Bruce Schneier Counterpane Systems 101 East Minnehaha Parkway Minneapolis, MN 55419 schneier@coutnerpane.com Greetings: These three disks are the source code disks that accompany Applied Cryptography, Second Edition. The source code here has been collected from a variety of sources. Some code will not run on some machines. Use them as you see fit, but be aware of any copyright notices on the individual files. See ERRATA.TXT for corrections to the book. These disks will be updated semi-annually, both with new algorithms and new cryptographic results. For a copy of the next disk set, send $40 to the above address (or $120 for a two-year subscription). Every file has been compressed. To uncompress, run: UNZIP filename There is an unzipper on each source code disk. ***************************************************************** INDEX TO THE SOURCE CODE DISKS -- VERSION 2.0 - 5 Jan 1995. 3-WAY.ZIP - 3-WAY algorithm written by Jean Daemen. A5.ZIP - A5 stream cipher, used in GSM cellular. ASSORTED.ZIP - Assorted simple cryptography and statistics programs, written by Thomas Strong, Jr. in 1993. BBC.ZIP - Big Block Cipher: uses 256K blocks, three random number generators, two substitution tables, cipher-text feedback, and transpositions. Written by Peter Boucher. Unknown security. BIGNUM1.ZIP - Bignum class, written in Borland C++ by Bruce Bowen. BIGNUM2.ZIP - Bignum package, written by Bruce Bowen in 1995. BLOWFISH.ZIP - The Blowfish algorithm, written by Bruce Schneier in 1994. CA1_1.ZIP - CA algorithm, written by Howard Gutowitz in 1992. CBW.ZIP - Crypt Breaker's Workbench. Program to help cryptanalyze messages encrypted with crypt(1), written by Robert W. Baldwin in 1986. CHAMBERS.ZIP - A cryptographic pseudo-random number generator, designed and written by Bill Chambers in 1995. CRPT-POL.ZIP - "Cryptography: Policy and Technology," report by Hoffman, Ali, Heckler, and Hoybechts, of 1 Dec 93. CRYPT1.ZIP - UNIX crypt(1) command: a one-rotor machine designed along the lines of Enigma, but considerably trivialized. CRYPT3-1.ZIP - UNIX crypt(3) command, written by Tom Truscott and copyright 1989, 1991 by the University of California. CRYPT3-2.ZIP - UNIX crypt(3) command, written by Paul Leyland in 1994. CRYPTLB.ZIP - Wei Dai's C++ Class Library of Cryptographic Primitives, Version 1.0, of 6/17/1995. Includes: MD5, SHS, DES, IDEA, WAKE, RC4, RC5, Blowfish, Diamond, Diamond Lite, Sapphire, Luby-Rackoff, MDC, various modes (CFB, CBC, OFB, counter), DH, RSA, DSA, ElGamal, BBS, gzip compression, Shamir's secret sharing scheme, Rabin's information dispersal scheme, and zero-knowledge prover and verifier for graph isomorphism. There are also various miscellanous modules such as base 64 coding and 32-bit CRC. DES-BARR.ZIP - DES implementation, fast, written by David A. Barrett in 1991. DES-BISH.ZIP - Implementation of DES front end; does ECB, CBC, CFB, OFB. Does not include actual DES code. By Matt Bishop. DES-KARN.ZIP - DES implementation, written by Phil Karn in 1987. DES-KOON.ZIP - DES implementation, fast but large, written by David G. Koontz in 1991. DES-LEVY.ZIP - DES implementation, fast and portable, by Stuart Levy in 1988. DES-LOUK.ZIP - DES implementation, fast, with main program and C function library for arbitrary precision integer arithmetic. Written by Antti Louko in 1992. DES-MITC.ZIP - DES implementation, written by D.P. Mitchell in 1983. DES-OSTH.ZIP - DES implementation with several utility programs and many useful extra functions, runs on UNIX, written by Stig Ostholm, 1990. DES-OUTE.ZIP - DES algorithm, fast and compact, written by Richard Outerbridge in 1991. Supports double and triple DES. Includes portable C version, and