TWOFISH
| FREE MILITARY STRENGTH ENCRYPTION SOFTWARE IS FOR US/CANADA ONLY! | DOWNLOADS | |
| TWOFISH ENCRYPTION WITH KEY GENERATOR - LITE EDITION | Uncrackable encryption and decryption with key generator is the successor to Blowfish. This military strength encryption is under consideration for use by the U.S. Government. Includes manual. When we say military strength, we mean it! US/Canada downloads only! | twofish1.zip |
Welcome to Two Fish Encryption with Key Generator - Lite Edition
We use the terms "military strength" and we mean it.
Dynamite comes in small packages.
It's an overused cliché, but it's true- good things come in small packages. Stealth Encryption is the leading web site for low cost, but high quality computer and Internet Security.
Our flagship program suites, Complete Internet Suite and Internet Security Suite provide military strength encryption and security at low prices. These programs are published as part of Cosmi's Swift Platinum series.
Our team has developed several best selling programs, retailed for low prices. You don't always get what you pay for! It doesn't cost any more to put a great program on the shelf than it does to put a mediocre one on the shelf.
Our flagship program suites provide:
Steganography (disappearing encryption)- allowing you to hide messages or any computer file in pictures, with Triple DES encryption to boot! The ultimate, secure way to send email! Includes free reader so that you can send messages without the other party buying the program. All wizard driven! Your message is hidden in the picture and cannot be read without your password. The ultimate in stealth- no one even knows that the there is a confidential message being sent!
Hundreds of high quality photos
Triple DES encryption without use of pictures
File shredder- absolutely kills files so even electron microscopes can recover them
Cookie blaster- turn web cookies into crumbs
Special versions of Internet Explorer and Netscape Navigator supporting cookie prevention, secure web surfing
Password database- keep track of passwords, PIN numbers and other confidential information
Encrypted backup
Plus free updates and additional goodies
Complete Internet Suite and Internet Security Suite are available at leading computer software retailers. MSPR $14.95.
Two Fish Encryption with Key Generator - Lite Edition is a free program so you can take control of your private information, email and files.
Two Fish Encryption with Key Generator - Lite Edition provides two excellent functions:
Generation of "strong keys" by taking your input and converting them into "elliptic curve" values- taking a simple word and turning it into gibberish
Encrypt/decrypt of any file using Two Fish
Enjoy! You now have military strength encryption at your disposal. We of course hope that you might want to buy our suite after seeing this program in action!
Two Fish
This is an advanced discussion and can be skipped if you are not interested in learning how this program works.
Bruce Schneier the author of Applied Cryptography, one of the leading words on computer security and privacy developed a great, military strength encryption program called "Blowfish."
Two Fish is the successor to Blowfish, and is one of the candidates to become the standard form of encryption for the banking and government contracting industries.
Two Fish is generously given to the public domain by Mr. Schneier, and this program takes full advantage of the strength of Two Fish.
We use the terms "military strength" and we mean it.
Security of Two Fish
1. What is encryption and how does it work?
Encryption is the scrambling of files so that they cannot be read without knowledge of the "key." Encryption is vital to commerce, particularly electronic commerce. Private information needs to stay private.
In 1976 the US government approved the use of an encryption scheme called "DES," based on work done by IBM. The banking system, among other users, are still encrypting private messages (like wire transfers) using DES.
DES has been analyzed all over the world, and until recently it was agreed that if you used a "good" key, then the only way to read the message was to have the key, or to start trying each key, one after the other. DES was considered secure because the number of keys was so large that computers didn't have enough time or power to try the keys.
Cryptographers now agree that DES is not strong enough.
Two Fish is one of the candidates to replace DES as the US encryption standard. Experts throughout the world are analyzing Two Fish, and, at this time, believe that the only way to read a file encrypted with Two Fish is by trying each key, which will take millions of years or more even with super computers.
Therefore, if you keep your "key" a secret, you can send messages over the Internet to others using this program that only the intended recipient (who you tell the key) can read the message. You can also use encryption to keep confidential files on your computer confidential.
