
        Ŀ
                                                                     
                           Enigma for Windows                        
                               Release 2.0                           
                               User Manual                           
                     (C) Copyright 1992-1994 by SWS                  
                           All Rights Reserved                       
                       Shareware - Made in Germany                   
                                                                     
        

                             Stefan Wolf Software
                                GartenStr. 22
                             D-61449 Steinbach/Ts.

                         FAX TAM: +49 (0) 6171 980483
                            Compu$erve: 100111,140




     Table of contents
     

       1. What is Enigma for Windows ? ............................  1
        1.1. Changes since version 1.1 ............................  2
        1.2. Specifications .......................................  2
        1.3. Technical support ....................................  3
       2. Installation ............................................  3
        2.1. System requirements ..................................  3
        2.2. Installation procedure ...............................  3
         2.2.1. The setup program .................................  3
         2.2.2. Installing Enigma .................................  4
        2.3. Updating Enigma ......................................  4
        2.4. Starting Enigma ......................................  4
       3. The first steps .........................................  5
        3.1. The Enigma interface .................................  5
        3.2. The Enigma setup .....................................  6
        3.3. Default user password ................................  7
       4. Working with Enigma .....................................  8
        4.1. Selecting several files ..............................  8
        4.2. EnCrypting file(s) ...................................  9
        4.3. DeCrypting file(s) ................................... 10
        4.4. Wiping file(s) ....................................... 11
       5. Algorithms .............................................. 11
        5.1. Data Encryption Standard (DES)........................ 11
         5.1.1. The safety of DES ................................. 13
        5.2. S-ROTOR .............................................. 13
        5.3. Regular expression ................................... 14



   1. What is Enigma for Windows ?
   

   Enigma is a powerful program for ciphering and deciphering files of
   any type. Besides being able to conceal the contents of files it
   can be used as an electronic paper shredder. This program is named
   after the legendary encoding machine that was used by the Germans
   in the Second World War.

   Everyone has files that should not be seen by others. Be it a
   patent or something as important as a love letter. Everyday many 
   employees handle data that isn't meant for the eyes of others, for 
   example company statistics, personnel records, payrolls and others. 
   This type of data is only "safe" after it has been locked away with 
   a lock and key.

   In this day and age of massive computer use by banks, doctors,
   officials and a multitude of other offices it has become necessary
   to find alternatives to the traditional methods of securing data.
   Computer networks and the free exchange of data across these
   networks have added a whole new dimension to this problem.

   Even though it is a good idea to lock away diskettes which contain
   sensitive data, encoding the data on those diskettes and using your
   own personal password as the key gives you a higher level of
   security. You should always encrypt sensitive or secret documents
   that you have received so they can under no circumstances be read
   without your permission.

   Encrypted files cannot be read or deciphered by any other users. 
   The only way to make the file readable and usable again is to 
   decipher it with the same password that was used to encrypt it.

   The ability to keep your data safe from unauthorised access depends
   on the ciphering method that you use. Two methods have gained
   widespread acceptance; the RSA-Encryption method and the Data
   Encryption Standard (DES). The DES is used by many US. Government
   agencies and is a de facto standard. This method was also
   implemented in Enigma because of its safety and proven workability
   in everyday use. One can be sure that data encoded with DES cannot
   be decoded in a reasonable amount of time with the help of a 
   supercomputer.

   Many offices and government agencies use paper shredders to destroy
   their sensitive documents. The Enigma function "Wipe" is the
   electronic equivalent of this. Many computer users don't know that
   files deleted with the DOS command "del" can often be recovered
   from their hard disks without much trouble even after a longer
   period of time. After using the "Wipe" function on a file you can
   be sure that no trace of it can be found on your hard disk any
   more.






                          Enigma User Manual                   page  1

   1.1 Changes since version 1.1
   

    * A comfortable installation program has been added
    * Context sensitive help by pressing the F1 key
    * Ciphering, deciphering and deleting of several files or whole
      directories in one step
    * Dialog controlled choice of the target directory
    * Stopping the ciphering process
    * 15 % performance gain
    * The option of compressing a file before it is encoded has been
      removed. A program with this functionality is available
      separately.
    * Files created with Version 1.x are incompatible with version
      2.0. This was necessary in order to permit the simultaneous
      handling of several files. The product of this work is a modern
      directory structure on which future versions will be oriented.

