Cryptography-Digest Digest #372, Volume #9 Sun, 11 Apr 99 03:13:14 EDT
Contents:
Re: Encrypting Fields in Microsoft Access Database (wtshaw)
Re: True Randomness & The Law Of Large Numbers (R. Knauer)
Re: tops9720.zip source code for "Topsecret" ("Ryan Phillips")
Re: tops9720.zip source code for "Topsecret" ([EMAIL PROTECTED])
Re: True Randomness & The Law Of Large Numbers (R. Knauer)
Re: True Randomness & The Law Of Large Numbers (R. Knauer)
Re: Test vector repository--specifically, help with a broken Blowfish (Boris Kazak)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Encrypting Fields in Microsoft Access Database
Date: Sat, 10 Apr 1999 23:48:38 -0600
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(Dworkin of Amber) wrote:
>
> Is their a secure (comperable to RC5) algorithm that can encrypt strings
> smaller that 8 bytes? (I could be happy with 4. If it can encrypt 2 I
> will be estactic.)
>
In a general sense, a byte is not too descriptive, as depending on the
configuration, it might represent different numbers of bit...so best fully
define what you want.
Simple compression can play a role here, depending on the data and the
memory format....again, best to fully define what you want.
The generic GVA can encrypt single characters, security scaled to how much
overhead additional length you can accept in the ciphertext; such overhead
being the same for long strings for long fields. In the GVA, each field
of each entry can be entirely standalone, but each field gets the same
slight burden of overhead. I would like to claim that you can manage far
greater security with the GVA than with any other algorithm I know, and
have variable length blocks, or fields if you prefer, predetermine what
level of security you can accept, and modify the design of the operational
application entirely to your specific needs as to functional characters.
Most are probably unwilling to launch into something they might consider
exotic, but the GVA has been around for several years, had several people
look into it, and a seductively simple as it is, all give up trying to
break it. What sounds too good to be true is not my fault; I merely try
to point out that which I have learned from it as even as it is a creature
I created, it seems to deliver more than I was probably capable of
envisioning. Time will tell, but the only songs I hear are music to my
ears.
--
Too much of a good thing can be much worse than none.
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: True Randomness & The Law Of Large Numbers
Date: Mon, 05 Apr 1999 12:30:07 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 05 Apr 1999 07:07:58 GMT, "Douglas A. Gwyn" <[EMAIL PROTECTED]>
wrote:
>> Therefore, it a RNG fails those statistical tests, it is reasonably
>> certain that it is not random, and if it does not fail those tests, it
>> is reasonably certain that it is random.
>The null hypothesis and alternative hypothesis do *not* play
>symmetric roles in the usual statistical tests, so it doesn't
>work like that.
And therein lies the problem.
I claim that there is an absolute standard against which to compare
random number generation, namely a quantum computer programmed to
calculate numbers that are truly random. (Cf. Williams & Clearwater,
op. cit.). That standard TRNG is 100% certain to perform correctly.
Therefore anything which does not perform like that standard TRNG is
not truly random. There is no fuzzy set measure here, no excluded
middle called "Maybe A." A process is either truly random or it is not
truly random, and anything which is not 100% truly random is Not Truly
Random.
If it is not truly random, then it can be "pretty random", "partly
random" or "lousy random" for purposes of crypto. "Pretty random"
might qualify for a keystream generator, maybe not. But that is not
the issue here - I am not talking about a *practical* TRNG, I am
talking about an *ideal* TRNG, like a quantum computer.
Even an expert mathematician such as Triola will not go along with
such nonsense as Maybe Random. He states unequivocally that there are
NO parametric statistical tests for true randomness. Most of your
beloved standard statistical tests are parametric. The binomial
distribution is certainly parametric and so is Chi Square and all the
rest of them that are based on such parameters as the mean and the
variance, etc.
Yet Triola himself, the very author you said I had to read in order to
get to where you are in your thinking, states in plain English that
such parametric tests are useless to determine true randomness. He
even puts it in a Table for the English-comprehension-impaired.
