Quicrypt Fast File Privacy Software

Copyright (C) 1994-1995 Michael Paul Johnson. All Rights Reserved.
Version 1.10   15 August 1995


INTRODUCTION

Quicrypt is a file encryption program that is designed to be 
fast, reasonably secure, and easy to use.  It runs as a command 
line oriented DOS utility.  It is good for protecting 
information like your personal diary, personnel records, medical 
records, client information, proprietary data, and other things 
that need to be kept private.  The security of this program 
depends on the pass phrase you provide.  Encryption prevents the 
data from being disclosed to an unauthorized intruder, even if 
that intruder gains access to your computer or the phone lines 
you transmit data over.

Advantages of Quicrypt include:

Small size.  Fits comfortably on a floppy disk, leaving room for 
other files.

Fast.  Runs about as fast as a program that offers this much 
security can hope to.

The shareware version is probably secure against the 
mathematically and computationally challenged (but not against 
professional crypanalysts).  See "HOW SECURE IS IT?" below.

The registerered version is reasonably secure.  See "HOW SECURE 
IS IT?" below.

Friendly.  At least as far as command line utility goes, it is 
friendly since you normally only need to provide an input file 
name and possibly the /w (wipe input file) switch on the command 
line, and answer the pass phrase prompt.

Versatile.  Works with files of many types, including text, 
spread sheets, word processing files, arbitrary binary data, 
pictures, multimedia files, etc.

Efficient.  Built in file compression may reduce the size of 
some large files.

CRIPPLEWARE WARNING

Even though the look, feel, and speed of the shareware version 
is the same as the registered version, the shareware version is 
not as likely to keep your secrets safe from a determined and 
knowledgeable adversary. This defect was introduced not just as 
a registration incentive, but as a condition to making the 
shareware version freely exportable under some (probably 
illegal) U. S. export regulations.  The NSA and FBI can quickly 
and easily decrypt shareware version files (but probably not the 
registered version files). On the other hand, if all you want to 
do is hide your diary from your little sister, the shareware 
version is probably good enough. The registered version has some 
other advantages, listed below.

QUICK START

To install Quicrypt, simply unzip the distribution archive, read 
the documentation, and copy QUICRYPT.EXE to the drive and 
directory where you want to run it from.  Quicrypt will create 
and maintain a file called QUICRYPT.BIN in the same directory 
that you run it from, so appropriate permissions must be granted 
for this to happen if you are running Quicrypt from a network 
drive.

To encrypt or decrypt a file, the syntax of the command is:

QUICRYPT [options] infile [outfile] [/ppassphrase]

If infile is the name of a file that has already been encrypted 
by Quicrypt, then it will be decrypted (provided, of course, you 
provide the right pass phrase).  If infile was not already 
encrypted, it will be encrypted.  The default outfile name for 
encryption is the same name as the input file, but with the 
extension ".QC" instead.  The default outfile name for 
decryption is the same name the file had before it was 
encrypted.  The input and output files MUST be different to 
avoid loss of data.

/kkeyfile = Get pass phrase (or binary key) from keyfile.

/n = No compression (switch valid for encryption only).

/o = Overwrite the output file if it already exists, without 
asking first.

/w = Wipe (overwrite then delete) the input file after 
encrypting it.  Without this switch, both the encrypted and 
decrypted versions of the file will be kept.

/q = Quiet mode (minimal screen output).

/c = Compatibility mode for QCRYPT to encrypt for QUICRYPT.  
(Option only works on the registered version).

/p = Pass phrase follows immediately.  If you put the pass 
phrase on the command line, it must be the last parameter.  Pass 
phrases may include blanks and are case sensitive.  If you don't 
put the pass phrase on the command line, Quicrypt will prompt 
you for it.

Pass phrase may also be passed to QUICRYPT via QUICRYPT 
environment variable.

Options (except for /k and /p) can be combined.

For example,

QUICRYPT /Woq DIARY.TXT /Pnone of your bEESwAX, Guido.

INSTALLATION

Quicrypt 1.10 is distributed in a .ZIP file named QCRYPT11.ZIP.  
Simply unzip the file (using PKUNZIP, Info-Zip's UNZIP, or 
PCDEZIP) into an empty directory.  You will get QUICRYPT.EXE 
(the executable), QUICRYPT.TXT (the documentation as a plain 
ASCII text file), QUICRYPT.WRI (the documentation in Microsoft 
Windows Write format), QCRYPT.QC (the full registered version 
for the USA and Canada only, encrypted), PWGEN.EXE (for 
generating random pass phrases).