optimized 680x0 version. DES-YOUN.ZIP - DES implementation, one of the fastest around, written by Eric Young in 1992. DESSBOX.ZIP - The s^5 DES S-Boxes. ENIGMA.ZIP - Software simulation of the German Enigma machine, written by Henry Tieman. ESCROW.ZIP - A Proposed Federal Information Processing Standard for an Escrowed Encryption Standard (EES), NIST, 30 Jul 1993. EXAMPLES.ZIP - Code examples from APPLIED CRYPTOGRAPHY. FEAL8.ZIP - FEAL-8 algorithm, written in 1989. FEALNX.ZIP - FEAL-NX algorithm, written by Peter Pearson in 1992. FIPS171.ZIP - FIPS PUB 171, Key Management Using ANSI X9.17, dated 27 April 1992. FIPS180.ZIP - FIPS PUB 180, Secure Hash Standard, dated 11 May 1993. FIPS181.ZIP - FIPS PUB 181, Automated Password Generator, dated 5 October 1993, with C source code. FIPS185.ZIP - FIPS PUB 185, Escrowed Encryption Standard, dated 8 Febuary 1994. FREQ.ZIP - Program to count the frequency of every letter in a file, written by Peter Boucher. GOST.ZIP - The Soviet GOST algorithm (without the correct S- boxes), written by Colin Plumb in 1993. GRENBOOK.ZIP - Draft 4.0 of the Green Book, the European computer security specification, dated 18 Oct 1993. HASHES.ZIP - MD5 and SHA, optimized for speed by Colin Plumb in 1993. HAVAL.ZIP - HAVAL algorithm. HILL.ZIP - Hill cipher. I-HAT.ZIP - C code for various cryptographically-useful statistical analysis functions: Kullback's information measure for a 2-way contingency table, Gamma and repeated functions (Poisson, chi-square, etc.), Pearson's chi-square, etc. By Doug Gwyn, 1991. IDEA_C.ZIP - IDEA algorithm in C, optimized for speed by Colin Plumb in 1993. IDEA68K.ZIP - IDEA algorithm in 68000 assembly, written by Colin Plumb in 1993. IDEA8086.ZIP - IDEA algorithm in 8086 assembly, written by Colin Plumb in 1993. ISOMORPH.ZIP - Utility that prints isomorphs, written by Paul Leyland. INDEX.ZIP - Index to APPLIED CRYPTOGRAPHY. ITAR.ZIP - Imported and Exported Defense Articles and Services, Vol. 57, No. 89, Pari II, 56 FR 19666, 7 May 1992. By the Department of State. KERBEROS.ZIP - Kerberos RFC (1510), dated Sep 1993. KHUFU.ZIP - This archive contains KHUFU.C, a hack implementation of the Khufu algorithm written by Rayan Zachariassen in 1989. It also contains PRSBOX.H, PRSBOX.C, and MAKEFILE, a program to print S-boxes written by Landon Curt Noll in 1989. KS-TEST.ZIP - KS statistical test, written by Peter Boucher in 1994. LCRNG.ZIP - Linear congruential random number generator. LCRNG-T.ZIP - Simple block transposition cipher based on a linear congruential random number generator, written by R.A. O'Keefe. LOKI.ZIP - LOKI89 and LOKI91, written by Leslie Condie in 1992. LUCIFER1.ZIP - LUCIFER algorithm written by Jonathan M. Smith in 1991. LUCIFER2.ZIP - LUCIFER algorithm written by Graven Cyphers. MD-RFC.ZIP - Internet RFCs (Requests for Comment) for MD2, MD4, and MD5. MD4.ZIP - MD4 algorithm, written by RSA Data Security, Inc. MD4-DOS.ZIP - MD4 algorithm, fast DOS implementation by Jouka Holopainen. MD5-KARN.ZIP - Optimization of RSA's MD5 code for 80386, written by Phil Karn in Feb 1992. MIMIC.ZIP - Peter Wayner's Mimic function. NEWDE.ZIP - NewDE algorithm, a DES variant used in the Macintosh program StuffIt (versions 1.51 and 2.0); written by Richard Outerbridge in 1991. NEWDES.ZIP - NewDES algorithm, written by Mark Riordan in 1990. NHASH.ZIP - N-Hash algorithm, written in 1993. NSEA.ZIP - Nonpatented Simple Encryption Algorithm, written by Peter Gutmann. PEM-RFC.ZIP - Internet RFCs (Requests for Comment) for the Privacy Enhanced Mail standard: RFC1421, RFC1422, RFC1423, and RFC1424. PGP.ZIP - A list of places to download PGP from. PIKE.ZIP - A stream cipher by Ross Anderson, written