He does attempt to pawn off the Runs Test as an example of a
non-parametric test, but it comes off very weakly. He then quickly
sweeps the entire matter of true randomness under the rug and
high-tails it for the closing chapter.
Your beloved statistcal tests are just snake oil. All they do is snook
you into believing that a process is Maybe A - like being Maybe
Pregnant or pregnant with a 95% confidence level. What complete and
utter nonsense. I find it difficult to believe that presumably
intelligent people would fall for that bullcrap so readily.
Maybe Huxley was right - most people do not know how to think
critically.
Bob Knauer
"People have criticized me because my security detail is larger
than the president's. But you must ask yourself: Are there more
people who want to kill me than who want to kill the president?
I can assure you there are."
- Marion Barry, Mayor of Washington DC
------------------------------
From: "Ryan Phillips" <[EMAIL PROTECTED]>
Subject: Re: tops9720.zip source code for "Topsecret"
Date: Sat, 10 Apr 1999 22:12:34 -0700
Snakeoil?
<[EMAIL PROTECTED]> wrote in message
news:7eokrb$alm$[EMAIL PROTECTED]...
> This is the source code for the encryption program named "Topsecret".
> It is widely available on the net as tops9720.zip
> The source code is freely distributable for non profit use.
> The source code is in its original development form
> and therefore not too pretty. I encourage hackers to send me or publish
> exe programs that will reliably crack coded messages.
>
> Nomad01
> http://users.leading.net/~nomad01/index.html
>
>
>
> #include <stdio.h>
> #include <string.h>
> #include <stdlib.h>
> #include <bios.h>
>
> void main()
> {
> FILE *input_file, *output_file, *catalyst_file;
> char input_name[66], output_name[66], catalyst_name[66];
> char key[66],word[66],key2[66];
> int c,d,length,keylength,loophelp,step,mode; /*length-of
file*/
> int ch, row, col, offrow, offcol, limitrow, datasize, spacecount;
> int count;
>
> ch = 0; row = 0; col=0; offrow=0; offcol=0; limitrow=0; /* init#1 here
*/
> datasize=0; spacecount=0; count=0;
>
> testts:row=cursrow();limitrow = row;/*printf("\nStarted at row
%d",row);*/
> col=0;
> /* clrscrn();printf("\nts aaa 1 bbb 0 ccc \n\n\n");*/
> while(row >= 0){ offrow = row; offcol = col;
>
> poscurs(offrow,offcol);ch = readch();
> if((ch == 84)||(ch == 116)){
> offcol =offcol + 1;if (offcol > 79){
> offcol = 0; offrow = row +1; }
> poscurs(offrow , offcol);ch = readch();
> if((ch == 79)||(ch == 111)){
> offcol = offcol + 1;if (offcol > 79){
> offcol = 0; offrow = row +1; }
> poscurs(offrow,offcol);ch = readch();
> if((ch == 80)||(ch == 112)){
> offcol =offcol + 1;if (offcol > 79){
> offcol = 0; offrow = row +1; }
> poscurs(offrow , offcol);ch = readch();
> if((ch == 83)||(ch == 115)){
> offcol = offcol + 1;if (offcol > 79){
> offcol = 0; offrow = row +1; }
>
> poscurs(offrow , offcol);ch = readch();
> if(ch == 32){ goto cmdfound;}
> if(ch == 46){ goto baddata;} /* period after ts */
> }
> }
> }
> }
> /* poscurs(row+2,col);writech(43); */
> col=col+1;if(col >79) {col = 0; row = row -1;}
>
> }
> poscurs(24,0);exit(0); /*file renamed */
>
> cmdfound:/*-----printf("\n\n\n\n Ts: was at row%d",row);
> printf(" last char %c",ch);
> printf(" row %d, col %d", row, col);
> printf(" offrow %d, offcol %d", offrow, offcol);----*/
