==================================================================
CrypTool, Version 1.4.10 for Win32, July 2007
(c) Contributors
including
Deutsche Bank AG, Frankfurt/Main
University of Siegen and Darmstadt
1998-2007
www.cryptool.org
Bernhard Esslinger
$Id: ReadMe-en.txt 2191 2007-07-29 21:50:27Z esslinger $
==================================================================
1. .... Brief description of the CrypTool package
1.1. .... How to start - An introduction to CrypTool
1.2. .... Components of the CrypTool distribution
1.3. .... Acknowledgements
1.4. .... Maintainer and hosting
2. .... What does CrypTool offer in detail
2.1. .... What can you do with CrypTool
2.2. .... Where do you find the source code
2.3. .... Where can you get another overview about CrypTool
2.4. .... What's new in version 1.4.10
3. .... Possible areas for further development -- ideas, requests
3.1. .... Functionality: Algorithms / methods
3.2. .... Functionality: Analysis
3.3. .... Internal interfaces / editors
3.4. .... User interface / visualizations
3.5. .... Porting to Linux, Java and VS2005/WPF
3.6. .... Meaningful tasks to make the new maintainer familiar with
4. .... Limitations and requirements
4.1. .... Scope of this Education, training and awareness software
4.2. .... Win32 environment and roadmap
4.3. .... Interactive online help under Windows XP
4.4. .... Support for different languages
4.5. .... Restrictions / Features
4.6. .... Using certificates created with older CrypTool versions
5. .... Installation / de-installation / operating
5.1. .... Installation and further usage of keys of previous versions
5.2. .... Installation under multi-user operating systems
5.3. .... De-installation of CrypTool
5.4. .... Operating under multi-user operating systems
6. .... List of delivered files
6.1. .... Checking the integrity of downloaded files
7. .... Brief history of the released main versions of CrypTool
8. .... Feedback
9. .... Contact addresses
10. .... References / hints
10.1. .... Articles about CrypTool
10.2. .... Further references
10.3. .... Further freeware projects (Crank, CAP, CryptoStudio, etc)
10.4. .... Awards
11. .... Appendix
11.1. .... Hints for using CrypTool on Linux with Wine
1. Brief description of the CrypTool package
This ReadMe file is part of the free distribution of CrypTool,
a program by means of which cryptographic functions can be easily
demonstrated and known and unknown algorithms can be analyzed.
Already in the ancient ages such methods have been used for privacy
of messages. Current methods are based on modern mathematics and
offer besides encryption also to check integrity, to build digital
signatures, secure authentication and many more. CrypTool supports
both the execution and the analysis of such methods.
CrypTool has been developed by more than 30 persons world-wide
since 1998.
Every part of the program comes with extensive online help, which
can be understood without deep knowledge in cryptography.
CrypTool is completely available in English and German.
The Polish version has the same functionality [at the moment only
the program itself, i.e. the GUI (menus, dialogs, ...) is translated.
The documentation delivered with the Polish version is still in English].
It is required that the user is able to use typical applications
under Windows.
The current release version of CrypTool and the source code are
available at the following internet addresses (without registration):
http://www.CrypTool.org
http://www.CrypTool.com
http://www.CrypTool.de
http://www.CrypTool.pl
Since mid 2006 about 3000 CrypTool packages are downloaded per
month -- with a growing trend (more than 1/3 of the current downloads
request the English version).
The aim of CrypTool is to explain cryptographic mechanisms and to
demonstrate the use and the limitations of individual mechanisms.
CrypTool has implemented almost all state-of-the-art crypto
functions and allows you to learn about and use, modern and
classic cryptography within the same environment in a "playful"
manner.
CrypTool is used
- within companies to help raising the sensitivity for IT security
(awareness) and for educational purposes,
- within school lessons and
- within lectures at several universities.
Kindly note the terms of the license and the information regarding
non-liability for any damage arising from the use of CrypTool. These
conditions are described e.g. at the web page, during the installation
process and at the introduction page of the online help for CrypTool.
Previous users of CrypTool may find especially chapter 5 (What's new)
and chapter 6 (Further development) of this ReadMe interesting.
We welcome very much everybody willing to further develop CrypTool
or to give feedback. We are also glad about hints telling us about
papers (diploma or doctor thesis or seminar home works), which could
be integrated into CrypTool.
Contacts: Please see chapter 9 below.