in 1994. PKC.ZIP - Public-Key Cryptography, a 162-page tutorial written by James Nechvatal of NIST in 1991. PLAYFAIR.ZIP - Playfair algorithm, written by Paul Leyland in 1993. PPSC.ZIP - Pass-Phrase Stream Cipher, written by Peter Boucher in 1992. PRNGXOR.ZIP - Source code that illustrates polyalphabetic substitution with a running key stream, written by Carl Ellison in 1993. PRV-ANMT.ZIP - "Privacy and Anonymity on the Internet": comprehensive summary by L. Detweiler in 1993. RADIX64.ZIP - Radix64 endocing and decoding, written by Carl Ellison in 1995. RAN-MIX.ZIP - Random number mixer: takes in a random source and outputs strong random numbers. Writtenby Carl Ellison in 1995. RANDOM1.ZIP - Random number generator that uses phase noise in PC crystals to generate random bits, written by Nico E de Vries in 1992. RANDOM2.ZIP - Schematic for cheap hardware random bit generator. RANDOM3.ZIP - Random number generator for AT-compatible MS-DOS machines, written by Brian Harvey in 1993. RANDOM4.ZIP - RFC1790, "Randomness Requirements for Security." RC4.ZIP - The alleged RC4 cipher, posted anonymously to sci.crypt in 1994. RC5-1.ZIP - The RC5 algorithm, written by J. Nimmer. RC5-2.ZIP - The RC5 algorithm, written by John Kelsey. RC5-3.ZIP - The RC5 algorithm, written by RSADSI. REDOC2.ZIP - REDOC2 algorithm written by Michael Wood. REDOC3.ZIP - REDOC3 algorithm, written by Michael Wood. RIPE-MD.ZIP - RIPE-MD function, written by the RIPE project in 1992. RIPEM12A.ZIP - Mark Riordan's Privacy Enhanced Mail, Version 1.2a, current as of April 1994. RND-ANLS.ZIP - Randomness analysis, using Maurer's test. RSA-FAQ.TXT - RSA Data Security's Frequently Asked Questions about Cryptography file. Version 2.0, last updated 20 Sep 1993. RSAREF20.ZIP - RSA Data Security Inc.'s reference implementation of RSA. Includes code for DES and MD5. Bignum package can be easily modified to do El Gamal, Diffie-Hellman, DSA, etc. Version 2.0. SAFER.ZIP - SAFER algorithm, written by Michael Roe in 1994. SCICRYPT.ZIP - The Frequently-Asked Questions file for the Internet newsgroup, sci.crypt. SEAL.ZIP - SEAL cipher, written by Michael Roe in 1994. SHA1.ZIP - Old Secure Hash Algorithm, written by Peter Gutmann in 1992. SHA2.ZIP - Old Secure Hash Algorithm, written by Paul Rubin in 1994. SHA3.ZIP - Old and new Secure Hash Algorithm. SHARING.ZIP - Code to implement a threshold scheme, written by Peter Pearson in 1993. SNEFRU.ZIP - Snefru algorthm, written by Ralph Merkle in 1989. SNUFFLE.ZIP - Program to turn a one-way hash function into an encryption function, by Dan Bernstein. SPLAY.ZIP - Compression and encryption in C based on splay trees. TEA.ZIP - The Tiny Encryption Algorithm, designed and written by David Wheeler and Roger Needham in 1994. TIS-PEM.ZIP - The Frequently Asked Questions file about the TIS implementation of PEM. Last updated 29 Oct 93. Includes where to get a copy. TRAN.ZIP - Carl Ellison's TRAN function, a large-block mixing function. Written in 1995. TRAN-PWD.ZIP - TRAN with the addition of a key, written by Carl Ellison in 1995. TRNSPOSE.ZIP - Cipher that does a transposition of a 8192 byte block, based on a random number generator, by William Setzer. VIGENERE.ZIP - A program that encrypts using Viegnere, Beauford, or Variant Beauford ciphers. Written by Leisa Condie in Dec 1992. VIGSOLVE.ZIP - Program to solve Vigenere cipher, by Mark Riordan in 1991. WPCRACK.ZIP - Program to break WordPerfect's encryption, written by Ron Dippold in 1991. ZIP.ZIP - The encryption algorithm used in the PKZIP 2.04g and 2.0.1 compression program. The algorithm was written by Roger Schlafly. ZIP-BARK - A pseudo-random sequence generator by Chris Barker, 1995.