You may want to place QUICRYPT.EXE and PWGEN.EXE in your PATH, 
so that you can run it from any directory.  Both of these 
programs will attempt to write a state file (QUICRYPT.BIN and 
PWGEN.DAT) in the same directory where the corresponding .EXE 
file resides every time it is used to improve the random number 
generation process.

The two programs, Quicrypt, and PWGEN, are independent, so you 
need not keep PWGEN on your disk if you are not using it for 
pass phrase generation.  However, if you redistribute Quicrypt 
or PWGEN, please make sure that you redistribute the 
distribution .ZIP file with all of the files included in the 
original distribution .ZIP file.

ENCRYPTING FILES

To encrypt a file, simply run Quicrypt with the name of the file 
you wish to encrypt on the command line.  If you want to specify 
the name of the encrypted file, place that on the command line 
after the input file name.  If you don't specify the name of the 
encrypted file, Quicrypt assumes that you want to use the same 
drive, path, and name as the file you are encrypting, but with 
the suffix ".QC".

If you want to wipe (overwrite and delete) the input file as 
soon as it is encrypted, then place a "/w" on the command line.  
This has the advantage of making sure that the plain text file 
is gone, without the ability to unerase it.  The trade off is 
that if you mistype your pass phrase when encrypting it, you may 
have a difficult time recovering your data.  For really valuable 
data, you should first check to be sure you can decrypt the data 
with the pass phrase you thought you typed before wiping the 
input file.  One way to wipe the file separately is to use the 
DELETE utility that I wrote, available in DEL104.ZIP (or 
possibly a later version by the time you read this, on the 
Colorado Catacombs BBS, 303-772-1062).

Normally, Quicrypt will ask you if you want to overwrite an 
output file if the file already exists.  If you don't want to be 
asked, place a "/o" on the command line.

If you don't want to see a lot of screen output (like the 
copyright notice and the information messages about what files 
are being encrypted), then put a "/q" on the command line.

Normally, Quicrypt will prompt you for the pass phrase.  This is 
better, since command lines can be easily recalled when you use 
utilities like DOSKEY.  It also allows for the generation of 
higher quality session keys, since the randomness of the timing 
of your keystrokes is used to make the session keys more 
unpredictable.

BE VERY CAREFUL IN ENTERING YOUR PASS PHRASE.  YOU MUST ENTER 
THE EXACT SAME PASS PHRASE TO DECRYPT YOUR DATA.  PASS PHRASES 
ARE CASE SENSITIVE.

There are three other options for entering your pass phrase (or 
any arbitrary binary key): stored in a file, pass phrase passed 
on the command line, or pass phrase passed to Quicrypt via the 
QUICRYPT environment variable.  Quicrypt will look for its pass 
phrase or key in the following order, using the first pass 
phrase of at least 4 characters that it finds: (1) Passed on the 
command line (/P option), (2) in a key file (/K option), (3) in 
the QUICRYPT environment variable, or (4) typed in by the user 
at the prompt.

If you want to place the pass phrase on the command line, start 
it with "/p".  This must be the last parameter on the command 
line.  The pass phrase starts immediately after the "/p" so that 
if you place a space after the "/p", Quicrypt will include that 
space as part of the pass phrase.  Some characters can be used 
in a pass phrase that is entered at the prompt that cannot be 
entered on the command line or put in an environment variable.

If you want to place your pass phrase or key in a file, any 
arbitrary byte value from 0 to 255 can be used.  Although key 
files can be longer, any bytes beyond 255 bytes will be ignored. 
 Make sure the file name starts right after the /k, like:

QUICRYPT JEWELS.TXT /KA:KEY.DAT /W

Although the command line switches (/o, /w, /q, /k, /n, and /p) 
are not case sensitive (/w = /W), the pass phrase IS case 
sensitive.  The pass phrase "SECRET STUFF" is different from the 
pass phrase "secret stuff" which is different from the pass 
phrase "Secret Stuff".

If the file you are encrypting is already compressed or 
encrypted (like .ZIP, .ARJ, .LZH, and .GIF files), or is some 
other kind of data that doesn't compress further, you can save a 
tiny amount of time when encrypting by putting a /n on the 
command line to disable Quicrypt's attempt at compression.  The 
uncompressed status of the file will be stored in the header of 
the file so that Quicrypt will know not to try to decompress the 
file after decrypting it.  For example,

QUICRYPT REPORTS.ZIP /N

Command line switches can come before, between, or after the 
input file names, except that the pass phrase must be the last 
thing on the command line, if it is used.