   1.2 Specifications
   

   The DES-Algorithm used in this program conforms to the following
   standards (as far as this is possible for a software
   implementation).

     FIPS PUB 46-1 - Data Encryption Standard (1988)
                     Contains the specification for the Data
                     Encryption Standard (DES) algorithm, which can be
                     implemented hardware to protect sensitive
                     unclassified information.

     FIPS PUB 74   - Guidelines for Implementing and Using the NBS DES
                     (1981)
                     Companion to FIPS PUB 46-1. Contains guidance
                     for the use of cryptographic techniques.

     FIPS PUB 81   - DES Modes of Operation (1980)
                     Companion to FIPS-PUB 46-1. Contains descriptions
                     of the four modes of operation for the DES:
                     Electronic Code book (ECB), Cipher Block Chaining
                     (CBC), Cipher Feedback (CFB), and Output Feedback
                     (OFB).

     ANSI X3.92    - Data Encryption Algorithm (DEA)
     ANSI X3.106   - DEA Modes of Operation

   In 1986 the ISO published the "DEA-1" specification, where it is
   recommended that DES be used for encoding data. The Wipe algorithm
   conforms to specification CSC-STD-005-85 of the National Computer
   Security Centre, it is described in the Department of Defence
   Magnetic Remanence Security Guideline, 15 Nov. 85, Section 5.3.1 .






                          Enigma User Manual                   page  2

   1.3 Technical support
   

   All questions regarding registration, technical support, discount
   and wholesale prices should be addressed to:

   Stefan Wolf Software; GartenStr. 22; D-61449 Steinbach/Ts.
   FAX TAM: +49 (0) 6171 980483
   Compu$erve: 100111,140

   2. Installation
   

   2.1 System requirements
   

   The minimum requirements for running Enigma version 2.0 are:

   Software:

     * Microsoft Windows Version 3.1 or Windows NT
     * IBM OS/2  Version 2.1

     Note: If you use on-line compressors such as "Stacker" or
           "DoubleSpace" we cannot guarantee that data which has been
           deleted with Wipe cannot be recovered again.

   Hardware:

     * Enigma does not require any special hardware to other than the
       computers ability to run one of the above mentioned operating
       systems.

   Note: Even though Enigma uses very fast algorithms their complexity
         make ciphering and deciphering data a time-consuming
         operation. It is therefor recommended that you use an AT-486.

   2.2 Installation procedure
   

   2.2.1 The setup program
   

   The setup program carries out the following tasks:

     * Copies the Enigma program files into the directory of your
       choice (default C:\Enigma20). Enigma Version 2.0 uses
       approximately 700 KB.

     * It modifies the Windows initialization file WIN.INI by adding
       the following line "en2=C:\ENIGMA20\ENIGMA20.EXE ^.EN2".

     * Creates the Windows Program Manager group "Enigma20"

     * Creates the file ENIGMA20.INI in the Windows directory


                          Enigma User Manual                   page  3

   2.2.2 Installing Enigma
   

      1. Start MS-Windows.

      2. Start the program manager.

      3. Click the Run command in the File menu in the Program
         Manager.

      4. Type in A:\INSTALL or B:\INSTALL depending on which drive
         you are installing from.

      5. A dialog box will appear and the recommended directory for
         the installation of Enigma will be shown. Choose the
         directory in which you want to install Enigma. If the chosen
         directory doesn't exist it will be created. Click the button
         "OK" to start the installation.

      6. The installation program will now begin to copy the Enigma
         files to the target directory.

      Note: If you want to install Enigma in a network environment
            make sure that you have the necessary write permission.

   2.3 Updating Enigma
   

   The versions 1.1 and 2.0 are not compatible. It is therefore
   necessary to decipher the data with version that it was encoded
   with.

   2.4 Starting Enigma
   

   Enigma can be started from Windows or from the MS-DOS prompt.

