This file is INSTALL from rpem.tar.Z from dcssparc.cl.msu.edu.

This file discusses installation issues related to "rpem"
(Rabin Privacy Enhanced Mail) and other routines included in
this distribution.

Development was done under OS/2 1.1, with fairly frequent ports
to Next Mach.  Other ports were made later.  Here is the current
list of supported architectures and compilers.  The versions listed
are those actually tested, not an exhaustive list of all versions 
on which the program will work.

Hardware             OS                      Compiler
PC                   MS-DOS 2.0              MC C 6.00A  
"                    "                       Turbo C++ 1.0 (*1)
286 & up PCs         OS/2 1.1                MS C 6.00A  
NeXT 030&040         NeXT OS 2.0             cc (gcc 1.36)
Sun SPARC            SunOS 4.1.1             cc (free w/ SunOS)
Convex C2xx          ConvexOS 9.0            C 4.0
HP 9000/3xx (68030)  HP-UX 7.05B             gcc 1.37.1
DEC VAX              ULTRIX 4.0              VAX C
DECstation           ULTRIX 3.0 (*2)         MIPS
Silicon Graphics     IRIX 3.3.1              ?

(*1) I have had problems with Turbo C++ and stack space requirements,
so large moduli may not work.  I am not a frequent user of Turbo C++;
maybe someone else can figure this out.

(*2) Support for ULTRIX RISC 3.0 has been removed from this distribution
because that version of ULTRIX is obsolescent.  I believe that the
ULTRIX support included here should work under ULTRIX RISC 4.0, but
I have not been able to verify that.


Porting to other Unix environments should
be fairly easy, but in general the code will not simply compile
and run in a new environment.  The most obvious culprit is
getsys.c, a file which contains system-dependent code, including a
routine which attempts to obtain various pseudo-random
information from the operating system.  However, versions of Unix
are surprisingly inconsistent about the use of basic header files,
so other routines will also give problems.

Here is a list of the C source code files included:

blockcip.c	 Implements a generic interface to block ciphers. By MRR.
cippkg.c		 Various routines for conversion between large integers
             and bytes, and other similar practical matters.
             Contains the routines you should call to public key
             encrypt/decrypt strings of bytes.  By MRR.
des.c 		 Implements the famous DES algorithm.	Not the fastest
				 implementation, but proven, reasonably fast, and compact.
				 By Phil Karn and others.
             *** NOTE *** des.c is not included in the distribution
             as placed on the anonymous FTP server, because I am not
             sure of the export restrictions on DES code and I
             want to cover myself legally.  If you are from the USA,
             you can get the DES source from me by emailing me at
             riordanmr@clvax1.cl.msu.edu.   Note that DES source code
             is readily available worldwide, though some implementations
             may require a little bit of calling sequence tweaking to 
             work here.
desmain.c	 Main program for DES encryption.  Kind of an irrelevant
				 extra here.	By MRR.
getopt.c     Emulates Unix "getopt" for command line parsing.
             Obtained from uunet.uu.net; author unknown.
getsys.c 	 Routine to return pseudorandom arrays of bytes, and other
				 system-dependent functions.	May cause problems in porting.
				 By MRR.
makerkey.c	 Main program to create keys for use with rpem.
				 Essentially, this program selects a couple of large primes.
				 It writes them out in encoded format, optionally encrypting
				 them.  /mrr
mberleka.c	 Important routine to "decrypt" a large integer by taking
				 square root mod pq given p and q.	By Bennet Yee.
mcrt.c       Second step in taking square root.  By Bennet Yee.
megcd.c      Greatest Common Divisor routine by Bennet Yee.
mrrrabts.c   Test program for Rabin stuff.  A place to start for
				 understanding this stuff, but definitely not an essential
				 part of this distribution. By MRR.
msqrt.c      Driver routine to take square roots.  By Marc Ringuette
             and MRR.
nd2main.c    Main program to implement "NEWDES" block cipher.  Just
             an extra goodie thrown in here.  By MRR.
newdes.c     NEWDES algorithm.  Code by MRR, algorithm by Robert Scott.
prencode.c   Routines to encode/decode bytes to/from RFC 1113 format.
             (Very similar to uuencode/uudecode).  By MRR.
rpemmain.c   Main program to implement a simple Privacy Enhanced Mail
             system.  Started off as a simple demo program but got
             out of hand.  By MRR.
tprencod.c   Main program to test prencode; does encoding to and from
             RFC 1113 printable format.  Not an essential part of this
             distribution, but could be useful as a production
             program.  By MRR.
usage.c      Simple routine to output a "Usage:" message typically called
             if the user has made a syntax error on the command line.
uucode.c     uuencode/uudecode routines by MRR.  Inspired by similar
             routines from Berkeley.  Not used in this distribution.
zbigint.c    Important routines to do large integer arithmetic.
             By Arjen Lenstra, with some cleanup and additions by MRR.
zmisc.c      Miscellaneous additions to zbigint.c by MRR and Marc Ringuette.
zrandom.c    Random number routine by MRR, with some inspiration from
             Marc Ringuette.

