User Guide
Chapters
Table of Contents
Transformation Functions
QTCrypt Configuration File

QTCrypt Key Certificate
Creating the QTKey Key Certificate
QTCrypt Key Certificate Distribution
QTCrypt Encryption Key creation

Encryption Key

QTCrypt Key Certificate

Before files may be encrypted with QTCrypt, an Encryption Key must be generated. All Encryption Keys are generated from a Key Certificate, a pass phrase and a CD-ROM. Before the actual Encryption Key file may be created, a QTCrypt Key Certificate is first generated from a desired CD-ROM and a pass phrase. The QTCrypt Key Certificate, pass phrase and CD-ROM are used to generate the Encryption Key file.

  

Creating the QTCrypt Key Certificate

Execute the QTKey program, and select the appropriate option to "Create Randomizer Key". The program will then prompt for the entry of the following items:

  1. filename for the QTCrypt Key Certificate file.
  2. the "drive" or "mount point" of the CD-ROM.
  3. the pass phrase for encrypting the QTCrypt Key Certificate file. The pass phrase will used to update the message digest of the QTCrypt Key Certificate. If the first character of the pass phrase is not either of the two special characters '#' or '@', then the pass phrase is used "as is" to update the Key Certificate message digest. If, however, it is one of the special characters, then the pass phrase is treated specially.
    1. '@' - in this case the pass phrase is considered a series of file names, including full path, separated by semicolons, ';'. Each file is opened in turn and the contents added to the message digest of the Key Certificate. More than one filename should be used here. If only one filename is used, then it would be possible to pass each file in turn through the Secure Hash Algorithm to create a message digest and possibly break the QTCrypt Key Certificate encryption. In general, the average number of files which would have to be used in the message digest to break the QTCrypt Key Certificate encryption is:
      N = (n^k)/2
      where:
      N == number of files to include in message digest
      n == number of files on the CD-ROM, and
      k == number of files used in message digest.

      For example, if n == 16,000 = (2^4)*(10^3) and k == 10, then N = (2^39)*(10^30). An impossible number of files for which to compute the message digest. Using the next option in specifying a pass phrase probably makes it easier to specify a large number of files for the message digest.

    2. '#' - in this case the pass phrase is treated as a string of base 36 numbers. The ASCII alpha-numeric characters are treated as numerics in forming the numbers and all other characters are used to separate the numerics. The pass phrase is broken down into a series of base 36 numbers, each number, modulo the number of files, is used to index into the list of files on the CD-ROM. The contents of the appropriate file on the CD-ROM is then used to update the message digest for the Key Certificate. Upper and lower case alphabetic are considered identical for this purpose. Thus the pass phrase:

      #this special pass phrase has 7 numerics

      This pass phrase is considered a sequence of 7 base 36 numbers:

      1. this == 1,471,710
      2. special == 66,963,610,247
      3. pass == 1,276,374
      4. phrase == 1,665,869,128
      5. has == 25,086
      6. 7 == 7
      7. numerics == 2,030,240,578,710

      The standard C library function "strtoul" is used in converting to internal form.

      This form of pass phrase can be used to include a very large number of files into the QTKey Key Certificate message digest without having to memorize a large list of filenames. Using a pass phrase of this form with 5 or more separate words should ensure adequate security for the QTCrypt Key Certificate encryption.

    The two special types of pass phrase are designed to produce message digests which would be extremely difficult to break.

QTCrypt maintains two separate message digests during the creation of the QTCrypt Key Certificate. Both message digests are updated identically until the end of the QTCrypt Key Certificate creation steps.

  1. The first message digest is used to obtain a Secure Digital Signature of the QTCrypt Key Certificate which is then encrypted and added to the Key Certificate to authenticate and verify the Key Certificate.
  2. The second message digest is used to derive a self-permuting array from the files on the CD-ROM and continues to be updated as bytes are read from the files on the CD-ROM.