   Starting Enigma from the Windows Program Manager

     1.  Open or activate the Program Manager window.
     2.  Open the group window which contains Enigma.
     3.  Double-click the Enigma symbol or use the cursor and press
         "Enter".

   Starting Enigma from the Program Managers "File" menu

     1.  Open the "Files" menu in the Program Managers menu bar
     2.  Click "Run"
         > If Enigma is in your path enter Enigma.
         > If Enigma is not in your path enter the complete path to
           where Enigma is located, for example
           C:\ENIGMA20\ENIGMA20.EXE.
     3.  Click "OK"




                          Enigma User Manual                   page  4

   Starting Enigma from the DOS-prompt

     1.  At the DOS-Prompt type the command "win enigma20".
     2.  Press "Enter"
     Note: If you receive a message that the file could not be found
           this means that the directory containing Enigma is not in
           the path. Change to the directory which contains
           Enigma20.exe and try to start Enigma again.

   Starting Enigma from a Windows command line interface

     1. Once WinCLI, WinCLI Pro, 4Win ... is  running change the
        directory to where Enigma is located enter "Enigma20".


   When you start Enigma for the first time you will see a dialog box
   which will ask you to register the program. Enter your registration
   number here. You will find it on your program diskette. The DES
   Algorithm is not available until you have entered your registration
   number.

   3. The first steps
   

   3.1 The Enigma interface
   

   In the main window you will find two list windows and several
   text fields, 6 dialog buttons, a few status elements and the menu
   bar.

     Dialog Buttons: Each of these 6 buttons (from left to right) has
        an equivalent in the menu bar. It is also possible to
        activate each button by a series of key strokes.

        * Select Files: Opens a dialog in which a single file or whole
          directories can be selected. [(ALT-S),(ALT-F,S)]
        * Encrypt: Ciphers the chosen files. [(ALT-E),(ALT-R,E)]
        * Decrypt: Deciphers the chosen files. [(ALT-C),(ALT-R,C)]
        * Wipe: Deletes the chosen files. [(ALT-W),(ALT-R,W)]
        * Setup: Opens the window in which various Enigma parameters
          can be changed. [(ALT-U),(ALT-O,U)]
        * Exit: Exits Enigma. [(ALT-X),(ALT-F,X),(ALT-F4)]

     List Windows

        * Left: Shows the files which are in the current directory.
        * Right: Shows all directories and drives.

     Text Fields

        * Input file: This text field shows the name of the input
          file. It is automatically filled by clicking a file in the
          left directory window.
        * Output file: Text field for the name of the output file. You
          must manually enter the name of the output file here before
          encrypting.
                          Enigma User Manual                   page  5

        * Files in: Shows the current directory.
        * Size: Shows the size of the selected input files.
        * Date: Gives the date on which the encoded file was created.
        * Bottom border: A text field in which help texts are
          displayed dependent on the mouse cursor position.

     Status Elements

        * Selection: This status element is marked if a valid input
          file has been selected.
        * Original: This status element is on if the file shown in the
          input file field has not yet been encrypted. If you want to
          encrypt a file that has already been encrypted you must
          click this element.
        * Encrypted: This status element is marked when the file in
          the text field "Input File" has been encrypted.
        * DES Engine: Status element shows that the DES algorithm is
          being used. It is automatically marked when a DES encrypted
          input file has been chosen for decoding.
        * S-Rotor: Shows that the S-Rotor algorithm is being used for
          encryption and decryption. It is set automatically when the
          input file has been encrypted with S-Rotor.

   3.2 The Enigma setup
   

   This dialog box is opened by clicking the Setup Button in the Main
   Dialog Box or by pressing the key combination (Alt-U). This chapter
   discusses the configuration of the  Enigma environment.

    Delete files with a simple delete instead of using Wipe
     (default: not marked) (KeyStroke ALT-R)
       The file are simply deleted and can possibly be restored.

    Remove empty directories when deleting directory trees
     (default: marked) (KeyStroke ALT-V)
       Removes empty directories when deleting whole directory trees
       with Wipe.

    Create necessary directories while deciphering
     (default: marked) (KeyStroke ALT-C)
       Creates the necessary directory structure while deciphering.
       If this button is not marked the filenames containing a path
       name will be written into the current directory. For example,
       "tmp\dir1\file.txt" will be deciphered and written into the
       current directory with the name file.txt.