>
> getdata:
> row=offrow; col=offcol+1; poscurs(row,col);ch=readch();
>
> if (ch == 32) { printf("IN code#1");goto baddata;
> } /*two spaces in a row*/
> datasize=0;
> inputname:
> poscurs(row,col);ch=readch();input_name[datasize]= ch;
> datasize=datasize+1; if (datasize > 64) { printf("IN code #2"); goto
> baddata;
> }
> col=col+1; if (col>79) {col=0;row=row+1;
> }
> if (row>limitrow) { printf("IN code #3");goto baddata;
> }
> poscurs(row,col);ch=readch();if (ch != 32)
> {goto inputname;/*no space yet*/
> }
> col=col+1; if (col>79) {col=0;row=row+1;
> }
> if (row>limitrow) { printf("IN code #4");goto baddata;
> }
> poscurs(row,col);ch=readch();if (ch==32){printf(" row %d, col
> %d",row,col);
> printf("IN #5");goto baddata;
> } /*two spaces*/
> /*--------------------------------------------------------*/
> datasize=0;
> eord:
> poscurs(row,col);ch=readch();mode = ch;
> datasize=datasize+1;if (datasize > 1){printf("ED code#2");goto
baddata;
> }
> col=col+1; if (col>79) {col=0;row=row+1;
> }
> if (row>limitrow) { printf("ED code#3");goto baddata;
> }
> poscurs(row,col);ch=readch();if (ch != 32)
> {goto eord;/*no space yet*/
> }
> col=col+1; if (col>79) {col=0;row=row+1;
> }
> if (row>limitrow) { printf("ED code#4");goto baddata;
> }
> poscurs(row,col);ch=readch();if (ch==32){printf(" row %d, col
> %d",row,col);
> printf("ED code#5");goto baddata;
> } /*two spaces*/
> if((mode != 49)&&(mode !=50)){mode=0;goto baddata;}
> /*--------------------------------------------------------*/
>
> datasize=0; outputfile:
> poscurs(row,col);ch=readch();output_name[datasize] = ch;
> datasize=datasize+1;if (datasize > 64){printf("OUT code#2");goto
addata; }
> col=col+1; if (col>79) {col=0;row=row+1; } if (row>limitrow)
printf("OUT
> code#3");goto baddata; } poscurs(row,col);ch=readch();if (ch != 32)
{goto
> outputfile;/*no space yet*/ } col=col+1; if (col>79) {col=0;row=row+1; }
> if (row>limitrow) { printf("OUT code#4");goto baddata; }
> poscurs(row,col);ch=readch();if (ch==32){printf(" row %d, col
%d",row,col);
> printf("OUT code#5");goto baddata; } /*two spaces*/
> /*--------------------------------------------------------*/
>
> datasize=0; catalyst:
> poscurs(row,col);ch=readch();catalyst_name[datasize] = ch;
> datasize=datasize+1;if (datasize > 64){printf("CAT code#2");goto
addata; }
> col=col+1; if (col>79) {col=0;row=row+1; } if (row>limitrow)
printf("CAT
> code#3");goto baddata; } poscurs(row,col);ch=readch();if (ch != 32)
{goto
> catalyst;/*no space yet*/ } col=col+1; if (col>79) {col=0;row=row+1; }
if
> (row>limitrow) { printf("CAT code#4");goto baddata; }
> poscurs(row,col);ch=readch();if (ch==32){printf(" row %d, col
%d",row,col);
> printf("OUT code#5");goto baddata; } /*two spaces*/
> /*--------------------------------------------------------*/ datasize=0;
> keysee: poscurs(row,col);ch=readch();key[datasize] = ch;
> datasize=datasize+1;if (datasize > 64){printf("KEY code#2");goto
addata; }
> col=col+1; if (col>79) {col=0;row=row+1; } if (row>limitrow)
printf("KEY
> code#3");goto baddata; } poscurs(row,col);ch=readch();if (ch != 32)
{goto
> keysee;/*no space yet*/ } /*---- col=col+1; if (col>79)
{col=0;row=row+1;
> } if (row>limitrow) { printf("KEY code#4");goto baddata; }
> poscurs(row,col);ch=readch();if (ch==32){printf(" row %d, col
%d",row,col);
