[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Safemail



Excerpts from internet.cypherpunks: 20-Jun-96 Re: Safemail by Adam
[email protected] 
> Not to defend the safemail folks, but this does remind me of something
> that NeXT did with Eliptic curve based systems; there was no storage
> of the private key, it was generated from the passphrase at run time.
> It was a side discussion, maybe with Andrew Lorenstien?  Andrew?

Might you be thinking of ForYourEyesOnly, by R. Crandall and J. Martin?

It was distributed as a demo program with Release 2 of the NeXTstep
operating system, along with such nifty apps as a Mandelbrot generator
that used the 56001 onboard DSP. (I've never used it, though.)

Here's the help file that comes with ForYourEyesOnly. I had to grab it
with SegHoarker.

-Declan (Registered NeXT Developer)

---

General
ForYourEyesOnly is a message encryption utility.  The basic idea is that
secret messages may be sent via mail, or simply stored as encrypted
(.encr) files.  The notion of Public Key encryption requires that each
participant have a pair of keys: a "Private Key" and an associated
"Public Key."  Everyone's Public Key is known to everyone (hence the
name public).  Private Keys on the other hand are just like passwords;
that is, you commit your Private Key to memory.

Keys
You create your Public Key via the Registration... menu item.  When your
(at least 8-character) Private Key is entered, the associated Public Key
is computed for you.  Again, note that the Public Key is safe, i.e. it
can be broadcast to the whole world.  Your Private Key, on the other
hand, should never be disclosed beyond your chosen group of confidantes
(which group can of course be just a singleton--you).

ForYourEyesOnly allows for groups (larger than just yourself) to share a
Private/Public Key pair.  For example, a sales department can have one
common Private Key, so that any member of sales may read mail that was
encrypted using the associated Public Key for sales.  In this "group"
mode, a new sales member is presumably given the Private Key verbally,
on a garden walk, or during a loud evening at a local tavern, etc.

Decryption
The decryption procedure is dealt with first in case you have just
received an encrypted document and don't know what to do with it.  If
this is the case you may, for example, have double clicked a .encr file
icon from mail and have landed here.  By entering a correct Private Key
in the Message Window and pressing the Decrypt button you will obtain a
decrypted file.

You might wonder how someone could have sent you an encryption if you
have not yet registered a Private Key.
Well, you might just have joined a department all of whose workers are
using a single Private/Public Key pair for intra-office mail.  In this
case, all you need do is find the departmental Private Key for
decryption.
    
The .encr icons can be dragged to/from Mail or to/from Browser.

Encrypting files
A Plaintext message may be encrypted by entering the recipient's Public
Key (if it has not already appeared automatically, as it does when the
recipient initiated a mail exchange), and your own Private Key, then
pressing the Encrypt button.  (As above, a Public Key must have been
obtained at some point in the past via the Registration menu item). Note
that "Plaintext" is actually a theoretical term from encryption theory,
and means the original, understandable text.  What you can actually
send, though, is text and/or pictures, etc., much the same way that you
can mail multimedia files.  We call all of this Plaintext, and the
encryption algorithm chews up everything you are sending in order to
create the .encr file.
(NOTE: You can encrypt any kind of file, but at this Release you cannot
send directories (folders)).  

The encrypted file icon will appear in the icon well at the top of the
message window and can be dragged to the file browser or another
application.  The encrypted message can also be sent via the Services
menu by selecting the Mail menu and the Document menu item under that. 
A file can also be encrypted and saved to disk in a place you specify by
selecting the Encrypt, then Save As... menu item under the Document menu.

Instant Rebounding
Note that ForYourEyesOnly automatically transmits the Public Key of the
sender along with the message itself.  Thus, when you decrypt a mail
message you will get an automatic display of the other party's Public
Key.  This convenience means that once you have decrypted the incoming
message, you can easily "rebound", that is shoot a message back, simply
by editing the Plaintext area and hitting the Encrypt button.  This
instant rebounding works because both necessary keys are properly in
place as soon as you decrypt.   

Importing files
Files can be dragged in from the browser to the content of the message
window, or selected using the Import File... menu item in the Document
menu.

Exporting files
Files in a received Plaintext message can be exported by dragging them
from the message window content or by double clicking them to launch the
appropriate application.

Our proprietary algorithm
One enjoyable aspect of working on encryption algorithms is that Help
information pertaining to the algorithm itself should be vacuous; i.e.,
the less said, the better.  Just one remark: the algorithm uses number
theory but, in not using factorization, is distinct from the celebrated
RSA method.