    EnCrypt all marked files without further questions
     (default: not marked) (KeyStroke ALT-E)
       If this status element is marked the selected files will be
       encrypted without further question, otherwise you would be able
       to modify your selection in an dialog box.




                          Enigma User Manual                   page  6

    Wipe out all marked files without further questions
     (default: not marked) (KeyStroke ALT-A)
       If this status element is marked the selected files will be
       wiped without further question, otherwise you would be able to
       modify your selection in an dialog box.

    Use available network drives for temporary files
     (default: not marked) (KeyStroke ALT-U)
       If there isn't enough space on local drives temporary files are
       created on available network drives.

    Regular MS-DOS expression
     (default: marked) (KeyStroke ALT-G)
       When this status element is marked the use of "*.*" also leads
       to the inclusion of files that do not end with an extension.
       For example, the file "Makefile" would be selected by using
       "*.*". Otherwise, when this status element is not marked you
       would have to use the UNIX-like regular expression "*" to
       include such files.

    Higher multitasking
     (default: marked) (KeyStroke ALT-M)
       If this status element is marked, MS-Windows has more time to
       process the internal message queue and it uses more CPU time
       for other applications which are running.

    Use File extension [en2]
     (default: marked) (KeyStroke ALT-F)
       If you don't add an extension to the name of the output file,
       Enigma will automatically add the extension "EN2". The use of
       a systematic extension can be helpful in relocating encrypted
       files.

    Prompt before wiping a file
     (default: marked) (KeyStroke ALT-W)
       Asks for confirmation before deleting an file with "Wipe".

    Prompt before overwriting a file
     (default: marked) (KeyStroke ALT-O)
       Asks for confirmation before writing back an decrypted file.
       This option should always stay marked and you should always
       make sure that the file was decoded with the right password
       otherwise rubbish might be written over the input file.

   Changes in this menu are only active for the current session. If
   you want to change the option's permanently you must click the
   button "Save Options" (KeyStroke ALT-S).

   3.3 Default user password
   

   With the help of this dialog you can set a fixed private password
   which can be used for encryption. This feature is only available in
   the registered version because registration number must be entered
   in order to store this password. You should keep your installation
   diskette in a safe place so that no one can find out its number.

                          Enigma User Manual                   page  7

   4. Working with Enigma
   

   Before you can encrypt or delete several files in one step you must
   collect them in a file list. This section will lead you through the
   selection process.

   4.1 Selecting several files
   

   This dialog box contains three list windows which are used to
   select and collect the files that are to be encrypted or deleted.
   With the help of various buttons you can select individual files or
   whole directory trees. The selected files are listed in the bottom
   window. Marked files in the other two windows can be moved to the
   bottom window by clicking the "Update" button.  After you are done
   selecting files confirm your selection by clicking the "OK" button.

     * Mask: When you activate this button the "File" list window
         (left) is updated according to the file mask (Regular
         expression) on its left side. (KeyStroke ALT-M)

     * Start Dir: This button selects the starting directory for the
         encryption. When you are working with several files in
         different directories a defined starting point must be set in
         order to restore the directory structure when the files are
         deciphered. At first this switch is not available and the
         current directory is set as the starting directory. This
         switch becomes active when you change to a directory which
         higher up in the directory hierarchy ([..]) than the current
         starting directory or when you change to another drive.
         (KeyStroke ALT-T)

     * Select All: Tags all files in the left list window. The left
         list window allows a so called multiple choice selection,
         this means that you can select files by simply holding down
         the left mouse button and pulling the mouse cursor downward.
         If you press the CTRL key at the same time you can also
         select files which don't immediately follow each other.
         (KeyStroke ALT-S)

     * DeSel. All: Untags all files in the left list window.
         (KeyStroke ALT-D)

     * Recursive: Clicking this button causes the highlighted
         directory in the right list window to be tagged. Clicking the
         "Update" button will copy all files in that directory or those
         of its sub directories into the bottom list window in
         accordance with the file mask. (KeyStroke ALT-R)

     * Update: This button causes all tagged files to be copied into
         the bottom list window. It must activated again to copy each
         subsequently tagged file into the bottom list window.
         (KeyStroke ALT-U)

     * Reject: Removes tagged files from the bottom list window.
         (KeyStroke ALT-J)
                          Enigma User Manual                   page  8

     * Reject All: Removes all files from the bottom list window.
         (KeyStroke ALT-A)

   Further information about a file can be obtained double clicking it
   in the bottom list window.