2. Is the encryption strong enough to keep my data secure?
That's hard to answer. Security is always relative. With poorly designed security someone with a home computer can break some forms of encryption. If you write your key down on a piece of paper and tack it onto your refrigerator, computer encoding of your data won't help if someone can see the note on your refrigerator. So let's restate the question. If you do not reveal your key or use a weak key, the data in this program can only be accessed by trying the possible keys. All of them.
Two Fish, the encryption algorithm used in this program, has no known weakness which would make it easier for a computer cryptanalyst to decode a message more quickly than checking the keys. We take great assurance from the fact that TwoFish is now under analysis by cryptographers the world over, as it has been selected as a candidate to be the next official encryption standard adopted by the US.
There are so many Two Fish keys that a supercomputer that is a billion times faster than any one known today would not have enough time to "guess" the key until after the Sun has burned out its energy. For purposes of personal information, computer experts in security agree that the data encrypted with this program is secure for many decades. The best computer security minds in the world believe that systems like Two Fish will be secure for at least 100 years.
Although you have heard true and accurate stories in the press about "encryption" being broken, this refers to 40 or 56 bit systems, not the 256 bit systems used in this program. However, the best security system is not worth much if you use your initials as the key!
One way that eavesdroppers read "securely encrypted" messages is because people use their name, initial's, kid's name, etc., as their key.
We have strengthened this program because the "key" used is generated using elliptic curves. A long, random string of digits is used as your key and is produced from your input.
There are many other factors related to the security of encryption- you also need to consider COST. Building and running a huge computer to try break secure codes is out of the budget reach of all but large concerns or governments. If the "value" of the accounts you can access with the passwords you have stored in this program is $100,000, someone will not spend $1,000,000 to build a computer to break the codes.
If a criminal needs this information they will bribe others or steal your wallet rather than committing to a hopeless task of code breaking.
With all due respect, most people's information is not worth millions of dollars, so if the information is encrypted with a strong system like Two Fish, for real world purposes it's safe. For those who believe that there are huge government computers that can break anything made on a computer … even if a multi-billion dollar computer exists, it wouldn't be used (and if it was, there are still too many keys to check) except for military or other extremely important information. If the government wants access to someone's bank account information, they'll just obtain a subpoena for a few dollars of staff time, or seize the account through legal processes. They don't "break" codes, they go to the source.
Remember that a computer that is a billion times faster than any computer known, still would need millions of years to get a key by brute force.
We use a military grade encryption system in this program called Two Fish. Two Fish creates an encrypted file of your data with a key length of 256 bits. According to the best minds in computer security, to maintain security against adversaries prepared to spend hundreds of millions of dollars to build special purpose computers, the Two Fish encryption used in this program is very secure. The key length of 256 bits is so large that, as we mentioned, billions of years of computer time would be required to break the code IF computer power increases by a billion times. The best cryptographers in the world have concluded that a key length of more than 100 bits is not computationally possible to break, even with "science fiction" types of super computers.
Consider that the odds of winning a state lottery range from 1 in 4,000,000 to 1 in 14,000,000. The odds of guessing a Two Fish key are so large that the odds of the same person winning a state lottery every time it is drawn weekly for millions of years is better by far than guessing the key. The number of keys in Two fish is 2256, which is 10 followed by 74 zeros. Here are some more "odds" for you to consider:
Odds of Drowning in the US per year (1 in 59,000) 216
Time until the sun goes super nova 230 years
Approximate age of the Universe 234 years
Number of atoms in the earth 2170
Approximate number of atoms in the Milky Way Galaxy 2223
Number of Key Fish keys 2256
Approximate number of atoms in the universe 2265
People have a right to be concerned about encryption. However, it is unreasonable to put different standards on encryption than on other engineering. If you fly because the "odds" of a crash are so low because airplanes are well manufactured, remember that the "odds" of a key being discovered and a code being cracked are hundreds of trillions times lower. The odds of being killed in an automobile accident during your lifetime is estimated at 1 in 75. Compare that risk (most people drive all the time) with the risk of a key being guessed and your data being compromised: 1 in 2255 (or about 10 to the 78th power)!