> printf("KEY code#5");goto baddata; } *two spaces* --------*/
> /*--------------------------------------------------------*/
>
>
>
>
>
> poscurs (24,0); /*get rid of this later!*/
> /*printf("\n\n\n datasize %d",datasize); */
> /*printf(" baddata row%d, col%d, ch%d",row,col,ch);printf("\n");*/
>
> /*------- for debuging
> printf("\n\nInput file=");
> printf("%s",input_name);
>
> printf("\nEncrypt-1,Decode-2:=");
> printf("%c",mode);
>
> printf("\nOutput file= ");
> printf("%s",output_name);
>
> printf("\nCatalyst file=");
> printf("%s",catalyst_name);
>
> printf("\nKey=");
> printf("%s",key);
> printf("\n");
> ----------*/
>
> goto dataready;
> exit(0); /*later exit to regular ts */
>
> baddata: /* start at begining for beginers*/
>
printf("\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n");
> printf("TOPSECRET! by SIVA R.KRISHNA (C)'95-97 V2.0");
> printf("\nShareware registration,$5 to PSC BOX 3013 ");
> printf("DYESS AFB,TX.79607");
> printf("\n\nSecurity hints:");
> printf("\nEncrypt compressed files to minimize repeating data.Since the
> receiver must");
> printf("\nhave the Catalyst/s,you may want to start with something
> popular.Consider");
> printf("\nencrypting more than once.If sensitive data was written to a
> disk,format");
> printf("\nthe disk and overwrite the whole disk before disposal.Ensure
> personnel have");
> printf("\nproper security clearance.Have building and personnel checked
> for");
> printf("\nsurveillance equipment.");
> printf("\n\nDisclaimer:This program is sold AS IS,no one or ");
> printf("vendor shall be liable for
special,incidental,consequential");
> printf(",direct,indirect or other similar damages from the use ");
> printf("or missuse of this program.Other liabilities for damages");
> printf(" shall in no event exceed the purchase price.");
> printf(" \n");
> printf(" \n");
> printf(" \n");
> anotherfile: /*----------init#2 here-----------*/
> c=0;d=0;length=0;keylength=0;loophelp=0;mode=0;
>
> printf("\nName of input file : ");
> scanf("%s",&input_name);
> againmode:printf("\n1=Encrypt 2=Decode\n");
> scanf("%s",&mode);/* printf("\nMode=%d",mode);*/
> if((mode!=49)&&(mode!=50))
> {goto againmode;}
>
> printf("\nName of output file : ");
> scanf("%s",&output_name);
>
> printf("\nName of Catalyst file, 0=NONE : ");
> scanf("%s",catalyst_name);
>
> againkey:
> printf("\nEnter KEY");
> printf("\n01234567891123456789212345678931234567894123456789");
> printf("51234567896123\n");
> scanf("%s",&key);
> if(strlen(key)>64){printf("\n key=%s\n length=%d",key,strlen(key));
> goto againkey;}
>
>
>
>
>
> /* generate firstime k2 only */
>
> keylength=strlen(key);
> printf("\nThelength of key \n%s is %d\n",key,keylength);
> dataready:
> keylength=strlen(key); /*again for fast-dataready:see 3 lines up*/
>
> loophelp=0;
> while(loophelp < keylength+1)
> {key2[loophelp]=key[loophelp+1] ;
> loophelp=loophelp+1;
> }
> loophelp=loophelp+1;key2[loophelp]=key[loophelp];
>
>
> /* printf("\n0-%c,1-%c,2-%c,3-%c",key[0],key[1],key[2],key[3]); */
> /* printf("\n0-%d,1-%d,2-%d,3-%d",key[0],key[1],key[2],key[3]); */
>
> /* printf("\n The word is %s",word); */
>
>
> input_file = fopen(input_name,"rb");
> if (input_file == NULL) {
> puts("***can't open input file***");
> exit(0);
> }
>
> output_file = fopen( output_name, "wb");
> if (output_file == NULL) {
