Cloak2 Features (original) (raw)

A strong data security program with key management, for use under Microsoft Windows and DOS.

Contents

• Overview
• Operation
• Examples of Commands
• Features
• Key Management

Overview

Cloak2 takes a secret key phrase and one or more filenames, then transforms or enciphers files into random binary data. The original file contents can be recovered only by_deciphering_ with exactly the same key. Files thus protected can be saved locally, archived off-site, or sent by e-mail (using conventional binary protocols) without exposing their contents.

Cloak2 enciphered alias files hold secret keys and allow them to be selected by public aliases, thus minimizing the impact of secrecy on ordinary users. Keys can be updated while users continue to use exactly the same alias in exactly the same way. Dated alias allow access to old archived ciphertext protected by outdated keys.

Now available in Advanced, Commercial Demo, Decipher-Only and Corporate versions for DOS and Microsoft Windows. Not for export.

Operation

For greatest ease and security, the user should have an_alias file_. An alias file is an enciphered file of public aliases and related secret keys. The user can thus select one of many secret keys by supplying the key to the alias file plus the public alias for the desired key.

In normal operation, the user supplies the input filename, output filename (if different), the alias, and selects encipher or decipher. The program requests entry of the alias-file key, once. The program then finds the "closest" alias file, deciphers it in memory only, finds the indicated alias, then uses the secret key associated with that alias to cipher data.

The "generate" function in the advanced version automatically creates or adds to a local alias file, and will encipher the new key in a different file for transport. The transport file can be used as a beginning alias file, or added to an existing alias file, without deciphering the alias file.

Examples of Commands

• Encipher Multiple .TXT Files Using Alias "fred"
  cloak2 *.txt *.clo /e /a fred
• Decipher Multiple .CLO Files In-Place Using Alias "fred"
  cloak2 *.clo /d /a fred
• Decipher Using Key Active on Dec. 15, 1993
  cloak2 file1.clo file1.res /d /a fred /m 93-12-15
• Change Key to Alias File
  cloak2 cloak2.mgt /d (Enter Old Key)
  cloak2 cloak2.mgt /e (Enter New Key)
• Encipher Particular Files into Ciphertext Archive
  cloak2 file1.txt+file2.txt+file3.txt arch1.clo /e

Features

• Easy to use under Microsoft Windows or DOS.
• Fast: Up to 150K bytes/sec on large files (on a 486DX2/50).
• Extremely Strong: Uses a 992-bit internal key, with a random 992-bit message key in every file.
• Small: Under 50K including on-line help.
• Enciphers any file of any sort and recovers the original data without loss. CRC error-detection checks each deciphered file. CRC also detects the use of a wrong deciphering key.
• No "wrong" operating mode: produces only binary ciphertext.
• **Optionally overwrites the original file,**thus (providing DOS cooperates) hiding the original data, even from file-recovery programs.
• Ciphers one file, multiple files, or an entire disk with a single command. Filenames being selected can be simply displayed without ciphering.
• Supports enciphered batch files of commands.
• Ciphertext can be concatenated in secure archives.
• Fixed 132-byte file expansion: Ideal for local storage, off-site archives, or as a first-level cipher for e-mail.
• A limited commercial demo can be distributed for corporate evaluation or individual use.
• The straightforward secret key cipher is much like using house keys or car keys.
• Uses patented Dynamic Substitution technology. Does not infringe any known patents.

Key Management

• Enciphered alias files for each user hold and protect their secret keys.
• A public alias for each key selects that key from among all others in the alias file.
• A user need only remember one key for their alias file, instead of remembering every key they use.
• Aliases support the use of large random keys for better security.
• Dated aliases support access to old ciphertext.
• Aliases can be kept on a floppy and personally retained when not in use.
• A key-generation mode constructs a long random key for a given alias. Groups can be given a single key for all members to use with each other.
• Generated keys are automatically added to the local alias file.
• Generated keys are also placed in a separate enciphered file for transport to the far end or for distribution to other members of the group.
• New keys can be added to an alias file without deciphering the file and thus exposing the keys inside.
• Key updates restore security periodically, or when individuals leave a group.
• Painless key-update: The user continues to use exactly the same alias to select a new key.
• **Key-updates can be programmed in advance,**to support automatic company-wide shifts to new keys on a given date.
• Corporate version supports corporate key control.

Terry Ritter, hiscurrent address, and his top page.

Last updated: 1995-08-07