*.h          Header files whose name ends in pr.h, pro.h, and prot.h 
             contain function prototypes.  Others contain the usual
             symbol definitions, typedefs, etc.
*.1          Man page input suitable for feeding to nroff -man.
*.man        ASCII version of above, obtained by sending *.1 files through
             nroff -man xxx.1 | colcrt - >xxx.man

The makefile included here will probably work for most target machines
without modification.  (He said hopefully.)  See "Makefile" for
comments on the symbols related to installation.  A certain amount
of effort was required to get this program to compile on a number
of different systems.  Please refer anyone who says "Unix programs
are portable" to me.

To make rpem and makerkey, just type "make".
After rpem is made, it is tested by running it on a short supplied
encrypted email message.

pr99 is a sample file containing the private components of a public key,
     encrypted with the key "ninetynine".
pu99 is a sample file containing the public component of that key.
These are both output from the same sample run of "makerkey".
msg99 is a short sample message whose message key is encrypted with
      the above public key.

pr524 & pu524 are the private and public components of a public key
   whose modulus is 524 bits long and is therefore, according to
   the revised version of RFC 1114, about the minimum acceptable
   public key size.  (In my opinion, you don't really need keys
   this long for most purposes.)
msg524 is a message enciphered with this key.

I have done some benchmarks on deciphering this particular message
with the command   rpem -d -s pr524 -i msg524 -u mrr >outmsg
Most of the time is spent in deciphering the message key.
If you get rpem to work on a system not mentioned below, please
type "make benchmark" and email me the results.  

Here are the results.  The inability of the Microsoft C compiler
to put out 32-bit mode instructions probably hurt the 386 badly.

Machine           OS            Compiler        Time in seconds

4.77MHz IBM PC    PC-DOS 2.0    MS C 6.00A      265.
25MHz 386 clone   OS/2 1.1      MS C 6.00A       29.9
25MHz 386 clone   MS-DOS        MS C 6.00A       26.5
Sun 3/60 (68020)  SunOS 4.1     (free w/ SunOS)  10.9
IBM RT-APC        Mach          ?                 7.9
HP 9000/340       HP-UX 7.05B   gcc 1.37.1        7.3
MicroVAX 3800     ULTRIX 4.0    (free w/ ULTRIX)  7.2
NeXT 68030        NeXTOS 2.0    31.1 (gcc 1.36)   5.3
SPARCstation 1    SunOS 4.1     (free w/ SunOS)   3.0
HP 9000/345       HP-UX 7.05B   gcc 1.37.1        2.8
NeXTstation       NeXTOS 2.0    31.1 (gcc 1.36)   1.7
DECstation 3100   ULTRIX 3.0    MIPS 1.31         1.4
SPARCstation 2    SunOS 4.1.1   (free w/ SunOS)   1.3
SGI 4D/25         IRIX 3.3.1    ?                 1.25
Convex C240       ConvexOS 9.0  Convex C 4.0      1.19

Times are real time for the PCs; user+system time for others.
It's clear that I should have used a bigger modulus for the benchmark,
but I am loathe to go back and retest on all those machines.
(Thanks to Nelson Bolyard and Marc Ringuette for the Personal Iris
and IBM RT results.)

Mark Riordan  (MRR)  28 April 1991    riordanmr@clvax1.cl.msu.edu