For example, to encrypt the file DIARY.TXT to DIARY.QC, 
permanently deleting DIARY.TXT, using a pass phrase you are 
prompted for, type:

QUICRYPT DIARY.TXT /W

To encrypt MONTHLY.XLS to MONTLY.QC, while still keeping a copy 
of MONTHLY.XLS, with a pass phrase of "Snoggley*fish37" on the 
command line, type:

QUICRYPT MONTHLY.XLS /PSnoggley*fish37

To encrypt LOVELTR.TXT to ABC.DAT, permanently deleting 
LOVELTR.TXT, with a minimum of screen output, and with a pass 
phrase you are prompted for, type:

QUICRYPT /W /O /Q LOVELTR.TXT ABC.DAT

To encrypt all .DOC files in the current directory using a key 
in a file called MY.KEY on drive A:, permanently deleting the 
input files, type:

FOR %F IN (*.DOC) DO QUICRYPT /W /FA:MY.KEY %F

To do the same thing in a batch file, you must double the % 
signs, like:

FOR %%F IN (*.DOC) DO QUICRYPT /W /FA:MY.KEY %%F

To encrypt a file with the registered version of Quicrypt 
(QCRYPT) so that the files can be decrypted with the shareware 
version, everything is the same, except that you may include a 
command line switch (/c) to indicate compatibility mode (and 
force use of a shorter session key). If you don't include this 
switch, only the registered version can decrypt the file (with 
the right pass phrase, of course). The registered version can 
decrypt files encrypted by either the shareware or registered 
versions, and automatically detects which one. For example:

QCRYPT /C /O TO_CINDY.TXT

Can be decrypted either by

QCRYPT TO_CINDY.QC

or

QUICRYPT TO_CINDY.QC

if you enter the correct pass phrase.

I wanted to make the shareware, exportable, version cabable of 
decrypting more secure files from the registered version, but 
the NSA wouldn't let me do that and maintain the exportable 
status of Quicrypt.  This is in spite of the fact that programs 
that are limited to decryption only are specifically exempt from 
export restrictions in the U. S. Defense Trade Regulations.  In 
my opinion, the NSA overstepped their authority with this 
restriction.

DECRYPTING FILES

File decryption works just like encryption, except that (1) the 
default output file name is the base file name of the file when 
it was encrypted, (2) Quicrypt recognizes that the input file is 
already encrypted, so it will decrypt it if you provide the 
correct pass phrase, and (3) the /n switch is ignored, since 
Quicrypt can tell from the file header if it is supposed to 
decompress after decryption or not.  Note that because of the 
convenient way in which Quicrypt decides to encrypt or decrypt, 
encrypting a file twice is not supported, unless you use a 
different program (like DLOCK, PGP, DES, or something) for one 
of the encryption operations.

For example, to decrypt DIARY.QC to its original file name (but 
in the current directory), using a pass phrase you are prompted 
for, type:

QUICRYPT DIARY.QC

To decrypt AUGUST.QC to AUG.XLS, with a pass phrase of 
"Snoggley*fish37" on the command line, type:

QUICRYPT AUGUST.QC AUG.XLS /PSnoggley*fish37

To decrypt ABC.DAT to its original file name, permanently 
deleting ABC.DAT, with a minimum of screen output, and with a 
pass phrase you are prompted for, type:

QUICRYPT /W /O /Q ABC.DAT

To decrypt all encrypted files with a .QC suffix in the current 
directory, using a key file named MY.KEY on drive A:, type:

FOR %F IN (*.QC) DO QUICRYPT /FA:MY.KEY %F

To do the same thing in a batch file, the % signs must be 
doubled, as in:

FOR %%F IN (*.QC) DO QUICRYPT /FA:MY.KEY %%F

CHOOSING A GOOD PASS PHRASE

The term pass phrase is used instead of password to emphasize 
that fact that it can be longer than one word, and to encourage 
the use of such longer pass phrases.

This is one thing that you can control (but I can't).  If you 
pick a lousy pass phrase, someone could just guess it.  With a 
specialized pass phrase cracking program and a fast computer, 
you could probably try 100,000 pass phrases per second.  If your 
pass phrase is a common word (in any language), a common name, 
your pass phrase is very likely to be guessed.  There are 
password cracking programs available (I've looked at one) that 
use very large dictionaries containing all words and names (in 
several languages) that you are likely to use.  They then try 
variations on those words, like spelling them backwards, adding 
punctuation, etc.

I once had someone crack a password I was using on one of my 
commercial computer accounts.  The password was the name of a 
planet, followed by an exclamation point.  I was not amused.  I 
started using randomly generated passwords after that.

There are two major concerns when picking a pass phrase:  
remembering it, and keeping it secure.  If the pass phrase is 
too hard to remember, you could forget it (and lose your 
encrypted data) or be forced to write it down (and risk losing 
it and/or having someone else discover it).  If the pass phrase 
is too easy, it might be guessed.  The longer and more random 
your pass phrase, the harder it is to guess, but the harder it 
is to remember and type correctly.