1.1. How to start - An introduction to CrypTool
When you start up CrypTool, the CrypTool work area starts up
along with a small welcome screen which appears in the
foreground. If you press F1 in the welcome screen, the starting page
of the online help comes up too.
This starting page is a good starting point, to become acquainted
with all essential features of CrypTool (using the links on this
starting page). Please read the information and the hints on the
introductory help page.
To quickly get up to speed on cryptography with CrypTool, we
recommend that you work through some of the examples (tutorials)
provided within the online help facility (the examples are shown
in the online help contents overview under "Starting work with
CrypTool").
The easiest way to try out many of the CrypTool functions is with
the file "Startingexample-en.txt", which is open by default in the
CrypTool work area. But you also can open any unencrypted file from the
"examples" subdirectory or any other file.
If a menu item has no meaning to you or you don't know exactly what
to do within a dialog window, please press F1. If the according
online help isn't satisfactory please give us feedback.
You can find a 1-page overview over all menus in CrypTool (menu tree)
within the included PDF script (see appendix A1).
We hope you enjoy learning about cryptography and trying out all the
functionality within CrypTool.
1.2. Components of the CrypTool distribution
The CrypTool package includes the following four main parts:
(1) The program CrypTool
Main part of the CrypTool package is the program CrypTool itself.
CrypTool is a demonstration primarily used for training purposes:
- To this end, CrypTool contains an extensive collection of
cryptographic algorithms and protocols which are well documented
and partly visualized.
In this way, CrypTool is very well suited for training and
teaching employees awareness of the importance of IT security.
- Most of the cryptographic basic algorithms used are taken from:
- the industry-proven Secude library (http://www.secude.com/),
- the Miracl library of Shamus Software Ltd (http://indigo.ie/~mscott/),
- the OpenSSL library (http://www.openssl.org/),
- the NTL number theory library of Victor Shoup
(http://www.shoup.net/ntl/),
- the GMP library for arbitrary precision arithmetic
(http://www.swox.com/gmp/) and
- the cv act library of cv cryptovision Ltd (www.cryptovision.com).
The currently used version of the included libraries can be seen
within the "About CrypTool" dialog (see help menu).
In this way, CrypTool is also an outstanding reference
implementation.
- The cryptanalysis of most of the classical algorithms
implemented is automated.
The analysis of modern techniques is limited so that CrypTool
is not a hacker's tool.
CrypTool is not intended as an application to be used as a
Certification Authority (CA) or to encrypt or otherwise protect
real-world data.
(2) Documentation
A comprehensive documentation is provided. This also consists of
four parts:
a) ReadMe file (this file)
b) online help
- context-specific help in order to use the program and further
information about individual topics and principles,
- demos and sample scenarios (here you learn to know single
procedures step-by-step).
c) script on the subject of cryptography (attached as a PDF file)
d) presentation, which shows at some slides the possibilities of
CrypTool (also attached as PDF file).
(3) Self-contained programs
The following programs can be called from within CrypTool or directly
as a stand-alone program:
a) The program AES-Tool v 2.4 (developed within the CrypTool project)
CrypTool contains a special program for the creation of self-
extracting executable files. This program can also be used
independently. In this program a session key is generated from
a password, and with this key any file's content can be
AES-encrypted.
This encryption tool can be called both as a Windows application
and as a command line tool (e.g. called from within a batch file).
Files up to 4 GB can be encrypted.
At the installation the file extension "AES" is associated with this
programme.
b) The educational game "Number Shark" v 1.1 (by the CrypTool project)
This game helps pupils to get acquainted with divisors and prime
factors.
c) The animation program ANIMAL (see http://www.animal.ahrgr.de)
This program is maintained by Dr. Roessling at the Technical
University of Darmstadt. It allows to specify and model the single
steps of algorithms or the components of data structures with as
much detail as desired, and run these steps forwards, backwards, or
automatically). It also can dynamically animate source code.
Animations can be created with the Animal system using a GUI,
a script language or a Java API.
Further examples can be found within the ANIMAL repository:
http://www.animal.ahrgr.de/animations.php3?tool=Animal&lang=en
d) The Flash applications:
- "Rijndael Animation" (visualizes the AES encryption method),
- "Rijndael Inspector" (visualizes the changes in the state matrix after
each step of each round of AES), and
- "Enigma" (visualizes the WW2 crypto machine Enigma).
e) The Authorware application "NT" (Number Theory) introduces elementary
number theory and visualizes many of the methods and concepts, which
are the basis of modern public-key cryptography.