Our web site also has general information about encryption.
3. Is there a "back door" to allow me to recover the information if I forget my key to the data? NO! If you forget the key used to encrypt your information, all of the keys must be tried. There are no "trap doors" or other short cuts into the encrypted data. This means that you must be extremely careful to remember your key! In most cases, if you cannot remember your key you will have to go back to the companies or sites and prove your identify and request a new password or that they tell you your old one.
If you forget your key, the data is not recoverable.
4. Can this program be exported?
No. Due to ITAR regulations this program's encryption is too strong to export. Therefore, this program is export restricted except in the United States and Canada. DON'T EXPORT IT! 5. Why is this program called "lite?"
This program doesn't have all of the possible bells and whistles that can be added to an encryption program, such as Message Authentication, different encryption modes (this program uses 256 bit key and Electronic Code Book.) We may add more features if there is interest. The purpose of this program was to create a simple but DEVASATINGLY effective encryption program. A version with more features is being created for the retail programs and will be made available free to users of the retail program from our web site.
6. Can I give other persons copies of this program?
Yes so long as they are in the US or Canada. If you wish to securely correspond over the web with someone, either send them the program or tell them to visit stealthencrypt.com for their own free copy of the program. There is no charge for use of this program.
Elliptic curves
This program creates a key from a short phrase that you enter.
We recommend that you do not use your name, initials or any personal information as a key for a message.
A short sentence like "oatmeal tastes good" is excellent. The reason for this is fairly simple. If someone wants to read your encrypted e-mail or other files, if they are computer experts they will try your initial's, wife's name, date of birth, etc. All the encryption power in the world can't stop someone from reading your messages if you use your first name as the key!
Once you enter a phrase and click on generate key, the program plots your phrase mathematically on elliptic curves, and gives coordinates back to you as the key.
For example, "oatmeal is good" produces the following key:
DDVq7EAPaFqeVV9gqrFuhuKfu+h+PsRzCxP2JhwFoqI+
Key generation is case sensitive, so "Oatmeal is good" produces the following key:
e6Nx3Wu9v0DjcXhpfPOIE1u5T6cRTCisZNlJq-N+dgE+
This means that someone trying to read an encrypted file that you have created will be required to enter that long string of gibberish to read your message, NOT oatmeal is good (unless they have this program, but we can assume that most people trying to break into private mail would not know exactly how the message was encrypted- and there are no telltale signs that the file was encrypted using this program.
In the event that you use this program primarily for email, you will not need to carefully store your passwords so long as the room where the passwords are kept is secure.
If you use this program to store information on your computer and the room is not secure, you may want to consider remembering one key phrase, and then encryption a file containing your other key phrases. If you elect to try to remember one phrase, make it outrageous. "My dog has a blue nose" is easier to remember than a ordinary sentence. The more outrageous the better. Remember your keys!
How do I get the key to the other party? We are working on a "public key" based system to allow the delivery of keys without trust. In the case of Internet email, generally the key is sent via mail, overnight delivery or over the phone. One way to make corresponding with someone securely simple is to create 50 keys, encrypt those keys in a single file, and then notify the recipient of the key phrase used for the file containing the keys via phone, fax, personal contact, certified mail, etc.
NOTE ON DECRYPTION:
You do not need to remember the actual secure key, just the phrase, since the key is "created" from the phrase. So if you correspond with others you DO NOT need to send them the secure key, just the phrases.
Main menu
Off we go
When you begin the program, you will see the following:
The process to encrypt a file is easy:
1. Select your key
2. Click on Generate Secure Key
3. Click on ENCRYPT and specify the file names. That's it!
Key phrase
See our discussion on keys. Type your short phrase into this edit. This will be used to create the key used with your program.