Here are six decent strategies for generating good pass phrases. 
 Pick one that works well for you.

1.  Chose at least two unrelated words and at least two numerals 
or symbols and combine them.  Be creative about your 
capitalization and placement of symbols and numerals.  For 
example, "plan!Et TAkE2."

2.  Chose a favorite quote, rhyme, or limerick, but alter it.  
For example, "Jack or Jill went AROUND the well."

3.  Chose a favorite quote, rhyme or limerick, but just use the 
initial letters and substitute some parts.  For example, "We 
hold these truths to be self evident, that all men are created 
equal and endowed by their Creator with certain inalienable 
rights..." might become "Whtt2bse,tamaceaebtCwcir..."  Of 
course, you could use the whole quote as a pass phrase, but that 
is a lot of typing.

4.  Generate a pass phrase purely randomly, using a manual 
random process involving flipping coins, shuffling cards, 
rolling dice.  For example, the first cards drawn from a 
shuffled deck might be "KH QC 8H 7D AH."

5.  Generate a random pass phrase using timed random keystrokes 
with the PWGEN program.  This can be extremely secure, but the 
pass phrases generated are not very easy to memorize unless you 
use them regularly.

6.  Generate a random key file containing any binary values.  
One way to do this is to ask PWGEN to create a password, make a 
copy of PWGEN.DAT (which can be found in the same directory as 
PWGEN.EXE), then cause PWGEN.DAT to be overwritten (so that you 
don't leave a spare key laying around) by asking PWGEN to make 
another password.  For example:

PWGEN

COPY PWGEN.DAT A:MY.KEY

PWGEN

If you suspect that an unauthorized person may have your pass 
phrase (by looking over your shoulder or whatever), then you 
should decrypt all the files protected with that old pass phrase 
and encrypt them again with a new pass phrase.

Note that you can use more characters for your pass phrase if 
you let Quicrypt prompt you for it than what you can use on the 
command line.  At the prompt, any ASCII character you can enter 
except for some characters that may be intercepted by the BIOS 
(like Ctrl-P, which toggles the printer echo), Ctrl-H and 
Backspace (erases the last character entered) and Enter 
(terminates the pass phrase) can be used.  Press any function 
key (like F2) for the null character.  The command line (and 
environment variable method) is more restrictive, in that any 
sequence of spaces and tabs gets converted to one space, and 
some control characters are interpreted by DOS or the BIOS 
before Quicrypt even starts running (like Esc, Ctrl-C, Ctrl-P, 
<, >, |,  etc.).  The key file method is least restrictive of 
all, since ANY binary value can be used.  Note the key file can 
be any length, but characters after the first 255 will be 
ignored.

GENERATING PASS PHRASES WITH PWGEN

To run PWGEN, just type PWGEN, then press random keys at random 
times when you are prompted to.  PWGEN will then display a line 
of letters, symbols, and numbers on the screen.  Passwords 
generated this way are very good to use when you are going to 
encrypt with a batch file that has the pass phrase on the 
command line.  Of course, such a batch file should reside on a 
floppy disk that gets locked in a safe place.  The PWGEN.DAT 
file generated by PWGEN is a decent source for random key files 
that are not restricted to printable ASCII.  If you want a 
little more control over the "randomness" of the data produced 
by PWGEN, you can specify the number of bits of entropy 
(information theory jargon for a measure of information content) 
obtained from key strokes on the command line.  PWGEN makes a 
conservative estimate of the entropy of the keystrokes measured 
so far and counts down to zero as you type.

BALANCING SECURITY

If you use encryption to protect private data, it is important 
to think of other places where that data may reside besides in 
the encrypted file(s).  For example, many programs generated 
automatic backup files or swap files on disk.  Sometimes these 
are deleted when you exit the program.  Sometimes they are not.  
The point is, you may have copies of the sensitive data in 
places that you did not expect them to be.  Your best defense, 
here, is to understand how your software works.  You may also 
want to periodically overwrite unused areas on disk with one of 
the utilities designed for that purpose.

DON'T USE A WRENCH FOR A HAMMER

This privacy software is good for its intended use (keeping a 
few local files private), and can be used for some other things, 
but you may also want to consider some other packages.