Where appropriate, the mathematical formulas are shown.
It allows to dynamically check out the mathematical methods with own
number examples.
Part of it is the program bc.exe by Free Software Foundation,
which allows to calculate with arbitrary precision from the commandline.
(4) Stories dealing with number theory and cryptography
There are two stories attached as PDF file.
- In "The Dialogue of the Sisters" the title-role sisters use a
variant of the RSA algorithm, in order to communicate securely.
- In "The Chinese Labyrinth" Marco Polo has to solve number theoretic
problems to become a minister of the Great Khan.
All the single files included in the package are listed within
chapter 4 (see below in this ReadMe file).
1.3. Acknowledgements
A big number of individuals have contributed to CrypTool, many of
them in their free time as well (some are listed in the dialog
box you get after double clicking the "About" dialog box).
We are extremely grateful to them.
Sponsors are e.g. Deutsche Bank AG and the Technical University
of Darmstadt.
Without being complete we want to mention some contributors and their
eventual special conditions here:
- Dr. Carsten Elsner allowed us to include both his stories.
The author owns all rights at these stories. The maintainer of
CrypTool is allowed by the author only to distribute this story
together with the CrypTool package.
The German version of the story "The Dialogue of the Sisters"
was first published in the computer magazine c't, 25/1999. While
c't published a slightly shortened version you here get the original
version.
- Dr. Guido Roessling allowed us. to include and deliver his freeware
ANIMAL, a Java based animation software.
- We also got the allowance to integrate enhanced versions of:
- the two Flash animations for AES by Enrique Zabala,
- the Flash animation for Enigma by Dr. Frank Spiess,
- the number theory e-learning program by Martin Ramberger.
All rights for a usage outside the free context of CrypTool
application remain with the appropriate owners/authors.
- The companies (see chapter 1.2)
- Secude IT Security Ltd,
- Shamus Software Ltd and
- cv cryptovision Ltd
allowed us gratefully to use their cryptographic libraries.
These libraries distributed with CrypTool are not allowed to be
used in another context than CrypTool without contacting the
mentioned companies and asking for their current terms of licence.
Also we want to cordially thank the open source developers, who
encouraged us with their code or who build code we can use
(e.g. the libraries OpenSSL, GMP und NTL, the installation software
NSIS, the text editor software Scintilla).
I also want to thank Mr. Bartosz Sawicki from the university of
Warsaw, who did with his team the complete Polish version.
1.4. Maintainer and Hosting
Since October 2002 the chair "Security in Information Technology",
faculty computer science from Mrs. Prof. Dr. Claudia Eckert at the
Technical University of Darmstadt, Germany hosts the English and
German web page of CrypTool and the Subversion repository system
for the program sources.
The CrypTool developer group around Bernhard Esslinger continues
to act the maintainer: This means they take care about the source
code, they publish CrypTool as open source and freeware, and they
co-ordinate the further development. Current steps of the roadmap
are also published at the web page.
Homepage of CrypTool: www.cryptool.com (www.cryptool.org).
We would be very glad about every new developer, who joins to help
to enhance the functionality and usability of CrypTool.
Ideas for further development can be found in chapter 3.
Also very welcome are ideas and information, how CrypTool is used in
lectures, school and education, so that we can help to share this
information.
2. What does CrypTool offer in detail
2.1. What can you do with CrypTool
The general properties and functions of CrypTool are:
- E-learning program around the topic cryptography and cryptanalysis.
- Everything in one program package and controlled by one common
graphical user interface.
- CrypTool is fully available in both English and German.
The program itself also available in Polish.
- Many classical encryption methods, and for them either a manual
cryptanalysis or an automatic analysis is offered (known-plaintext attack).
- Codes like Base64 and UU-Encode.
- Almost all modern symmetric encryption methods, accompanied by brute-force
analysis
(The brute-force attack on symmetric algorithms allows to define
joker characters and the expected elapsed time is displayed.
Additionally you can customize the width of the entropy field
used for this kind of analysis within the analysis options).
- Modern (asymmetric) crypto methods and protocols (hash, RSA, ECC, digital
signature, hybrid encryption, PKCS#5, shared secret, ...) and partly
attacks against it (birthday attack, side-channel attack,
lattice-base reduction).