   Note: In this version of Enigma for Windows the number of files
         that can be selected in one step is limited by the way
         MS-Windows handles standard list-boxes. This problem will be
         overcame in the next version of Enigma. If you specify an
         existing archive file as an output file Enigma will add to it
         all files that it doesn't already contain.


   4.2 EnCrypting file(s)
   

   It is possible to either encrypt a single file or several files at
   once. If several files are to be encrypted they must be tagged in
   the dialog "Select files". A permissible selection of files can be
   recognised by the status of the status element "Selection". In this
   case the words ">> Selection List <<" will appear in the text field
   "Input File", if only one file is selected this text field will
   contain the file name. Now you can type the name of the output file
   without the path in the text field "Output File".

   After selecting the input file(s), output file the encryption
   algorithm must be chosen. In order to do this click either the
   status element "DES-Engine" or "S-ROTOR", then confirm the choice
   by clicking the button "EnCrypt" or by choosing the command
   "EnCrypt" in the "Run" menu. If you have selected several files a
   new dialog will appear which prompts you to confirm your
   selection. Use the 4 switches in the middle of the dialog box to
   move the files around between the list windows. All files shown in
   the bottom list window will be encrypted. When you are ready to
   encrypt click the "OK" button.

   Note: The status element "Original" must be marked if an encrypted
         files is to be encrypted again.

   A dialog will appear in which you can chose in what directory the
   output file will be copied into. Compare the file size with the
   directory size in order to ensure that there is enough space to
   hold the output file.

   Before the selected files are encrypted you must enter your
   personal password. No one can decode these encrypted file without
   knowledge of this password. The password should be at least 5
   characters long and it can contain any character which you can
   enter with the keyboard. Enigma is case sensitive, that means it
   differentiates between an "a" and an "A". The password is not
   shown on the screen when you enter it for protection against
   unwanted observers. For safety reasons it has to be entered twice
   (Fields Password: and Confirmation:).



                          Enigma User Manual                   page  9

   Clicking the "Make Key" switch causes an eight character password
   to generated by a random character generator, it can be seen in the
   field "Automatic:". You should write this password down before
   clicking "OK".

   Now the encryption process can be started; a new window will appear
   which informs you about the encryption process and from here you can
   interrupt the encryption process at any time.

   Warning: If you have selected an encrypted file as the output file
            all files will be appended to it which aren't already
            contained in it. If files have been selected with the same
            name(s) as those already in the encrypted file the latter
            will be replaced. If you use a different password from
            that in the existing encrypted file you must ensure that
            you use the appropriate password for each encrypted file.
            We do NOT recommend this procedure !!!


   4.3 DeCrypting files(s)
   

   Tag the file that is to be decrypted in the left list box in the
   main dialog. If the file is encrypted the status element
   "Encrypted" will automatically be marked. You can only decipher
   files with Enigma that were encrypted with Enigma. The file name
   will appear in the text field "Input file".  After the file has
   been selected click the switch "DeCrypt" or activate the "DeCrypt"
   command in the "Run" menu.

   After this a dialog will appear which shows what files are present
   in the input file.  Here it is possible to select the files which
   should be deciphered. Confirm the selection by clicking "OK".

   Now a new dialog will appear in which you can select in which
   directory the deciphered files should be copied into. Afterwards a
   new dialog will prompt you for the password that was used to
   encrypt the file(s). The deciphering process can now be started.
   Once started a new window will appear which informs you about the
   deciphering process. Here the deciphering process can be
   interrupted at any time.

   Warning: After all the files in your input file have been
            deciphered make sure that your data has been deciphered
            correctly before you delete the input file. Enigma has no
            way of testing whether the correct password was used to
            decipher the file(s) and there is no sure way of testing
            whether the result is meaningful. If you use the wrong
            password to decipher the file the output file will contain
            rubbish and you must decipher the input file again with
            the correct password.