For electronic mail, the de facto standard is Pretty Good 
Privacy (PGP), by Philip R. Zimmermann.  For the freeware 
version, look for pgp262.zip (or a later version number) on BBS 
and Internet sites.  An FAQ posting in alt.security.pgp (also 
found on the Internet at ftp://ftp.csn.net/mpj/getpgp.asc and 
http://www.csn.net/~mpj) tells you more about where to get PGP.  
Contact Viacrypt at 1-800-536-2664 to order a copy of the 
commercial version if you are in North America and want to use 
PGP for business uses.  If you are not in North America, you 
should have no difficulty getting PGP, you just can't pay for 
it.  If you are impressed by Internet RFCs more than de facto 
standards, there is an Internet Privacy Enhanced Mail (PEM) 
standard.  The best implementation of that, so far, is RIPEM, 
but it is only a subset implementation of the standard, and the 
key management infrastructure that exists for PGP just isn't 
there for RIPEM.  If you want to communicate with me privately 
by electronic mail, you can get my PGP public key from my BBS or 
from the standard PGP public key servers.  I don't use RIPEM, 
though because it is too hard to use, and PEM (being an Internet 
only mail standard) doesn't adapt as well to some other kinds of 
electronic mail that I use as PGP does.

For on-the-fly disk encryption, try Peter Gutman's Secure File 
System (look for SFS110.ZIP, or possibly a later version).  
Except for the fact that it requires a dedicated partition to 
operate (a pain to install), this is faster than most 
competition and more secure than most commercial packages.  
Since it was written in New Zealand, you should have no hassles 
with the irrational U. S. Export controls getting it.  Some 
alternatives to SFS include Secure Device (file hosted) and 
Secure Drive (another partition hosted system).

For strong encryption with ZIP-like archiving capabilities, try 
Peter Gutman's HPACK (look for HPACK79.ZIP, or possibly a later 
version).  This won't win any speed races with PKZIP, Info-ZIP, 
or ARJ, but it has good compression and superior security.  The 
competition falls far to easily to a known plain text attack. 
Since it was written in New Zealand, you should have no hassles 
with the irrational U. S. Export controls getting it.

Although Quicrypt's header information allows it to be more 
friendly, there are some applications in computer security where 
you might not want the encryption method used to advertise 
itself.  In those cases, you might want to consider DLOCK.  See 
DLOCK1A.ZIP (or later) on the Colorado Catacombs BBS 
(303-772-1062).  This program comes with complete source code, 
and uses a slower encryption algorithm (Diamond).  The Diamond 
encryption algorithm was designed to exceed DES, 2 key 3DES, and 
IDEA in strength (provided you use a good key of at least 128 
bits), and is royalty free.  Unfortunately, I am currently not 
allowed to export DLOCK outside of North America.

UNDER THE HOOD OF QUICRYPT

Good cryptographic software is still good, even if the method of 
encryption becomes known.  After all, someone could reverse 
engineer the executable for the program to figure this stuff 
out, anyway.  On the other hand, making known some information 
about how it works tends to have one of two effects:  (1) 
increased confidence because nobody finds anything wrong with 
it, or (2) reduced confidence and embarrassment for the author 
and designer of the software and algorithm.

The first four bytes of a Quicrypt encrypted file are set to an 
identifying signature so that Quicrypt can automatically 
determine if input file is supposed to be encrypted or 
decrypted.  This four byte sequence is either 3B F6 DD 16 (old 
registered version), 68 A0 66 5F (shareware version), or 03 A9 
C7 A4 (new registered version).  If the file is in the new 
registered version format, some random "salt" bytes are included 
in the file to append to your passphrase to form the actual key 
used to encrypt the session key with.  (Shareware and old 
registered version formats don't use "salt.")  There is also a 
randomly generated session key used just for this file, which is 
encrypted with your pass phrase (and salt, if applicable).  The 
session key is generated using the time of day, the amount of 
free space on your disk, keystroke timing information from your 
pass phrase entry, and the contents of QUICRYPT.BIN.  Since a 
different session key is used each time, the same file encrypted 
twice will have different contents, even though it will decrypt 
the same.

Also in the header is data that allows bad pass phrase detection 
and some directory information from the file that was encrypted 
(attributes, size, date, time, and base file name without the 
path).  The file data follows.  If the file is longer than 492 
bytes and you didn't put /n on the command line, Quicrypt will 
attempt to compress it using Zip style compression (built in) 
before encrypting it.  If the data is not compressible (like 
random binary data or files that are already compressed or 
encrypted), it may actually be expanded some by the attempt to 
compress.

After the file data (which may or may not be compressed before 
encryption), just enough garbage bytes are added to make the 
file length an exact multiple of 512 bytes.  This padding makes 
"traffic analysis" based on the sizes, sources, and destinations 
of encrypted messages harder, but normally doesn't cost any more 
in terms of disk space, since the minimum allocation unit is 
normally at least 512 bytes, anyway.

Because of the header information, the padding, and the optional 
compression, the encrypted file may end up either larger or 
smaller than the original file.