> puts("***can't open output file***");
> exit(0);
> }
>
> if (catalyst_name[0] !=48) {
> catalyst_file = fopen( catalyst_name, "rb");
> if (catalyst_file == NULL) {
> puts("***can't open Catalyst file***");
> exit(0);
> }
> }
> c=0;d=0;length=0;loophelp=0;
> while((c = getc(input_file)) != EOF){length=length+1;/*start i/o file*/
> /* printf("-cbefore%d,%c-",c,c);*/
> if(mode == 49){word[loophelp]=c; /*d for troubleshooting*/
> }
> c=(key[loophelp]^c);
> c=(c^loophelp)^keylength; /*hide key from simple code*/
> c=(key2[loophelp]^c);
>
>
> if (catalyst_name[0] !=48) {
> d=getc(catalyst_file); /* printf(" %d",d); */
> if (d== EOF) { fclose(catalyst_file);
> catalyst_file = fopen (catalyst_name, "rb");
> d=getc(catalyst_file); /*printf("%c",d);*/
> }
> c=c^d;
> }
>
>
> /* if(length == 1) { c=d;printf("*c=%d,%c*",c,c);
> } */
> /* if(c == 26) { c=d; printf("*c=%d,%c*",c,c);
> } */
> /* if(c == 92) { c=d; printf("*c=%d,%c*",c,c);
> } */
>
> skipcode:
> if(mode == 50){word[loophelp]=c;
> }
> putc(c,output_file);
> loophelp=loophelp+1;
> if(loophelp == keylength) {
> loophelp=0;strcpy(key2,word); /*init loophelp*/
> }
> } /*stop while;i/o file*/
> fclose(output_file);
> fclose(input_file);
> fclose(catalyst_file);
>
> /* printf("\nFile length was=%d",length); */
> /* printf(" c=%d %c %s ",c,c,c);*/
>
> if(datasize>0){exit(0);} /* quit fast for the pros */
>
> againmode2:printf("\n1=Another File 2=QUIT\n");
> scanf("%s",&mode); /* printf("\nMode=%d",mode); */
> if((mode!=49)&&(mode!=50))
> {goto againmode2;}
> if (mode == 49){goto anotherfile;
> }
>
>
>
>
>
> }
>
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: tops9720.zip source code for "Topsecret"
Date: Sun, 11 Apr 1999 05:20:40 GMT
In article <7eokrb$alm$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> I encourage hackers to send me or publish exe programs that
> will reliably crack coded messages.
correction:
I encourage hackers to send me or publish exe programs that
will reliably crack coded "FILES".
(I am hoping to test the strength of the algorithm, when properly
used, from the view point of other programmers.)
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: True Randomness & The Law Of Large Numbers
Date: Mon, 05 Apr 1999 12:51:03 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 05 Apr 1999 07:42:56 GMT, "Douglas A. Gwyn" <[EMAIL PROTECTED]>
wrote:
>> That is an assumption that must be proven. A single-bit generator like
>> the uniform Bernoulli process results in parametric distributions, and
>> according to Triola that cannot be used to model a true random
>> process.
>I am sure Triola uses no such words.
Yet he does, in the book I have.
If you take the time to read his book, you will find it.
>Triola was suggested as a means for you to study statistics,
>not as another expert to misquote.
I did not misquote Triola. His statement is right there in his book.
If you would read the book critically, you would find it.
>Have you *worked* the exercises -- and gotten the right answers?
>If not, why should you even dream that you understand what Triola
>says?
I can read what he says. And he says what I quoted. Go read the book
carefully and you will find that statement.
He even puts it in a Table, where he distinguishes parametric and
non-parametric tests. That Table is on page 621 of the 4th edition.
