Re: Win95 Blowfish Implementation

-----BEGIN PGP SIGNED MESSAGE----- Thanks to everyone who replied to my original message. I was confident I could use those algorithms (I wouldn't have spent months on the code otherwise) but I wanted to check one more time before I publicly released software using them. One question though. The following text is quoted from Bill Stewart.
2. SHA can be used without royalty. Yup. Use SHA-1 rather than the original SHA, though; the NSA "updated" it in ways that do appear to strengthen it.
What exactly is the difference between SHA and SHA-1? Is it the left circular shift when generating the W array? I coded the SHA alogrithm according to _Applied Cryptography_ Second Edition. Is that the updated version of SHA? Many thanks. David F. Ogren P.S. Here is the super short description of Hootie: Hootie is a Windows 95 implementation of the Blowfish algorithm. It is a fully graphical interface which includes drag and drop support as well as Explorer launch. It can support both CBC and ECB modes. The passphrase can either be directly entered by the user or the passphrase can be SHA hashed before use. Hootie can optionally add headers at the beginning of the file which automatically select the block encryption mode and confirm good passphrases, or (for people concerned about known-plaintext attacks) omit the headers. Future features include: generation of keys via a TNG (which are then saved to file), using MD5 rather than SHA, and a primitive text editor which which can be encrypted/decrypted to/from. I currently expect to release the alpha version in two to three weeks. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMczT+fBB6nnGJuMRAQGcXgP+LcOp17aHIpoyScq9O8MlK+HcNBUsbdxq KoFEqeDJyyL9pOcn9IdMHvZXmzzdBpEdk2q7DrObhk9z8Dy3jqai4t222upJ2kmn blXGW3zIRdyycGg0ij0GCZzUkD6cSLpe4k5/HdhWhcgyDFx6t95sJIQAm/YIoC1R JTTc86tmjss= =iXHL -----END PGP SIGNATURE----- -- David F. Ogren ogren@concentric.net (alternate address: dfogren@msn.com) PGP Key ID: 0xC626E311 PGP Key Fingerprint: 24 23 CD 15 BF 8D D1 DE 81 71 84 C8 2C E0 4B 01 (public key available via server or by sending a message to ogren@concentric.net with a subject of GETPGPKEY)
participants (1)
-
David F. Ogren