After the pass phrase and location of the CD-ROM have been entered, QTCrypt executes a system directory utility listing all of the files on the CD-ROM including all subdirectories. The system utility output will be re-directed to a temporary file. The system utility will list the files sorted by name and the listing will include file size and file creation date and time. QTCrypt will read the temporary file line by line and determine for each file:

  1. complete file name and path, not including the drive or mount point,
  2. file size,
  3. file date,
  4. file time

The complete file name and path, not including drive or mount point, will be written to a second file. The second temporary file contains one line per file on the CD-ROM. The file names written to the second file will retain the case and the full filename of each file as reported by the system directory utility.

As each file name is written to the second file, QTCrypt reformats each file date to a Julian Day Number, JDN, integer and the filetime as the number of seconds since midnight. The file date (JDN), time (seconds since midnight), size, and full path and filename are written to an internal string. The internal string is then used to update the message digest of the QTCrypt Key Certificate. In writing the internal string, there are three considerations which account for OS differences:

  1. Some OSs report all filenames and paths in uppercase only. Some preserve the case as entered in defining the filename when the file was created. For all OSs, the case reported by the system is used in opening files on the CD-ROM used for a byte stream. However, in updating the message digest with the filenames and paths, QTCrypt uses a setting in the configuration file to set the case used. The case may be translated to uppercase, lowercase or the case may be preserved as set by the OS. The last option is the default used if this behavior is not set in the QTCrypt configuration file. See QTCrypt Configuration File for details on the QTCrypt Configuration file.
  2. Some OSs follow the PC/MS-DOS "8.3" limitation on filenames. Other OSs allow unlimited or very large filename lengths. QTCrypt will maintain the full filename reported by the OS for purposes of opening files on the CD-ROM for use as a byte stream. For updating the message digest, QTCrypt will either use the full filename and path as reported or truncate to the "8.3" convention for compatability with other OSs. This behavior is also set in the QTCrypt Configuration File.
  3. Some OSs report filetimes in terms of hours, minutes and seconds while some report the filetimes, via the system utility, only in terms of hours and minutes. Also, some OSs report the seconds only as multiples of 2 second intervals. In converting filetimes to seconds since midnight, file seconds may or may not be considered. This behavior is also set in the QTCrypt Configuration File.

The behavior used in creating the QTCrypt Key Certificate file is output in the Key Certificate file header information as detailed below.

When the last filename has been read, the message digest is updated with the number of files on the CD-ROM and the maximum path/filename length.

The second file listing each file on the CD-ROM is used as the source of filenames for byte streams, as detailed in Randomizer Streams, for creating a Randomizer Stream for encoding the QTCrypt Key Certificate file. In encrypting the QTCrypt Key Certificate file, all encrypted bytes are first transformed using the Permutation Change Transformation and then the Byte Shift Transformation. All integer values output are first transformed to a byte string using the Base Change Function, and then the byte string is encrypted and output.

The QTCrypt Key Certificate file has the following format:

  1. A single unencrypted byte listing the file format version number. Currently the File Format Version Number is '\x00'.
  2. A single unencrypted byte listing the case flag for filename hashing.
  3. A single unencrypted byte listing the truncation flag for filename hashing.
  4. A single unencrypted byte listing the filetime seconds inclusion flag for filetime hashing.
  5. A single unencrypted byte listing the secure hash type used for encrypting the file.
  6. A unique integer value used as the Encryption Key identifier. This value is encrypted and output twice for validation purposes upon decryption.
  7. The length of the string Identifier of the Group Key used for the QTCrypt Key Certificate file Signature.
  8. The string Identifier of the Group Key used for the QTCrypt Key Certificate file Signature.
  9. The length of the string Identifier of the Private Key used for the QTCrypt Key Certificate file Signature.
  10. The string Identifier of the Private Key used for the QTCrypt Key Certificate file Signature.
  11. The JDN of the date of encryption. This value is encrypted.
  12. The time as seconds since midnight. This value is encrypted.
  13. The Secure Digital Signature of the QTCrypt Key Certificate. This value is encrypted.