Bob Knauer
"People have criticized me because my security detail is larger
than the president's. But you must ask yourself: Are there more
people who want to kill me than who want to kill the president?
I can assure you there are."
- Marion Barry, Mayor of Washington DC
------------------------------
From: [EMAIL PROTECTED] (R. Knauer)
Subject: Re: True Randomness & The Law Of Large Numbers
Date: Mon, 05 Apr 1999 12:52:06 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 05 Apr 1999 07:49:09 GMT, "Douglas A. Gwyn" <[EMAIL PROTECTED]>
wrote:
>> >I've broken what might be genuine OTP systems myself (at
>> >least, I never did find any regularities in the key streams).
>> >It would not have mattered in the least had the keystreams
>> >been generated by your so-called "TRNG".
>> If the keystreams had been generated by a properly functioning TRNG,
>> you could have not cracked the ciphers. There would have been no way
>> for you to have reasonable certainty that the purported decryption was
>> the intended plaintext. All possible plaintexts are equiprobable if
>> the keystream is truly random and only used once.
>Now you're demonstrating that you don't know much about real
>cryptanalysis, either. I did the work and know how I did it,
>and what properties of the keystreams I did or did not use.
>What I said is correct. Whereas, you have no clue.
More bluster and pontification - and a clear demonstration that you
are completely full of bullcrap.
Bob Knauer
"People have criticized me because my security detail is larger
than the president's. But you must ask yourself: Are there more
people who want to kill me than who want to kill the president?
I can assure you there are."
- Marion Barry, Mayor of Washington DC
------------------------------
From: Boris Kazak <[EMAIL PROTECTED]>
Subject: Re: Test vector repository--specifically, help with a broken Blowfish
Date: Sat, 10 Apr 1999 23:46:32 -0400
Reply-To: [EMAIL PROTECTED]
Nathan Kennedy wrote:
****************
> Right now, I'm just trying to get a working, test vector-passing Blowfish.
> Then I'll make a pretty one that will compile on x86 GNU/Linux, Sparcs,
> Alphas, Suns, and Crays. But not PC's running Borlando Turbo C++ for DOSO.
>
> Nate
====================
Sorry, Nate, in my previous post there is a bug - the program did
not reinitialize properly. Here is the corrected version and one
more test vector, both work out correctly, like a piece of cake.
I don't resend the table, you have it.
Best wishes BNK
/********************** Cut Here *****************/
/* Declarations "int" changed to "long" (my cockroach compiler) */
/* Names of boxes changed to bf_P[] and bf_S[] */
#include <stdio.h>
#include <string.h> /* Needed to handle keys */
#define byte unsigned char /* Note definition */
#define blowround(l,r,n) l ^= P[n]; \
r ^=
((S[0][(byte)((l>>24)&0xFF)]+S[1][(byte)((l>>16)&0xFF)])^S[2][(byte)((l>>8)&0xFF)])+S[3][(byte)(l&0xFF)];
/* Note type casting "long"
to "byte" */
#include "blow_tab.h" /* Follows in the post */
unsigned long P[18];
unsigned long S[4][256];
void
blow(unsigned long P[18],unsigned long S[4][256],unsigned long