The encryption algorithms used in Quicrypt is the Sapphire 
Stream Cipher and the improved Sapphire II Stream Cipher.  The 
three main benefits of these cipher are (1) I can use it without 
paying patent royalties to anyone (because I invented them), (2) 
they are fast, and (3) I am not aware of any way to break the 
Sapphire II Stream Cipher better than brute force (trying all 
possible keys).  The only attack I know of better than brute 
force for the Sapphire Stream Cipher is a rather obscure one 
that doesn't apply to the way this cipher is used in Quicrypt.  
Take this with a grain of salt.  These stream ciphers haven't 
been scrutinized by great numbers of people, yet.  On the other 
hand, many of the principles used in the design of this cipher 
have withstood some analysis by other people.

THE REGISTERED VERSION

What you get for a registered version depends on who you are and 
where you live.  This is NOT the way I would prefer to do 
business.  It is a requirement forced upon me by current U. S. 
Export regulations.  If you are not qualified according to U. S. 
export regulations to get the "registered version" without 
prohibitive costs and red tape, you are still welcome to 
register the shareware version and continue to use it.

The "registered version" is the same as the shareware version, 
except (1) it doesn't beg for money on the opening screen, (2) 
the executable file is called QCRYPT.EXE instead of 
QUICRYPT.EXE, (3) it cannot be legally exported from the USA to 
any place besides Canada without a license from the Department 
of State (under regulations that are current as of this writing 
but that I hope change), and (3) it generates a 16 byte (128 
bit) session key instead of a 4 byte (32 bit) session key, like 
the shareware version generates.  (4) it encrypts with the 
improved (more resistant to a theoretical attack) Sapphire II 
Stream Cipher and can decrypt files encrypted using either 
stream cipher, (5) it appends an 8-byte random "salt" to your 
passphrase before initializing the Sapphire II Stream Cipher 
with it, thus making certain cryptographic attacks clearly 
infeasible, and (6) it can decrypt files using either length (4 
or 16 bytes) of session keys, but the shareware version can only 
decrypt files using the shorter session key.  The longer session 
keys are clearly better.  With the shorter key, and assuming 
knowledge of more details than I provided in the above section, 
like where exactly in the header the various bytes are, (but 
which the NSA knows and other spy agencies can probably reverse 
engineer), it would take a short amount of time to crack a 32 
bit session key with a supercomputer.  (Actually, the shareware 
version could probably be broken with a PC, too, but it would 
take longer than I'm willing to tie my PC up for.)  I'm not 
particularly concerned about the NSA, personally, but I am 
concerned about industrial spies and criminals snooping about my 
electronic effects.  You might not trust the NSA as much as I 
do.  If you think someone might possibly spend much money and 
supercomputer time to read your files, don't use the shareware 
version of Quicrypt!  Use the registered version, instead.  It 
would take a very expensive comuter (using current technology) 
over a million years to crack a 128 bit session key with a brute 
force attack, but a matter of minutes to crack a 32 bit session 
key.  Of course, this only applies to a brute force attack 
against the session key.  Chances are, your pass phrase may be 
weaker than the session key, unless you choose a very good key.  
For other measures of strength, see the next section.

HOW SECURE IS THIS PROGRAM?

Quicrypt is strong enough that I wouldn't want to take the time 
to crack anybody's messages, even though I know that it could 
probably be done with the use of all the computing resources I 
could get my hands on and trying about 2 billion keys.  (So 
don't bother asking me to recover your data if you forget your 
passphrase).  The NSA or FBI could spend a little supercomputer 
time and crack your files open, which is probably not a great 
concern for most people.  The problem is, certain industrial 
spies, criminals, stalkers, and alien spies can also do this.  
Qcrypt (the registered version) is designed to be uncrackable 
even by determined and knowledgeable adversaries with lots of 
computing power, but is it really that good?

This is not an easy question to answer.  The two biggest 
considerations are the quality of your pass phrases, and which 
variant of Quicrypt you are using.  Quicrypt comes in two 
variants: the shareware trial version and the registered 
version.  The only functional differences between the two are 
that the registered version generates longer (and more secure) 
session keys, adds random "salt" to your passphrase, and uses 
the slightly better Sapphire II Stream Cipher.  This is done in 
such a way that either program can read the files encrypted with 
the other, provided you provide the correct pass phrase (and 
encrypt with /C, for compatibility cripple, on the registered 
version, thanks to the NSA's meddling).  Still, the keys 
generated in the shareware version are probably better than the 
pass phrases most people use.  A chain is only as strong as its 
weakest link.