QTCrypt Key Certificate Distribution

The QTCrypt Key Certificate file may then be sent or given to anybody that the creator of the file desires to send encrypted files for decryption by the recipient. The recipient must also be given the pass phrase used for encrypting the QTCrypt Key Certificate file and the CD-ROM used for the Encryption Key. The pass phrase must be transmitted to the recipient in a secure manner to prevent unauthorized users from receiving the pass phrase. Also the desired recipient must be informed of the particular CD-ROM used in conjunction with the pass phrase and the QTCrypt Key Certificate file in a secure manner. The pass phrase and the identification of the particular CD-ROM should probably be transmitted by different secure channels to reduce the risk of interception of both. If either, but not both, the pass phrase or identification of the CD-ROM are intercepted by unauthorized individuals, the security of the QTCrypt Key Certificate file is not compromised. The QTCrypt Key Certificate may be transmitted via an unsecured channel, since the QTCrypt Key Certificate is of no value without the pass phrase and information selecting the particular CD-ROM to be used.

QTCrypt Encryption Key creation

Once the QTCrypt Key Certificate file has been created it can be used to generate an Encryption Key, provided both the pass phrase and proper CD-ROM are known. QTCrypt first reads the unencrypted header portion of the QTCrypt Key Certificate file to determine the status of the case flag, the filename truncation flag, the filetime seconds flag, and the type of secure hash used. To generate the Encryption Key from the QTCrypt Key Certificate file, the same process used to create the Key Certificate is followed to the point of writing the Key Certificate file. QTCrypt then reads the duplicate numeric IDs written to the QTCrypt Key Certificate file and confirms that they are indeed equal. This is a preliminary step to authenticate the Key Certificate file, since the message digest is used for encrypting/decrypting the numeric ID, with an incorrect pass phrase and/or CD-ROM it is very doubtful that the duplicate numeric IDs would be decrypted as equal. The Group Key and Private Key ID strings are then read from the QTCrypt Key Certificate. If the ID strings correspond to ID strings in the users Master Key Ring, then the Group Key and Public Key are used to verify and authenticate the QTCrypt Key Certificate file. If the QTCrypt Key Certificate file is verified and authenticated, then the construction of the Encryption Key proceeds as follows. All information written to the Encryption Key is encrypted.

First a random pass phrase of between 150 and 10,000 bytes is generated. The pass phrase is used to update a special message digest used for encrypting the Encryption Key. Next a random number between 1000 and 11,000 is generated as the number of lines in the Encryption Key Parameter Table. The random number is generated using the Randomizer Stream from the byte streams created from the CD-ROM. Thus, all users will create identical Encryption Keys from the proper pass phrase and CD-ROM.

QTCrypt maintains two special message digests as the Encryption Key is generated. Each message digest is initialized with the random pass phrase created. The first message digest is updated with each unencrypted byte to be written to the Encryption Key and is used at the end to create a Secure Digital Signature of the Encryption Key. The Secure Digital Signature is then stored with the Master Key Ring and is used to authenticate and verify the Encryption Key whenever the user directs. The second message digest is updated with each unencrypted byte to be written to the Encryption Key and each encrypted byte written to the Encryption Key. The second Encryption Key is used to generate the Randomizer Stream used to encrypt the Encryption Key. The Randomizer Stream used for encrypting the Encryption Key is generated from the second message digest in the following manner:

  1. The Randomizer Stream is initialized by copying the current status of the message digest to a temporary message digest which is then finalized. The 5 32-bit words of the message digest are then copied into a 20-byte string. An internal counter is initialized to zero.
  2. When a new Randomizer Byte is needed form the Randomizer Stream the internal counter is used to index into the 20-byte byte string and the internal counter is then incremented by one.
  3. The new Randomizer Byte is returned.
  4. When all 20 bytes have been used, the process re-initializes and repeats.
For encrypting the Encryption Key, either the Bit Mix Transformation or the Byte Mix Transformation is performed followed by the Byte Shift Transformation. To determine whether to use the Bit Mix Transformation or the Byte Mix Transformation, the transformation flag is set to the value of a Randomizer Byte obtained from the Randomizer Stream. A transformation counter is set to 8. If the low order bit of the Randomizer Byte is set, the Bit Mix Transformation is used, otherwise the Byte Mix Transformation is used. The Randomizer Byte is then shifted down by one bit and the transformation counter is decremented by one. When the transformation counter reaches zero, a new Randomizer Byte is obtained from the Randomizer Stream and the transformation flag is reset to 8. The encryption generates two encrypted output bytes for each input byte. All three bytes are used to update the second message digest.

