ANNOUNCE: TclDES: Munitions-grade Tcl scripting! (Version 0.7)
From: Mac A. Cody (maccody_at_castcom.net)
Date: 06/29/04
- Next message: Gerald W. Lester: "Dead is NOW! CFP Tcl/Tk 2004"
- Previous message: Jim Wu: "Re: a so simple exe"
- Next in thread: Mac A. Cody: "ALERT: TclDES/TclDESjr 0.7 re-issued (Was Re: ANNOUNCE: TclDES: Munitions-grade Tcl scripting! (Version 0.7))"
- Reply: Mac A. Cody: "ALERT: TclDES/TclDESjr 0.7 re-issued (Was Re: ANNOUNCE: TclDES: Munitions-grade Tcl scripting! (Version 0.7))"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 29 Jun 2004 03:09:38 GMT
TclDES: Munitions-grade Tcl scripting! (Version 0.7)
What is it?
TclDES is a pure-Tcl implementation of the NIST Data Encryption Standard
(DES). The package can perform encryption and decryption using either
the standard DES algorithm or the triple-DES (3DES) algorithm. All four
DES modes are supported: Electronic Code Block (ECB), Cipher Block
Chaining (CBC), Cipher Feedback (CFB), and Output Feedback (OFB). TclDES
is a port of a Javascript implementation of DES/3DES (ECB and CBC modes)
by Paul Tero, of Shoppable in the United Kingdom.
The OFB and CFB modes in TclDES 0.7 now support true streaming data.
This means that a sequence of bytes can be encrypted or decrypted in a
piecewise fashion via multiple calls to the stream procedure. The use
of a feedback vector retains the encryption/decryption data flow state
between calls to the stream procedure.
The programming interface has changed slightly for TclDES 0.7. Feedback
vectors (used with OFB and CFB modes) are are now managed within the des
namespace. This allows key sets to be reused for multiple encryption or
decryption operations.
Why is TclDES a munition?
Under the International Traffic in Arms Regulations (ITARs), encryption
software and hardware are considered munitions along with guns, tanks,
nuclear, biological, and chemical weapons. Encryption can potentially
be used by adversaries to conceal their communications from the United
States government. As a result, export of encryption software and
hardware requires licensing and approval by the U.S. government.
Fortunately, export restrictions have been eased significantly in recent
years. This is due to several reasons. For one, the large amount of
commerce now occuring on the Internet requires that encryption be widely
available. With commerce equating to money, there is a strong desire by
the U.S. government for American companies to remain competitive.
Another reason is that it has become virtually impossible to control the
flow of cryptographic software into and out of the United States. Many
books on encryption, containing source code, are readily available.
Ironically, these books have no restrictions on export due to the 1st
Ammendment of the U.S. Constitution. Also, the availablility of many
encryption packages (such as OpenSSL and PGP) make the entire effort of
controlling encryption export rather moot.
How is TclDES being made available then?
This source code is being made publicly available and has been
registered with the U.S. Dept. of Commerce Bureau of Industry and
Security (BIS) under export license exception TSU (Technology and
Software Unrestricted) for export out of the United States. To qualify
for this exception, the sources to TclDES must be made available with
minimial or no cost. To satisfy this requirement, the TclDES sources
are licensed under the same Open Source license as Tcl (BSD). Details
can be found in the TclDES source code.
While license exception TSU allows for the export of TclDES out of the
United States, the import of the strong encryption (3DES) contained
within TclDES into other countries could be an issue. The BIS Export
Administration Regulations (EARs) and the Wassenaar Arrangement allow
for the unrestricted export (no licensing required) of symmetric key
encryption with key lengths of 56 or fewer bits. The Wassenaar
Arrangement is signed by 33 founding countries, which includes most of
the major industrialized nations. To satisfy this restriction and make
a pure-Tcl implementation of DES as widely available as possible, I have
created a version of the source code with the 3DES capabilities stripped
out. This version is called TclDESjr. It is available as a separate
package.
The source code of TclDES is platform independent, though current
development is on a Slackware Linux 9.1 system with Tcl/Tk 8.4.6.
Documentation is in the form of man pages (tcldes.n and tcldesjr,
respectively) and HTML documents (tcldes.html and tcldesjr.html,
respectively). The HTML documents were generated from the man pages
using the man2html utility.
Future goals and Feedback
There are two areas in which TclDES and TclDESjr can be improved:
o Reduce the execution time of the encryption and decryption codes.
o Add ability to return the feedback vector for CBC mode to enable
processing of large blocks of data via multiple calls of the
encryption/decryption algorithm (this may cause a significant
interface change).
Hopefully community input will help in achieveing these goals. For
comments and suggestions, I can be contacted via email at
maccody <at> users.sourceforge.net
Availablity
TclDES and TclDESjr are available in gziped tar file format for the Unix
environment and zip file format for the Microsoft Windows environment.
They can be obtained from the TclDES home page and SourceForge Summary
page:
Home page: http://tcldes.sourceforge.net
SourceForge Summary page: http://www.sourceforge.net/projects/tcldes
Enjoy!
Mac A. Cody
- Next message: Gerald W. Lester: "Dead is NOW! CFP Tcl/Tk 2004"
- Previous message: Jim Wu: "Re: a so simple exe"
- Next in thread: Mac A. Cody: "ALERT: TclDES/TclDESjr 0.7 re-issued (Was Re: ANNOUNCE: TclDES: Munitions-grade Tcl scripting! (Version 0.7))"
- Reply: Mac A. Cody: "ALERT: TclDES/TclDESjr 0.7 re-issued (Was Re: ANNOUNCE: TclDES: Munitions-grade Tcl scripting! (Version 0.7))"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