*L,unsigned long *R)
{
unsigned long xL, xR;
xL = *L;
xR = *R;
blowround(xL,xR,0);
blowround(xR,xL,1);
blowround(xL,xR,2);
blowround(xR,xL,3);
blowround(xL,xR,4);
blowround(xR,xL,5);
blowround(xL,xR,6);
blowround(xR,xL,7);
blowround(xL,xR,8);
blowround(xR,xL,9);
blowround(xL,xR,10);
blowround(xR,xL,11);
blowround(xL,xR,12);
blowround(xR,xL,13);
blowround(xL,xR,14);
blowround(xR,xL,15);
*R=xL^P[16]; /* I'm not so sure about where */
*L=xR^P[17]; /* xL and xR are here... */
}
void
suck(unsigned long P[18],unsigned long S[4][256],unsigned long
*L,unsigned long
*R)
{
unsigned long xL,xR;
xL = *L;
xR = *R;
blowround(xL,xR,17);
blowround(xR,xL,16);
blowround(xL,xR,15);
blowround(xR,xL,14);
blowround(xL,xR,13);
blowround(xR,xL,12);
blowround(xL,xR,11);
blowround(xR,xL,10);
blowround(xL,xR,9);
blowround(xR,xL,8);
blowround(xL,xR,7);
blowround(xR,xL,6);
blowround(xL,xR,5);
blowround(xR,xL,4);
blowround(xL,xR,3);
blowround(xR,xL,2);
*L = xR ^ P[0];
*R = xL ^ P[1];
}
void
swim(unsigned char key[])
{
int x,y;
unsigned long L,R,temp;
for (x=0;x<18;x++)
P[x]=bf_P[x];
for (x=0;x<256;x++)
S[0][x]=bf_S[0][x];
for (x=0;x<256;x++)
S[1][x]=bf_S[1][x];
for (x=0;x<256;x++)
S[2][x]=bf_S[2][x];
for (x=0;x<256;x++)
S[3][x]=bf_S[3][x];
y = strlen(key); /* How many characters has the key? */
for (x=0;x<18;x++) /* Here we take care of little-endian order */
{
temp = (unsigned long)key[(4*x+3)%y];
temp += ((unsigned long)key[(4*x+2)%y] << 8);
temp += ((unsigned long)key[(4*x+1)%y] << 16);
temp += ((unsigned long)key[(4*x)%y] << 24);
P[x] ^= temp; /* Again note the type casting */
}
L=R=0;
blow(P,S,&L,&R);
for (x=0;x<9;x++)
{
P[2*x]=L;
P[2*x+1]=R;
blow(P,S,&L,&R);
}
for (y=0;y<4;y++)
for (x=0;x<128;x++)
{
S[y][2*x]=L;
S[y][2*x+1]=R;
blow(P,S,&L,&R);
}
}
void
main()
{
unsigned char K[57]; /* user key */
unsigned long L=0x424C4F57UL,R=0x46495348UL;
/* Text is
"BLOWFISH" */
printf("\nEnter your key:"); gets(K); /* get user key */
/* To see the test, enter "abcdefghijklmnopqrstuvwxyz" */
K[56]=0; /* if user key exceeds 56 bytes, it will be truncated */
swim(K);
printf("%0lx %0lx\n",L,R); /* source plaintext */
blow(P,S,&L,&R);
printf("%0lx %0lx\n",L,R); /* ciphertext */
suck(P,S,&L,&R);
printf("%0lx %0lx\n",L,R); /* decrypted plaintext */
printf("\n");
L=0xfedcba98UL; R=0x76543210UL;
printf("\nEnter your key:"); gets(K); /* get user key */
/* To see the test, enter "Who is John Galt?" */
K[56]=0; /* if user key exceeds 56 bytes, it will be truncated */
printf("\n%s Key is: ",K);
swim(K);
printf("%0lx %0lx\n",L,R); /* source plaintext */
blow(P,S,&L,&R);
printf("%0lx %0lx\n",L,R); /* ciphertext */
suck(P,S,&L,&R);
printf("%0lx %0lx\n",L,R); /* decrypted plaintext */
}
/* Test vectors (they claim that these are
from Dr. Dobb's Journal)
This is a test vector.
Plaintext is "BLOWFISH".
The key is "abcdefghijklmnopqrstuvwxyz".
#define PL 0x424c4f57l
#define PR 0x46495348l
#define CL 0x324ed0fel
#define CR 0xf413a203l
This is another test vector.
The key is "Who is John Galt?"
#define PL 0xfedcba98l
#define PR 0x76543210l
#define CL 0xcc91732bl
#define CR 0x8022f684l
*/
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