                          Enigma User Manual                   page 10

   4.4 Wiping file(s)
   

   It is possible to delete a single file or several files at once. If
   several files are to be deleted they must selected and tagged in
   the dialog "Select Files". A permissible selection of files can be
   recognised by the status of the status element "Selection". In this
   case the words ">> Selection List <<" will appear in the text field
   "Input File", if only one file is selected this text field will
   contain the file name.

   After this is done you can click the "Wipe" button or activate the
   "Wipe" command in the "Run" menu.  If you have selected several
   files a new dialog will appear which prompts you to confirm your
   selection. When you are ready to delete click the "OK" button and
   a new window will appear  which informs you about the progress of
   the deleting operation and here it is possible to interrupt the
   operation at any time.

   Warning: After this operation the data is lost for ever, so please
       be careful when selecting the files which you want to delete.

   5. Algorithms
   

   5.1 Data Encryption Standard (DES)
   

   In 1972 the National Bureau of Standards (hereafter: NBS) made a
   public invitation to tender for the development of a program which
   would allow files (unclassified computer data) of any type to be
   encrypted. The low response prompted the NBS to ask the National
   Security Agency (NSA) for help. Here they had some experience in
   the development of simple encoding and encryption algorithms. After
   long discussions the NBS decided to use the Data Encryption
   Standard (short DES) as a standard. The DES had been developed at
   IBM.

   The DES has its roots in an encoding method which was developed in
   Germany during WW I by an electrical engineer named Arthur
   Scherbius. In the second World War the Germans developed an
   electromechanical encoding device called "Enigma 4" which was based
   on the work of Arthur Scherbius. Like Enigma the DES uses a series
   of permutations which for themselves are individually rather simple
   but when used repeatedly they are extremely complicated.

   In the Enigma encoding machine the permutations are generated by
   mechanical wheels while in the DES they are produced by program
   code or by hard wired chips.

   When the encoding is done on a computer the symbols that need to be
   encrypted are binary numbers (bits), the electromechanical Enigma
   encoded the letters of the alphabet. The DES handles a series of 64
   bits at one time. This means that the file that is to be encoded
   has to be broken down into a series of 64 bit sequences. What the
   DES algorithm does with a file that is to be encoded can be

                          Enigma User Manual                   page 11

   compared with a river that continually parts and recombines in an
   extremely complicated manner.

   DES splits the 64 bit long sequence apart with a multistage
   algorithm and combines it with the 64 bit (8 character) long user
   password. Since many communications programs transfer data (bytes)
   with 7 bits and use the eighth bit as parity the most significant
   bit (msb) of each password character is not used in this
   combination process.

   At first the 64 bit long sequence is subjected to a fixed entrance
   permutation and subsequently split into two 32 bit blocks, the so
   called left and right halves. Then each block is then hacked apart
   in 16 iterations, this operation serves to make the blocks
   completely unrecognisable. The resulting encrypted 32 bit blocks
   are then permuted back to a 64 bit block by a permutation table
   which is the inverse of the first permutation table. This encrypted
   64 bit block is then written to the output file.

   In each iteration the left hand block is coupled with the 32 bit
   output of the function  by an XOR operation. The sixteenth
   iteration makes an exception, here the blocks are swapped. The
   function  receives the right hand block and the 48 bit output of
   the function  as its arguments. The right hand block will from now
   on be called R.  permutes R's 32 bits to 48 bits. The permutation
   used here results from an XOR coupling with the 48 bit output of
   the function . The 48 bit result is then split into eight 6 bit
   values.

   The function  then substitutes a 4 bit value for each 6 bit value.
   The eight 4 bit values are then combined to a 32 bit value, which
   is then coupled with a further permutation table. The resulting 32
   bit value of this permutation is the output of the function . The
   function  composed of eight sub functions 1,2,...,8 which are
   used on the eight 6 bit values from above. Each sub function has
   its own permutation table.