CRYPTOGRAPHER'S HUMBLE PIE

The German high command was dumbfounded when they discovered 
that someone was breaking their Enigma-enciphered messages 
during World War II.  The history of cryptography (code making) 
and cryptanalysis (code breaking) is full of examples of people 
being overconfident in their encryption schemes.  It is easy to 
focus too much on the parts of the system that are known to be 
good, while missing some important weakness.  The best you can 
do is spend a lot of time in studying the art, math, and science 
related to cryptography and cryptanalysis, make attempts at 
breaking ciphers, and try to avoid the same mistakes made by 
others.  I study these things for the fun of it, and 
occasionally get to apply some of it in my work.  I have managed 
to crack (and in some cases, just find weaknesses in) several 
shareware and commercial encryption packages.

Naturally, I have no great interest in reading other people's 
private files, but if I can do it, someone with criminal intent 
could probably do that, too.

There are some really lousy encryption schemes out there.  Many 
of the encryption programs (or other packages that include 
encryption) are notoriously weak.  Among these are the lousy 
excuses for encryption used in Microsoft Word and WordPerfect 
word processing programs.  I have seen programs that 
automatically crack these in a few minutes on an average PC.  
I've seen some really amateur shareware programs that either 
don't work properly or don't provide much security.  Some are in 
between.  For example, PKZIP's encryption is better than 
Microsoft Word's, but it does fall to a known plain text attack. 
You don't always get what you pay for.  Some programs that use 
DES implement it in such a way as to weaken the key to the point 
that it wouldn't cost much to break the encryption used.

This isn't to say that all the encryption software that is 
available is bad.  Pretty Good Privacy (PGP), written by Philip 
R. Zimmermann (the folk hero and defender of electronic privacy) 
is an excellent electronic mail package.  Secure File System 
(SFS) by Peter Gutman is a good on-the-fly disk encryption 
utility.  DLOCK (by Michael Paul Johnson) is very strong, but 
not nearly as user friendly or fast as this program.

SESSION KEY LENGTH LIMITS

The session key of the shareware version is short enough that it 
can be cracked with enough tries (simply trying all keys until 
one works), but it would probably cost more than the average 
hacker or spider would be willing to spend to read my files.  
The session key generated by the registered version is long 
enough (128 bits) to be essentially immune to this "brute force" 
attack.  I wouldn't have issued the shorter key version, except 
for some indecipherable and probably unconstitutional 
regulations from the U. S. State Department.  Still, the 
security offered by the shorter session key is still probably 
enough for many casual applications.  Note that even if some 
criminals crack one of your session keys, they still won't know 
your pass phrase(s), so they will have to do the same amount of 
work to get another file.

PASS PHRASES ARE A WEAK LINK

I just know that some of you will ignore the section above on 
choosing pass phrases and use the name of someone in your 
family, a friend, or a pet for a pass phrase.  In that case, the 
difference between the shareware (exportable) session keys and 
the registered version (not exportable) session keys really 
won't make any difference.  This is like getting a dead bolt for 
your front door, but never locking the back door.

On the other hand, if you use PWGEN to create a pass phrase, and 
use at least 12 characters of the generated pass phrase, you can 
pretty much forget about a brute force attack against your pass 
phrase.  You still have to be concerned with how to either 
memorize that strange pass phrase, or have a safe place to store 
a written copy of it.

ALGORITHMIC WEAKNESSES

I haven't figured out a way better than brute force to attack 
the Sapphire II Stream Cipher, or the Sapphire Stream Cipher the 
way it is used in this program, but that is no guarantee that 
someone may not.  I would offer a huge reward with some 
challenge, but (1) I'm too poor to do that, and (2) professional 
cryptanalysts who might be able to find some weakness for me 
tend to ignore such things.  If you want some challenge text, 
you can always make your own.  I suppose that you could consider 
the encrypted registered version a kind of challenge text, if 
you want.  Let me know if you decrypt it without the pass phrase 
(or even if you guess the pass phrase, which was generated with 
PWGEN).

PASS PHRASE PREPROCESSING WEAKNESSES

Some software, including reputable commercial editions, 
preprocess pass phrases and passwords to make them weaker.  
Things like removing case sensitivity and truncating make it 
easier for people to guess your pass phrase.  Quicrypt doesn't 
do this.

THE BOTTOM LINE ON STRENGTH

If you are concerned only with keeping your diary from your kid 
sister or keeping business plans worth less than a few thousand 
dollars secret, then the shareware version is good enough if you 
use a good pass phrase (and is the only version available from 
me outside the USA and Canada).  If you have more valuable 
secrets, then I recommend the use of the registered version with 
a good pass phrase.

ERRORLEVEL EXIT CODES

If you want to use Quicrypt in a batch file, you can test for 
the following ERRORLEVEL exit codes:

0 = Normal exit.

1 = Syntax error or help screen requested.

3 = Bad pass phrase.

4 = Disk I/O error.