- Demonstration of the RSA cryptosystem (and some variants) and some
number theoretic algorithms behind:
- Generate and test primes (including the deterministic method AKS).
- Factorize numbers (step-by-step) with different methods
(the different methods run in parallel threads).
- Make the RSA cryptosystem understandable and use it:
- Generate RSA keys (also with primes of your own choice).
- Encrypt/decrypt with RSA.
- Generate RSA signatures and validate these.
- Attack the RSA cryptosystem.
- Three attacks against RSA, based on lattice reduction. They work,
if special preconditions are given:
* either a part of one of the two factors of N is known
("Factoring with a Hint"),
* or a part of the cleartext of an eavesdropped encrypted message
is known and e is small ("Attack on Stereotyped Messages"),
* or if d is too small compared to N, N can be factorized
("Attack on Small Secret Keys (according to Bloemer/May)").
This implementation was done within a thesis, which can be delivered
via email (this thesis only exists in the German language).
- Visualization / Animation / Demonstration
- demo of the sensitivity of hash algorithms.
- visualization via flow process charts (e.g. the Diffie-Hellman
key exchange protocol or the challenge response demonstration).
- Animations
- with ANIMAL (e.g. DES) or
- with Flash (AES, Enigma).
- with Java/SWT: Addition of points on an elliptic curve (both on
discrete as on real curves).
- Demonstration for different ways of authentication in the net
(Visualisation of challenge response methods):
* from UID/PW and One-Time-Password
* over (unidirectional) challenge response (symmetric + asymmetric)
* to asymmetric mutual authentication.
* The user interactively can control, what a attacker could do
(get the computer under control, create or separate connections,
eavesdrop).
* Experience: only the mutual asymmetric authentication is secure
against man-in-the-middle attacks.
- Demonstration for a side-channel attack against a typical hybrid
encryption protocol: If the implementation is not comprehensive,
but formally correct, as happened in reality, the attacker can very
efficiently calculate the used session key of an eavesdropped message
by sending protocol-appropriate requests to the server.
- Calculate hash values and demonstrate its sensitivity.
- Implementation of MACs (combination of hashes and symmetric methods
to authenticate messages).
Hashes have been already used in CrypTool within PKCS#5 or digital
signatures.
- The Shared Secret method from Shamir has been implemented with
many options.
- Random numbers:
- generators and statistical analysis for (random) data (e.g. FIPS-140-1).
- The Secude cryptographic random number generator allows to gather
entropy by mouse moves and keyboard entries.
This is the default, when calling it the first time, because it shows,
that you need a random source in order to get good random data.
- 3-D visualisation of big sets of random numbers with the rendering
engine from OpenQVis (http://openqvis.sourceforge.net/).
- Export and import RSA and DSA-PSEs with the keys stored in there
via PKCS#12.
- The modern methods are implemented according to international
standards (reference implementation).
- The last adjustment for a method (parameter, key or alphabet) is
stored within the program. A stored key can be retrieved via an
insert-key-icon for any single key, which make the handling of testing
and probing easier.
- For each window you now can call a dialog which shows all relevant
properties of the document.
- All persistent data is now stored within the user local part of
the registry (no more INI file): So CrypTool can be used without
administrator access rights and different users at the same pc can
have different settings.
- The same menu structure now permanently visible: Items which cannot
be clicked for special document types are dynamically made grey,
but they are no more taken away (this was a frequent request from
users).
- The self-contained program AES-Tool can create self-extracting
programs. So you can encrypt any file <4 GB with the AES algorithm,
protected by a password (entered as a hexadecimal key).
Full functionality also when calling from the command line.
- The self-contained e-learning program about the mathematics behind the
asymmetric cryptography presents exhaustively and interactively the
elementary number theory.
- Three applications based on the Chinese remainder theorem:
* Solving a system of linear modular congruencies using the solar
system as an example.
* Showing how you can calculate (add, subtract or multiply) with
modular remainders (residues) instead of the (bigger) actual
numbers.
* Showing the shared secret method (this is an electronic equivalent
to the vault mechanism where e.g. at least 3 key-owners must
cooperate to open it, but 5 different keys are there).
- The educational game "The Number Shark" helps pupils to
get an easy understanding of divisors and primes.
