idea3.txt

IDEA加密算法属于数据块加密算法(Block Cipher)类。IDEA使用长度为128bit的密钥

                                 Tiny IDEA

                      A Secure File Encryption Program

                     Copyright (C) Fauzan Mirza 1995-96


WARNING

    Due to the strength of the encryption algorithm, the author
    disclaims all responsibilities for the use or misuse of this
    software. You are warned that files encrypted with this program
    will not be recoverable without the correct key.

    If you lose your key, you lose your data.

Introduction

    Tiny IDEA is a tiny file encryption program that uses the IDEA
    cipher. It is used to scramble files with a key, such that the
    original file cannot be recreated without knowledge of the key.

    Tiny IDEA only needs to know three things to operate:

    1. Whether you want to encrypt or decrypt.
    2. The name of the file to process.
    3. The encryption key.

    The first two are given to the program as parameters, and the
    program will prompt for the key.

    The program usage is:

        IDEA +/- <File>

    The first parameter specifies the mode: use + to encrypt, or - to
    decrypt.

    An example of how you might use tiny IDEA to encrypt a file:

        IDEA + a:\mailbox.txt

    Be warned that the key is not hidden as you type it in. This is
    because tiny IDEA does not verify the key, and it is up to the user
    to make a visual check to ensure that the key is correct before
    processing.

    The encryption key can be up to 128 characters long. Avoid the
    use of words, or guessable phrases. Remember that the security of
    your data lies solely on the key, not on the encryption algorithm.
    I have tried to make tiny IDEA as secure as possible (overwriting
    the plaintext, and overwriting the key upon exit) and will welcome
    any suggestions to increase its security or usefulness.

Secure File Wiping

    Because of the file overwriting mechanism, tiny IDEA can be used
    to destroy files such that advanced data recovery methods would be
    unable to retrieve the original file contents. Simply encrypt the
    file using a random string as the key (tap the keyboard in various
    places), then decrypt it using another random string, then encrypt
    again, then decrypt, and so on. One encrypt-decrypt sequence is
    sufficient to wipe the file, but will provide minimal security. I
    suggest between four and eight. The really paranoid among you can
    use four hundred.

Technical Summary

    o Files are processed in place (effectively wiping the original).
    o It uses 8 round IDEA in ciphertext feedback mode.
    o The pass phrase is hashed using tandem Davies-Meyer (with IDEA).
    o The feedback is done on 8 byte blocks.
    o The initialisation vector (IV) is set to zeros.
    o Written in 8086 assembly (heavily optimised for size).

Source Code Availability

    Tiny IDEA is freeware which means that although the source code
    is supplied, you are not permitted to distribute modified copies
    of the source or executables.

    The source is provided for educational use and so that you can
    customise it if you want to (as long as customised versions are
    not distributed, even to your friends).

    The IDEA routines used in tiny IDEA are public domain, and are
    available from:

        ftp://ftp.ox.ac.uk/pub/crypto/misc/idea86.zip

    The ZIP file (7644 bytes) contains routines for IDEA, CFB, tandem
    DM, and a very simple file encryption program.

History

        Version 1 (IDEA2) - June 1995 - 448 bytes
            Original version (CFB encryption using IDEA)
            IDEA encryption key is the password (up to 16 characters).
            Posted to alt.2600 and sci.crypt.

        Version 2 (IDEA3) - October 1995 - 608 bytes
            Allow passwords up to 128 characters.
            Passwords hashed using tandem-DM.
            Speed optimisation of IDEA routine by Bill Couture.
            Fixed byte-ordering in CFB.
            Key and data information overwritten upon exit.
            Incompatible with version 1.
            Posted to alt.2600 and sci.crypt.

        Version 3 (IDEA3A) - September 1996 - 503 bytes
            Lots of size optimisations by Mark Andreas.
            Functionally identical to version 2.

Acknowledgements

    The following people have contributed optimisations to tiny IDEA:

        Bill Couture <bcouture@cris.com>
        Mark Andreas <voyageur@sky.net>

    I am particularly grateful to Mark Andreas for his extremely clever
    optimisations.

Encryption Algorithm

    IDEA (International Data Encryption Algorithm) was developed by
    Xuejia Lai and James Massey at the Swiss Federal Institute of
    Technology. It was proposed at EUROCRYPT '91:

        X.Lai, J.L.Massey, S.Murphy, "Markov Ciphers and Differential
        Cryptanalysis", Advances in Cryptology -- EUROCRYPT '91,
        Lecture Notes in Computer Science 547, Springer-Verlag, 1991.

    IDEA operates on 64-bit data blocks using a 128-bit key. No method
    of cracking IDEA faster than exhaustive key search (brute force)
    has been discovered, despite extensive analysis by professional
    cryptologers.

    As an example of IDEA's strength, imagine an incredibly fast
    computer that can brute force a 56-bit DES key in 1 second. This
    computer would take upto 194 days to crack a 80-bit key, like the
    one used by the NSA Skipjack cipher, and upto 149745258842898 years
    to crack a 128-bit IDEA key.

    IDEA is the symmetric cipher used in the famous PGP (Pretty Good
    Privacy) encryption software.

Bugs

    The program permits exactly one space between each of the command
    line parameters. This is for space efficiency.

    Files encrypted twice using the same key will have the first block
    decrypted. This is an unfortunate consequence of using a fixed IV
    in CFB mode.


======================================================
Fauzan Mirza            Department of Computer Science
fauzan@dcs.rhbnc.ac.uk  Royal Holloway, Univ of London
======================================================