Generate secure key
So long as the Key Phrase edit is not blank, pressing this button creates a secure key which is then displayed.
Secure key
After entering a key phrase, the secure key is shown in this edit box. IT IS AUTOMATICALY USED WHEN YOU NEXT ENCRYPT OR DECRYPT the file.
Here is the display after you have generated a key:
Note that the status bar changes.
Encrypt file
So long as there is a secure key display, clicking this button will start the encryption process.
The first step is to select the file to encrypt. You may encrypt ANY file: Just click on the file to encrypt. After clicking "OPEN" you will then be prompted for the name of the scrambled file:
You may select any name you desire. Although the default is to name the files *.two, you may want to name the files with another extension. This is accomplished through the Save as type drop down:
If you select Any File, you can name the file with any extension. That's all there is to it- the file has been encrypted and is now ready to be sent or stored. After encryption, the status bar on the bottom of the screen will remind you of your last action:
Decryption
Decryption follows the same steps as encryption- enter the correct key, case sensitive, and then click on generate key, followed by decrypt. The file will be saved to the name that you have chosen.
If you have given the wrong key phrase, the file will still be processed, but will be unreadable.
We are working on a simple way to authenticate messages and will provide a future update to this free program.
Remember that you don't have to enter the entire secure key, just the phrase.
Clicking on exit returns to Windows and closes the program.
Contents: Activates the help file. Or press F1.
About Box: Displays version and copyright information.
Contact us for customer service on the web: www.stealthencrypt.com.
This program is Copyright 1999, Sublimated Software, Inc.
We gratefully acknowledge Bruce Schneier's creation of Two Fish. Mr. Schneier has authorized use of Two Fish by the general public. Please buy his books including Applied Cryptography, published by Wiley, ISBN 0-471-59756-2.
This program is year 2000 capable. If your system is operating correctly, the program will operate after December 31, 1999.
Team
Programming: Amy Seeberger
Web: Eve Paludan
Team: Warren Clary, E. Ray Clary and Amy Seeberger
License
Two Fish Encryption with Key Generator - Lite Edition is licensed, not sold.
You have a royalty free license to use Two Fish Encryption with Key Generator - Lite Edition, and may make backup copies as required. You may distribute unlimited copies of this program within the US and Canada, unaltered. It is unlawful to export this program outside the US or Canada.
We reserve the right to terminate licenses.
The use of this program is conditioned upon acceptance of this license. Please discontinue use of this program if the license is not agreeable. NOTE: THERE IS NO CHARGE FOR USE OF THE PROGRAM Two Fish Encryption with Key Generator - Lite Edition.
SUBLIMATED SOFTWARE makes no warranty of any kind, express or implied, including without limitation any warranties of merchantability and/or fitness for a particular purpose.
SUBLIMATED SOFTWARE shall not be liable for any damages, whether direct, indirect, special or consequential arising from a failure of this program to operate in the manner desired by the user. SUBLIMATED SOFTWARE shall not be liable for any damage to data or property that may be caused directly or indirectly by use of this program.
IN NO EVENT WILL SUBLIMATED SOFTWARE, INC. BE LIABLE FOR ANY DAMAGES, INCLUDING ANY LOST PROFITS, LOST SAVINGS OR OTHER INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF YOUR USE OR INABILITY TO USE THE PROGRAM, OR FOR ANY CLAIM BY ANY OTHER PARTY.
The License Agreement and Warranty shall be construed, interpreted and governed by the laws of the state of Florida.
Glossary of Terms
encryptionScrambling a file so that the key phrase and this program will be required to read it.
bit
A single 1 or 0 in a program. Used to refer to the length of keys. The longer, the harder it is to read a message by guessing the key.
key
(and key phrase) A short word, number or other characters you use to encrypt a message.
Two Fish
The encryption protocol used to encrypt files in this program
case sensitive
Keys must be entered using the same combination of capital and small letters. "Boat and boat are different.