HOW TO CONTACT THE AUTHOR

After you have read the documentation, if you have any 
questions, feel free to write to me at:

                Mike Johnson
                PO BOX 1151
                LONGMONT CO 80502-1151
                USA

Electronic mail:  m.p.johnson@ieee.org  CompuServe: 71331,2332
Colorado Catacombs BBS:  303-772-1062

LEGAL NOTICES

QUICRYPT.EXE, QCRYPT.EXE, and this document are copyright (C) 
1994-1995 Michael Paul Johnson.  All rights reserved.  Because I 
have no control over your computer, your environment, your use 
of this product, nor the distribution channel, I would have to 
be truly insane to guarantee anything, even though it seems to 
work as designed on my computer.  No warranty of any kind is 
made on this software or documentation, and if you use it, you 
do so entirely at your own risk.  It is your responsibility to 
determine if this software is suitable for anything you want to 
do with it.  This is shareware.  You are granted permission to 
copy this software to distribute it to others on BBS, Internet 
ftp sites, or on disks, provided that you do not charge more 
than a minimal fee for connect time or disk duplication, 
handling, and shipping, and provided that you keep all of the 
files from the original distribution .ZIP file together, without 
adding any files to them or altering any of the files within the 
original distribution .ZIP file.  You may use Quicrypt for up to 
60 days for the purpose of evaluating it and deciding if it is 
suitable for your applications.  If you continue to use Quicrypt 
beyond 60 days, you are required to register it, as described 
below.  If you register Quicrypt, and if it is legal for me to 
do so at the time, I will send you the pass phrase to decrypt 
the registered version (QCRYPT.EXE), which is locked inside 
QCRYPT.QC.  If it is not legal for me to send you the pass 
phrase to unlock the registered version, registration still 
allows you to continue to use the shareware version of Quicrypt 
beyond the 60 day trial period.

Anything else in this document notwithstanding, no 
representation is made that the unregistered shareware version 
of Quicrypt is capable of keeping data private from any 
determined adversary, since the session key length was crippled 
to a length of 32 bits at the request of an agency of the U. S. 
Department of Defense, a key length that is generally considered 
to be insecure by serious cryptologists.

Current regulations (which I hope change) prohibit me from 
exporting the "registered version" (or the pass phrase to unlock 
it) from the USA to any country other than Canada without a 
prohibitively expensive and time consuming licensing procedure.  
If you want me to try that, please send me a $10,000.00 fee (not 
refundable) to cover registration, licensing, government fees, 
legal fees, and (last, but not least) compensation for the 
aggravation of dealing with certain parts of the U. S. Federal 
Government.  This deposit doesn't guarantee anything but an 
effort, and that effort is likely to fail if the intended end 
user is not a U. S. Citizen or corporation that is more than 50% 
owned by U. S. Citizens.  If that is too expensive (I certainly 
think that it is!), you may register the shareware version and 
use it for the normal price, but without getting the pass phrase 
to unlock the full strength "registered version."  If that is 
not secure enough, get a copy of some good, strong cryptographic 
software from some place outside of North America.


REGISTRATION & INVOICE

Note that the Quicrypt 1.10 software has been delivered and 
accepted by the customer.  Upon receipt of this paid invoice, 
the printed documentation and disks paid for will be sent.

Remit to:                       Ship to:

Mike Johnson                    ________________________________

PO Box 1151                     ________________________________

Longmont CO 80502-1151          ________________________________

USA                             ________________________________

                                Contact person:

                                ________________________________

                                ________________________________

Quantity  Description                                  Unit Price Total

________  Quicrypt registration with disk & manual.    $49.00     ______

________  Quicrypt single copy registration only.      $20.00     ______

________  Site license for unlimited use of Quicrypt
          at one corporation (includes one disk & one
	  manual).   				      $295.00     ______

          Sales tax (if you are in Colorado)                      ______
	  Shipping and handling if a disk and manual
          has been ordered.                             $5.00     ______

                                                                
                                                        Total     ______

Please check all that apply to you (and only those that apply to 
you) so that I can determine if I can legally send you the pass 
phrase to unlock the full strength registered version 
(QCRYPT.EXE), or if you have to be content with the shareware 
version (but registered).  I also need to know the size of disks 
you prefer to use.

__ I am a citizen of the United States of America or Canada.

__ I am not a citizen of the USA, but I am a permanent resident 
   (with a "green card").

__ I promise not to export QCRYPT.EXE or the password that unlocks 
   it without proper legal authority and without registering every 
   copy in use.

__ I promise not to give QCRYPT.EXE or the password that unlocks it 
   to anyone who would export it without legal authority or use it 
   without registering it.

__ I prefer 3.5" disks.

__ I prefer 5.25" disks.


Signature __________________________________   Date __________