- Web page with the hash values of all downloadable CrypTool files:
So you can check the integrity of the files of the CrypTool package
stored on your computer.
- Exhaustive documentation (online help, script).
The online help has HTML format.
The online help contains explanations about the handling and about all
the cryptographic methods, a historic overview and the integration into
further scientific and organisational topics plus how cryptography should
be used.
- CrypTool is used world-wide in schools, universities, agencies and
companies.
2.2. Where do you find the source code
- Until version 1.4.00 the source code of release versions could be downloaded
as a big zip file from the CrypTool webpage.
- From version 1.4.10 the sources of the release version (Tag
"CrypTool_1_4_10") and the current developer sources are available directly
from the subversion repository.
Everybody has read access to this repository via:
svn checkout https://file.sec-tud.de/svn/CrypTool/trunk
--username anonymous --password anonymous
To get an impression of the size of the project here is a statistics created
mid July 2007 using the most important files for the English and the German
version). Snapshot about the number of files and the number of lines of code:
FILE SUMMARY
5 .rc files
38 .c files
1050 .html files
363 .h files
304 .cpp files
8 .java files
9 .tex files
22 .txt files
LINES OF CODE (LoC) SUMMARY
25,847 MFC resource code (rc)
1,632 LaTex code (tex)
63,127 HTML code (html hpp)
3,247 Java source code (java)
4,202 Text files (txt)
221,716 C/C++ source code (h c cpp)
TOTAL: 319,771 lines of code
2.3. Where can you get another overview about CrypTool
You can get a good overview of what CrypTool offers
- at the attached PDF presentation
(title: "Cryptology with CrypTool") and
- at the web site of CrypTool
(use the item "CT Introduction" within the left frame),
- using the menu tree in appendix A within the attached CrypTool scripts, or
- within the online help (see "starting page").
2.4. What's new in version 1.4.10
Chapter 2.2 lists the enhancements and bug fixes in CrypTool 1.4.10,
which have been added since CrypTool 1.4.00.
a) Developer-relevant changes (more technically oriented):
- Details about compilation, linking and about a consistent development
can be found in the sources in the file "readme-source".
- The sources have been compiled with Microsoft development environment
Visual Studio 2003 (VC++ v7.1).
There is already a source branch in the Subversion system, which can
be compiled with VS2005 (VC++ v8.0).
The WPF version CrypTool 2.0 will be build with VS2005 or VS2007.
- The following code changes have been necessary to make CrypTool
executable under Windows Vista:
- ShellExecute using "NULL" instead of "open" as 2nd parameter, and
explicitly mention the user starting the program.
- The editors used for text and binary are open-source:
* Hex editor / Hex control / HexView:
Link: http://www.codeguru.com/Cpp/controls/controls/article.php/c5287
Added: - Insertion and copying distinguishes between ASCII and
hex coding.
- If you copy text, you'll be asked whether the marked text
should be put into the clipboard coded as text or as hex.
- If you insert and the clipboard contains only hex characters
(an even number of them): whether to interpret this as hex
or as ASCII characters.
- Search and replace within hex documents (but without hex nulls).
* Text editor:
Link: http://scintilla.sourceforge.net/ScintillaDownload.html
Added: - You can highlight, which characters belong to the
actual alphabet.
- Search and Replace now supports regular expressions.
- From 1.4.10 NSIS is used as installation tool
(see http://nsis.sourceforge.net/Main_Page).
b) Changes within the user documentation:
- Online help: improved, strongly enhanced, index structured newly.
- Within the script: minor bug-fixes, small enhancements, some updating
(e.g. record in solving a concrete discrete-logarithm problem), new
chapter about the future of cryptography by the research
faculty of Prof. Buchmann.
- Updated and enhanced presentation (around 100 pages now).
c) New functionality:
- Bugfixes:
- Many small improvements in the masks (user interface).
- Calculation of the hash value of a file: Race condition eliminated.
- Solitaire corrected for a special case (if the output card was a
joker, it was not spent).
- Rijndael corrected for key length > 128 bit.
- The AES-Tool in version 2.4 checks, that the given key is not longer
than 256 bit ist. Additionally now you can draw via the mouse a file
from the Windows Explorer into the entry field for the file to be
encrypted.
- The key entry dialogs for the classical methods now contain a button
so you can directly change the alphabet (text option) from here (if it
does make sense).