   In this table a 16x4 matrix each of the 64 elements has value
   between 0 and 15 and a 4 bit value which substitutes a 6 bit value.
   The matrix co-ordinates of a 6 bit value are obtained in the
   following manner: bits 1 and 6 give column 0..3, with bits 2
   through 5 the row 0..15 is calculated. The function  returns the
   4 bit value of the so addressed matrix element.

   The purpose of  is mix up password and text in such a fashion that
   after only a few iteration steps each password character is
   dependent upon each text bit and each other password character.
   Here by the frequency distribution of the characters in the text is
   completely smeared out and a so-called "Frequency Analysis" is made
   impossible.

   The function  returns a 48 bit value which is created with the
   help of the password. The arguments of  are the number of the
   current iteration and the password. Enigma contains two further
   permutation tables for the password. In the first iteration the
   password is permuted with the first table and then split into two

                          Enigma User Manual                   page 12

   halves. Each of these halves is shifted to the left once (1,2,9,16)
   or twice (3-8,10-15) depending on the iteration number. An
   internal table controls the shifting process. Each subsequent
   iteration uses the shifted value of the preceding iteration as
   input, then it shifts the value again and finally it permutes it
   with the second permutation table.

   The deciphering process use the same algorithm, except that the
   output of the function  occurs in reversed order.

   5.1.1 The safety of DES
   

   >> The best that can be expected is that the degree of security be
      great enough to delay solution by the enemy for such a length of
      time that when the solution is finally reached, the information
      thus obtained has lost all its value. << William F. Friedman

   It can be shown that after a few iteration steps each bit in the
   encrypted file is dependent upon each bit of the clear text and\or
   the password. A minimal change in the clear text or the password
   causes more than half of the bits in the encrypted file to change,
   this is the so-called avalanche effect.

   Because a "Frequency Analysis" is made impossible by the DES a
   potential hacker has only one method of finding the correct
   password, that is simple trial and error. If one considers a
   password length of eight characters that makes 64 bits minus
   the 8 parity bits to be tried out. This means theoretically
   72 quadrillion (2 exp 56) passwords have to be tried.

   With the help of a custom chip which is able to test a million
   passwords a second it would take about 2284 years to try all
   possible combinations. 10000 of these chips in a parallel array
   would get the same result in about 80 days. A test for the
   plausibility of the deciphered text which has to be done after
   each test is not included in these calculations. The weakest link
   in the DES is the exchange of passwords between the users.

   5.2 S-ROTOR
   

   The S-Rotor uses an XOR substitution algorithm, this means that
   every character of the text is coupled with a character in the
   password by a XOR operation to produce a character in the output
   file. This means that in contrast to trivial encoding algorithms
   where the characters of the password are coupled with the text
   characters one after another the S-Rotor uses a procedure that
   randomly selects a character of the password to couple with a
   character of the text.

   The randomising procedure is dependent upon the length of the
   password. By filling the output buffer with random numbers the
   degree of disorder is further increased. Because the password
   itself is not written into the output file it would be very
   difficult to decipher a text without knowledge of the password

                          Enigma User Manual                   page 13

   even if you had the source code of S-Rotor.

   You should thoroughly memorise your password. If a file is
   accidentally encoded more than once it can be decoded by entering
   the passwords in the opposite order. A text that has been encoded
   twice with the same password does NOT yield the original text.

   5.3 Regular expression
   

   In the "Select Files" dialog a (limited) regular expression can be
   entered to create a file mask. The following characters have been
   implemented:

     *       Matches any sequence of characters including a sequence
             of length zero
     ?       Matches every single character
     [...]   Character set, it matches any one of a group of characters
             that are enclosed in the square brackets
     [^...]  Complemented character set, this matches any character
             which is not inside the brackets
     -       Can be used inside brackets to define a range of numbers.
             For example, sws[1-36] matches sws1, sws2, sws3 and so on
     \       This is used to suppress the special meaning of a
             character when matching.  For example \] matches the
             character "]" also "\[" and "\-" can be used anywhere
             inside a bracket and "\^" directly after the opening
             bracket. The expression \xyz is equivalent to the ASCII
             character whose octal value is equal to xyz.

     All other character match themselves

-End of file-
























                          Enigma User Manual                   page  14