Next a random pass phrase of between 150 and 10,000 bytes is created to be used in encrypting header information in all encrypted files created using the Encryption Key.

The Encryption Key consists of three parts:

  1. Header information. The header information consists of three lines:
    1. Line 1: the unique numeric ID of the Encryption Key written as a 15 digit unsigned integer.
    2. Line 2: The number of lines/files in the File Table followed by the number of lines in the Parameter Table. Each is written as a 15 digit unsigned integer separated by a single blank.
    3. Line 3: The line length of each entry in the File Table followed by the line length of each entry in the Parameter Table. Each is written as a 15 digit unsigned integer separated by a single blank.
  2. File Table. The File Table consists of a list of all files on the CD-ROM associated with the Encryption Key. Each line contains a filename preceded by the path of the file on the CD-ROM starting at the root directory of the CD-ROM. Each line is written with the length specified in header line 3 with the path + filename left justified and blank padded. The final character on each line is '='. The listing of files in the File Table has been randomized from the alphabetically sorted list produced by the system utility. The randomization has been accomplished using a pseudorandom number generator based on the Randomizer Stream used for encrypting the Encryption Key. Thus, identical randomization can be accomplished irregardless of the platform. To facilitate access to individual files without reading the entire File Table, the Randomizer Stream is re-initialized with each line. Also, since the length of each line is known, it is a simple matter to compute the position of any specified line and position the file for reading that line directly.
  3. Parameter Table. The parameter table consists of lines encrypted separately as is done with each line in the File Table. Each line in the Parameter Table consists of 10 fields:
    1. Random File Size, #1. 10 digit unsigned integer pseudorandom number. Used Modulus byte stream #1 file size to position initial byte stream prior to reading
    2. Random File Size, #2. 10 digit unsigned integer pseudorandom number. Used Modulus byte stream #2 file size to position initial byte stream prior to reading
    3. 10 digit unsigned integer pseudorandom number used initially for merging the byte streams into the Randomizer Stream.
    4. 4 digit unsigned integer pseudorandom number setting encryption Scheme:
      • 1 == Alternating Encryption, ALE,
      • 2 == Relative Offset Encryption, ROE,
      • 3 == Byte Shift Encryption, BSE,
      • 4 == Byte Mix Encryption, BYE,
      • 5 == Bit Mix Encryption, BME,
      • 6 == Permutation Change Encryption, PCE,
    5. 3 digit unsigned integer pseudorandom number for ROE_Count == count of bytes to encrypt using ROE for Alternating Encryption
      0 <= ROE_Count <= 255
    6. 3 digit unsigned integer pseudorandom number for BSE_Count == count of bytes to encrypt using BSE for Alternating Encryption
      0 <= BSE_Count <= 255
    7. 3 digit unsigned integer pseudorandom number for BCE_Count == count of bytes to encrypt using BYE for Alternating Encryption
      0 <= BCE_Count <= 255
    8. 3 digit unsigned integer pseudorandom number for BME_Count == count of bytes to encrypt using BME for Alternating Encryption
      0 <= BME_Count <= 255
    9. 3 digit unsigned integer pseudorandom number for PCE_Count == count of bytes to encrypt using PCE for Alternating Encryption
      0 <= PCE_Count <= 255
    10. 10 digit unsigned integer pseudorandom number setting Hash_Type == Hash Function Type Code, value used (mod 2) + 1
      • 1 == Federal Information Processing Standards Publication, 180-1, 1995 April 17
      • 2 == RIPEMD-160

    All pseudorandom numbers are obtained from the Randomizer Stream formed by merging two byte streams from the file list for the CD-ROM. The pseudorandom numbers are based on transforming the Randomizer Bytes from the Randomizer Stream using alternating double transformations on each byte of the pseudorandom number. Odd bytes are obtained using double Byte Shift Transformations. The even bytes are obtained using a Permutation Change Transformation followed by a Byte Shift Transformation. For the double Byte Shift Transformation, care is taken to ensure that the multipliers used are not equal, thus ensuring that the Randomizer Byte transformed is not left unchanged.


Encryption Key Generation
User Guide
Chapters
Table of Contents
Transformation Functions
QTCrypt Configuration File