This connection is also offered in the analysis mask for
calculating n-grams (previously there was used a fixed alphabet).
- The Hill encryption scheme has been enhanced with some variants:
- Customizable are now the matrix multiplication (from left or right)
and the value of the first letter of the alphabet.
- The key matrix can be entered not only by letters but also by
integers.
- The log file (detailed output) to explain the scheme is more
explicit now. The first letters from the cleartext are used
dynamically (instead of using a fixed string) and the matrix
multiplication is shown with these concrete numbers.
- New within the set of modern symmetric encryption methods are the
DES variants DESX (Rivest), DESL and DESXL (Ruhr University Bochum).
- Elliptic curve methods are now used not only in signatures but also
with the hybrid encryption (Ecc-AES).
Additionally there is a demonstration about addition of points on an
elliptic curve (both on discrete as on real curves).
- The educational program/game "Number Shark" was enhanced a bit.
- New are the Flash animations for AES and Enigma.
- New is the dialog to check the quality of your password.
- Also new is an Authorware e-learning program, which explains and visualizes
methods of the elementary number theory.
3. Possible areas for further development -- ideas, requests
3.1. Functionality: Algorithms / methods
- Implement additional algorithms on each topic:
* Codes:
- T9 etc. (http://en.wikipedia.org/wiki/T9_%28predictive_text%29)
* Encryption:
- Classic procedures (incl. analysis):
- Turning grille (Fleissner)
- Further rotor ciphers, Hagelin, Lorenz machine, Purple.
- Symmetric procedures:
Camellia (RFC3713), RC5 and Gost (http://vipul.net/gost),
Radio Gatun, SOSEMANUK, VSH, ...
- Public key methods: McEliece, Rabin, NTRU.
- Demonstration of visual cryptography ==> already at work!
- Integrate new methods developed at Ecrypt (Network of Excellence
in Cryptology). See http://www.ecrypt.eu.org/.
* Hashes:
- SHA2 family (SHA-256, SHA-384, SHA-512)
http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
- Tiger (http://www.cs.technion.ac.il/~biham/Reports/Tiger/)
* Protocols / weaknesses in protocols:
- Visualisation of man-in-the-middle attacks.
- Blind signatures.
- Electronic voting.
- Tripartite key exchange.
- Offer fast selection between different encryption methods using a
dialog box instead of using menus (and making all parameters of these
algorithms customizable) (see CryptoBench).
- Generate cryptographically strong elliptic curves and use these
to implement a cryptosystem based on elliptic curves.
Here, one could take the cryptosystem developed by Menezes and
Vanstone that was proposed by the authors in 1993:
A. Menezes and S. Vanstone,
"Elliptic curve cryptosystems and their implementation",
Journal of Cryptology, 6 (1993), pp 209-224.
- Because cryptographic structures and formats are often ASN.1
encoded: Integration of an ASN.1 decoding tool.
- Random numbers:
- In Germany evaluations of deterministic random number generators
are based on AIS 20 (since December 1999; AIS = Application
Notes and Interpretation of the Scheme) and evaluations of
physical random number generators are based on AIS 31 (since
September 2001). Especially AIS 31 has achieved great interest
outside of Germany: this scheme evaluates not only the quality
of the output like FIPS-140, but also the design of the generator
itself !
The documents AIS 20 and AIS 31 are both in English and German
available at the web page of the German GISA:
http://www.bsi.bund.de/zertifiz/zert/interpr/ais20e.pdf
http://www.bsi.bund.de/zertifiz/zert/interpr/ais31e.pdf
http://www.bsi.bund.de/zertifiz/zert/interpr/trngk31e.pdf
It would be a meaningful enhancement of CrypTool, to implement
these requirements on evaluating random number generators
and also to visualize them.
- Implement further standards and refer to all places, where
they (e.g. PKCS#5) are used, from a menu and from the online
help (main task here is user interface and documentation).
- Reveal the link between CrypTool (PKCS#12) and PGP by enabling the
use of PGP keys within CrypTool.
Idea: Open private key ring via a given password, analyse its
structure, get the private key (PGP sources are available) and
use this key, to decrypt PGP files with the algorithms implemented
in CrypTool. This shows, that PGP also uses the standard algorithms.
- Usage of CrypTool as a demonstrator for XML signatures.
- Visualize the password quality with a password quality meter.
