[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Win95 Blowfish Implementation
-----BEGIN PGP SIGNED MESSAGE-----
Thanks to everyone who replied to my original message. I was
confident I could use those algorithms (I wouldn't have spent
months on the code otherwise) but I wanted to check one more time
before I publicly released software using them.
One question though. The following text is quoted from Bill
Stewart.
> >2. SHA can be used without royalty.
> Yup. Use SHA-1 rather than the original SHA, though; the NSA
> "updated" it in ways that do appear to strengthen it.
>
What exactly is the difference between SHA and SHA-1? Is it the
left circular shift when generating the W array? I coded the SHA
alogrithm according to _Applied Cryptography_ Second Edition. Is
that the updated version of SHA?
Many thanks.
David F. Ogren
P.S.
Here is the super short description of Hootie:
Hootie is a Windows 95 implementation of the Blowfish algorithm.
It is a fully graphical interface which includes drag and drop
support as well as Explorer launch.
It can support both CBC and ECB modes. The passphrase can either
be directly entered by the user or the passphrase can be SHA hashed
before use.
Hootie can optionally add headers at the beginning of the file
which automatically select the block encryption mode and confirm
good passphrases, or (for people concerned about known-plaintext
attacks) omit the headers.
Future features include: generation of keys via a TNG (which are
then saved to file), using MD5 rather than SHA, and a primitive
text editor which which can be encrypted/decrypted to/from.
I currently expect to release the alpha version in two to three
weeks.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMczT+fBB6nnGJuMRAQGcXgP+LcOp17aHIpoyScq9O8MlK+HcNBUsbdxq
KoFEqeDJyyL9pOcn9IdMHvZXmzzdBpEdk2q7DrObhk9z8Dy3jqai4t222upJ2kmn
blXGW3zIRdyycGg0ij0GCZzUkD6cSLpe4k5/HdhWhcgyDFx6t95sJIQAm/YIoC1R
JTTc86tmjss=
=iXHL
-----END PGP SIGNATURE-----
--
David F. Ogren
[email protected] (alternate address: [email protected])
PGP Key ID: 0xC626E311
PGP Key Fingerprint: 24 23 CD 15 BF 8D D1 DE 81 71 84 C8 2C E0 4B 01
(public key available via server or by sending a message to
[email protected] with a subject of GETPGPKEY)