//mpj/public/dlockdoc.zip or dlockdoc.tar.gz ftp:ftp.netcom.com//pub/mpj/public/dlockdoc.zip or dlockdoc.tar.gz Full package (including all source code & executable file): ftp:csn.org//mpj/I_will_not_export/crypto_???????/mpj/dlock.zip or dlock.tar.gz ?????? and anti-export warning given in ftp:csn.org//mpj/README.MPJ ftp:ftp.netcom.com//pub/mpj/I_will_not_export/crypto_???????/mpj/dlock.zip or dlock.tar.gz ?????? and anti-export plea given in ftp:ftp.netcom.com//pub/mpj/README.MPJ Colorado Catacombs BBS 303-938-9654 DLOCK.ZIP Data Lock itself may be useful, but its greater value lies in the fact that it is written more to be used as a function library for people who want to incorporate encryption into other applications. The only change from MPJ2 to the Diamond Encryption Algorithm is that the key expansion mechanism now distinguishes between keys of different lengths. For example, the keys "aaaaaaaa" and "aaaaaaaaaaaa" would have been equivalent in MPJ2, but are not in Diamond. Diamond Lite is just the logical contraction of Diamond from a 16 byte (128 bit) block to an 8 byte (64 bit) block. Even though "Lite" is in the name, it yields better security for small numbers of rounds because of the faster avalanche effect (1 bit to 64 in just 2 rounds instead of 1 bit to 128 in 5 rounds). MPJ2 and Diamond are derived from the MPJ encryption algorithm, invented in 1989, but use an improved key scheduling algorithm that eliminates the slight bias in the way the substitution arrays were filled. The following is a comparison of some of the symmetrical key ciphers available to the general public today. Included is a (somewhat subjective) strength comparison to give a general idea of how Diamond and Diamond Lite compare: ALGORITHM BLOCK KEY ROYALTY ECB RELATIVE APPROXIMATE WORK FACTOR NAME SIZE SIZE FREE? MODE SPEED TO BREAK log base 2 of BITS BITS OK? number of operations DES 64 56 YES YES MEDIUM 43 3DES 64 112-168 YES YES SLOW 64-168 DIAMOND 128 variable YES YES MEDIUM 128-key size DIAMOND LITE 64 variable YES YES VERY FAST 64-key size BLOWFISH 64 variable YES YES VERY FAST 64-key size? SHA-CFB 160 variable YES NO VERY FAST 80-160 MD5-CFB 128 variable YES NO VERY FAST 64-128 REDOC II 80 160 NO YES FAST 80-key size REDOC III 64 variable NO YES VERY FAST 64-key size KHUFU 64 512 NO YES ? 64-512 IDEA 64 128 NO YES FAST 64-128 MMB 128 128 ? YES FAST 128? The "work factor to break" column is somewhat subjective, and is based on the best attacks that I have knowledge of (hardly an exhaustive list), combined with a GUESS at what attacks might succeed. They also assume that the key length is at least as long as the numbers indicated when the key length is variable. You should decide for yourself what you will believe. Don't put all your eggs in one basket. Besides those things listed above, some distinguishing characteristics of Diamond and Diamond Lite include: * They can easily and securely take a pass phrase directly as a key. * They can be extremely fast when implemented in hardware. * They allow you to perform some security vs. speed and size tradeoffs. * Key setup is designed to make brute force attacks very costly. OK, this is where I put my money where my keyboard is. If you are the first one to correctly decipher my challenge text (CHALLENG.ENC in DLOCK.ZIP), enciphered with DLOCK.EXE, before midnight UTC, 29 April 1997, and follow the redemption instructions contained within the challenge text, then I will send you US$271.82 of my hard-earned money. You must (1) reveal to me how you did this, and (2) not break any laws in the process to collect the prize. I know that this isn't enough to justify much serious cryptanalysis, but it should demonstrate that such a challenge is beyond the reach of the average hacker. ___________________________________________________________ |\ /| | | | | \/ |o| | Michael Paul Johnson Colorado Catacombs BBS 303-938-9654 | | | | / _ | mpj@csn.org ftp:csn.org//mpj/README.MPJ for crypto stuff | | |||/ /_\ | aka mpj@netcom.com mpjohnson@ieee.org mikej@exabyte.com | | |||\ ( | m.p.johnso@nyx.cs.du.edu CIS 71331,2332 PGP key by finger | | ||| \ \_/ |___________________________________________________________| -----BEGIN PGP SIGNATURE----- Version: 2.4 iQCVAgUBLaDz1j9nBjyFM+vFAQHJ8QP/UgnrRX0u5AAnEoOIuNPi1Y8yRPrY7U3R BWTb04eyi1hqSuWnVQaAkINp84R5d/PhyS7wa5xEEoq+UmhISEoGHoSVc6e2QWr+ xsSR5vjvUQpc5zkPIdkFOpVb94aCUCDHh5Zv4bU6WsVoKI+zAXSrRDL7o4zhwfxp +H6ov+NPI1M= =9Ul1 -----END PGP SIGNATURE-----