3.2. Functionality: Analysis
- It would be especially desirable if analysis in all forms and its
visualization could be enhanced.
- Offering a (good) analysis for all encryption methods (which is at
least for the classic methods better than brute-force).
- Attack on symmetric encryption methods, where you have the flexibility
to reduce the parameters of the encryption method.
- Differential cryptanalysis on symmetric ciphers (DES, ...).
- Enhance the brute-force possibilities: Use knowledge about
- parts of the cleartext
- parts of the key.
- Demonstration, how long an exhaustive key search lasts (depending
on the key length).
- Analysis to be newly implemented for:
* homophone encryption
* permutations/transpositions
* Playfair encryption
- pure C sources from Gunnar-Andresson are available.
- Analysis to be improved for:
* mono-alphabetic substitution
- explicitly show mutually inverted digrams like "th"/"ht" and
double-characters like "tt".
- Show the characters which have been substituted not only
capitalized but also in red to enhance readability.
* Use word lists (dictionary) for all attacks, not only for the
substitution.
- Usage of algorithms from the area of AI (artificial intelligence) and
GP/GA (Genetic Programming/Algorithms) in order to analyse automatically
(classical) encryption ciphers.
- Mass pattern search: Implementation of an enhanced high performance
pattern search for pre-given standardized and regular patterns of any
size (e.g. in order to find multiple patterns in one file which are
also there in another file), or which searches for unknown but
repeated patterns in a document.
The search could be enhanced by additionally offering replacing.
- Search for patters using norms (i.e. "together" = 12341546).
C sources are available.
- Facilities for correcting individual characters in the analysis
of XOR, ADD, Vigenère. Ignorance of non-encrypted areas.
- Display of second-, third-, etc. -best hit in XOR/ADD analysis
(this could lead to a shorter key length).
- Autocorrelation: Execute further operations (XOR, ADD, ...) in the
blocks prior to super imposition, if appropriate.
- Make it possible to edit the homophone key (necessary for the
analysis of homophone encryption).
- Floating entropy: automatic display of relevant places with
high entropy.
- Illustrate the Vigenère analysis more deeply:
- Enable to enter not only a fixed value for the key length,
but also a range of values (e.g. "2-9"). Then show in the next
dialog for each length the statistically most appropriate
key. Eventually show the top-10 most likely keys for a given length.
Clicking at the displayed key proceeds the according
decryption. Clicking an additional button performs the
decryptions for all displayed keys.
- The analysis option "Show base ciphers" currently shows for
each "column Caesar" the graphics correlation and histogram.
Additionally the text for each column Caesar could be
displayed.
- Timing Attack on RSA / Advantages of blinding.
- Visualize current hash attacks (e.g. create postscript documents according
to Lucks or PDF documents according to BSI with the same hash value)
and explain the scenarios.
- Usage of Rainbow tables.
- Attack on the WEP protocol.
- Implement and/or visualize further attacks against concrete protocols
in order to improve future concepts.
3.3. Internal interfaces / editors
- Summary of all display modules in a logical class tree.
- Offer a view for any text file to show them in any given fixed
block length: e.g. formats xxx xxx xxx or xxxxx xxxxx xxxxx ...
- Rearrange the source to facilitate a separation of cryptographic
functions from the user interface (make ports and debugging easier).
- Enable customisation wherever possible:
Offer an option to set e.g. initial vector, number of rounds, key
length, word size or the kind of padding (e.g. for the RC5 algorithm,
see RFC2040).
Then these additional customisations must become part of the
format for the internal key storage.
- Libraries for arbitrary length numbers and cryptography:
- Support further libraries (LiDIA, FLINT/C, Wei Dai's Crypto++, ...)
- Extend existing limitations of the N-Gram analysis concerning
the file size (evtl. give user feedback and allow to stop calculation,
if a high amount of time is necessary).
3.4. User interface / visualizations
- There are several dialogs within CrypTool where special input fields
expect a special number format (decimal, hexadecimal, ...).
The dialog "The RSA Cryptosystem" e.g. allows to enter the message
as text (with an alphabet defined by you) or as a number (with 4
different base numbers); compared with that the primes here can
only be entered as decimal numbers or as terms of decimal numbers.
It would be useful if a calculator can be called from within
CrypTool as an a-modal window: it should accept terms with numbers
of any basis as input and it should show the result in several
fields in parallel with different number bases.
