User Guide Chapters Table of Contents Quick StartQTCrypt is a set of three programs,
These three programs are used to encrypt files so that only the person encrypting them, or persons selected by that person, may decrypt and read or utilize the files.
QTEncode is used to encrypt files. QTEncode uses special files created by QTKey, called Encryption Key files, to process a file and encrypt it.
QTDecode is used to decrypt files which have been encrypted
with
QTEncode. QTDecode uses the same or duplicates of the
Encryption
Key files used by QTEncode to encrypt a file, to decrypt the
file. QTDecode first decrypts the file, computing multiple
message digests as
the file is decrypted. It then decrypts the message digests computed
and
encrypted by QTEncode and compares the all message digests.
Since
the probability of two files having the same multiple message digests
is very small, if the encrypted message has been changed in any way,
the message digests
computed by QTDecode will probably differ from the message
digests
computed by QTEncode. If the message digests are equal, then
the
decrypted file is probably be the same as the file encrypted by QTEncode,
and thus the file decrypted by QTDecode has been "verified".
Alternatively,
if the the encrypted file has been signed when encrypted using all of
the encrypting message digests, the signature for each message digest
of
the encrypted file is decrypted instead of the message digests. Using
the
Public Key corresponding to the Private Key used to sign the encrypted
file,
QTDecode uses the Digital Signature Standard
described
in Federal Information Processing Standards Publication, 186,
1994
May 19 to authenticate the decrypted file. If QTDecode
cannot
authenticate the decrypted file using the Digital Signature Standard,
the
decrypted file is wiped and the user informed.
File Information
QTCrypt includes the following information in the signature or message digest of each encrypted file:
Thus, if QTCrypt verifies a decrypted file, the receiver
knows
not only the contents of the file, but also when the file was last
modified
before encryption and when the file was encrypted.
Secure Digital Signature
QTCrypt also allows the use of Secure Digital Signatures. A Secure Digital Signature allows the person encrypting a file to apply a signature to the encrypted file which is unique to the person, the encrypted file and the date and time of encryption and which cannot be duplicated by anybody else. QTCrypt uses the Digital Signature Algorithm described and defined in the Digital Signature Standard, Federal Information Processing Standards Publication, 186, 1994 May 19. The Secure Digital Signature defined by the Digital Signature Algorithm defines both private keys and public keys for each person. The private key and public key are created by QTCrypt for anybody desiring to sign an encrypted file. The private key is kept private and secret by the person for whom it was created. The corresponding public key is disseminated widely to anybody who would want to decrypt and verify the contents of a file encrypted by that person and authenticate the Secure Digital Signature. QTEncode uses the message digest computed for an encrypted file and the private key of the person encrypting the file to compute a Secure Digital Signature. The Secure Digital Signature is then encrypted and appended to the encrypted file. When the encrypted file is decrypted by QTDecode, the message digest is again computed and used with the group key and public key corresponding to the Group Key ID and Public Key ID included in the encrypted file to recompute the Secure Digital Signature of the received file. If the recomputed Secure Digital Signature equals the decrypted Secure Digital Signature, then QTCrypt verifies the decrypted file contents, the date and time of the encrypted file, the encryption date and time and authenticates the Secure Digital Signature of the person encrypting the file.
As noted above, QTEncode transforms the input file so that
it appears
to be a stream of random bytes. Indeed, attempting to compress a file
encrypted
with QTEncode will fail. File compression programs use
redundancy
or repeated byte sequences in a file for compression. It replaces the
redundant
or repeated byte sequences with shorter codes, thus compressing the
file. Files which has been encrypted with QTEncode will appear
not to have
any such redundancy or repeated byte sequences and thus cannot be
compressed. The encrypted file output by QTEncode will be
longer that the input
file.
Overhead
QTEncode uses one of 5 methods or a combination of the five methods to encrypt a file. In addition, QTEncode outputs overhead to identify certain knowledge about the file encrypted. The overhead contains the information specified in Encryption File Overhead.
Depending on the encryption method used, the encrypted text can be
exactly
equal in length to the input file or up to 3 times longer. Thus, the
encrypted
file will vary from approximately equal in size to the input file to
approximately
3 times as big. Since the encrypted file cannot be compressed, any
compression
must be done prior to encryption. If compressed prior to encryption by
any
of the popular compression programs, usually more than one file may be
compressed
and included in the output of the compressor. In addition, QTCrypt
will optionally compress the input file prior to encryption. The
decrypted
file is automatically decompressed if QTCrypt compressed the
input file.
Encryption Options
QTEncode includes several options for:
The following lines illustrate the display screen output for encrypting and decrypting a sample text file. The screens illustrate the output when the verbose mode has been enabled.
QTCrypt File Encrypter, OS/2 Version 3.1. Jul 30 1999
(C) Copyright 1995 - 1999 Terry D. Boldt. All Rights Reserved.
Input Pass Phrase for Reading Master Key Ring.
1 to 75 Characters.
**********************************************************************.....
Choose Group Signature Key to Use from Following List
1: Default Signature Key
120: Sat Jul 31 17:46:32 1999
2: Quik Trim Group (Bits==960, bytes==120)
120: Mon Jan 01 00:00:00 1996
Enter Desired Number and Press [ENTER]: 2
Using Private Signature Key:
Terry D. Boldt
Initializing Encryptor.
Initialization Complete.
Compressing Input File: conleys.hdr
Compressed Input File : 10694 to 4604 bytes
Compression Ratio : 43.1%
Disk Space Savings : 56.9%
Encyphering
Input File: conleys.hdr
Output File: \tmp\conleys.enc.a01
Percent Encyphered: 100
Signed By:
Quik Trim Group (Bits==960, bytes==120)
Mon Jan 01 00:00:00 1996
Terry D. Boldt
Sat Jul 31 17:47:58 1999
Time to Encrypt: 2.96 seconds.
Encryption Rate: 1555.41 Characters/second
Randomizer Bytes Used For Encryption: 233156
QTCrypt File Decrypter, OS/2 Version 3.1. Jul 31 1999
(C) Copyright 1995 - 1999 Terry D. Boldt. All Rights Reserved.
Input Pass Phrase for Reading Master Key Ring.
1 to 75 Characters.
**********************************************.............................
Initializing Decryptor.
Initialization Complete.
Decyphering
Input File: \tmp\conleys.enc.a01
Orig. Dated: Sat Jul 01 23:54:34 1995
Encyphered On: Thu Aug 05 00:01:39 1999
Encyphered By: Quik Trim Group (Bits==960, bytes==120)
Mon Jan 01 00:00:00 1996
Terry D. Boldt
Sat Jul 31 17:47:58 1999
Output File: \tmp\conleys.dec
Percent Deciphered: 100
Decompressing Output File: \tmp\conleys.dec
Decompressed Output File : 4604 to 10694 bytes
Compression Ratio : 43.1%
Disk Space Savings : 56.9%
Message Verified & Signature Authenticated
Time to Decrypt: 3.313 seconds.
Decryption Rate: 1389.68 Characters/second
Randomizer Bytes Used For Encryption: 233156
User Guide Chapters Table of Contents Quick Start