The right output number representation could be transferred into
the clipboard via button, or the mouse could drag the field content
directly into the entry field in the CrypTool dialog box.
- Offer a customizing feature to the user, so that he can choose that
all new windows appear within the main windows (as right now) or
as "free" (modal or a-modal) windows outside the main window.
E.g. show single dialogue windows in an a-modal way (e.g. N-gram
analysis, manual analysis, hybrid encryption demonstration).
This allows that one can switch between the main window and
the dialogue window without closing the dialogue window first
(the burden is a more complex control mechanism, handling of
multiple calls to the same dialogue, update after change of
window focus or after changing the underlying original data
within the main window, ...).
- AES-Tool:
- Integrate the PKCS#5 dialog to let the user enter letters in
his used way: then set random values for salt and iteration
counter and ask the user, to remember the generated hex value
or store it securely.
Generally within CrypTool the keys of modern encryption methods
intentionally must be typed in using the hex format.
We pedagogically did it by will, that everybody sees what type of
key the different methods expect: classical methods expect a key
built from the used alphabet, modern symmetric methods expect
binary data of key length 56 bit till 256 bit.
On the other hand people normally are used to type their input using
all ASCII keyboard buttons. Within a productive application the key
should NOT be built of ASCII-letters. If it is wished to use a ASCII
password then it is better to generate a good key from the password.
Within CrypTool both requirements (key input via ASCII and showing,
that good hex-keys are necessary) could be combined in the
following way:
Within the hexadecimal key input dialogs a button should be added,
calling the dialog "Indiv. Procedures \ Hash \ Key Generation from
Password (PKCS#5)".
The called dialog then is already customized with the right key length
and after pushing "Back" the generated key will be used as hex
input for the encryption method. In order to make this also work
for AES-256, the hash function SHA-256 must be added to the
"Key Generation from Password"-dialog.
- Make customizable by the user how big the part of text and binary
files can be which CrypTool will load.
- New magnification function in the display for graphics and/or
display of co-ordinates of the current mouse pointer position.
- Visualization:
- Visualization of dependencies and workflows in protocols
(not only "simple" algorithms) is a meaningful enhancement.
- Attacks on weak RSA keys are described in CrypTool's
online help at Help \ Scenarios \ RSA cryptosystem (demonstration),
under the topic "3. Attack on the RSA algorithm", which explains
that factorisation of the module can break the method.
This is implemented, but not visualized.
- Attacks on other asymmetric methods are not implemented in
CrypTool yet. To attack Diffie-Hellman, DSA or EC-DSA, one
has to calculate "discrete logarithms". After implementing
this it also could be visualized.
3.5. Porting to Linux, Java and VS2005/WPF
- Wish list for a future version (2.0):
- All languages supported by one program, one setup.
- More modern layout.
- More user interaction, action history.
- Dynamic change between crypto providers and languages.
- Updates of partial functionality via the internet.
- Implementation of more functions as threads (parallel, all abortable).
- Easier handling of cascade using the existing building blocks.
- Offer a recorder for user interactions.
- Handle all files as stream to be able to operate very big files.
- Porting to Linux using GCC 4.x and Qt 4.x.
- The libraries from Secude, Miracl, NTL, OpenSSL and GMP are
available.
- Divide the complete task in meaningful parts:
- graphical user interface: This is the main task.
- functionality implemented in pure C/C++: ok
- online help in HTML: ok.
- At the moment there is a first effort: http://www.cryptoolinux.net/
- Completely new designed CrypTool in Java (JCrypTool JCT):
- A major sub project, which does the port
- A Secude library, Bouncy Castle and FlexiProvider are available.
- Usage of Eclipse, SWT and Jigloo for development.
- Plug-in based architecture.
- Further developers for this project are very welcome.
- First concepts and sources are available.
- The current developers here use SourceForge with Subversion for
source code version management: http://jcryptool.sourceforge.net/ .
- Porting to Windows Vista using Visual Studio 2005 and .NET.
Usage of the new GUI API Windows Presentation Foundation (WPF)
to create multi media GUIs.
- Usage of the .NET framework (no MFC any more).
- Usage of VS2005 (no longer VS2003),
aiming to build the whole project with the free-of-charge
express edition for C++/C#.
- A prototype is already available in an extra source branch
in the CrypTool subversion repository, where everyone has read
access using the user "anonymous".
- Further developers and ambitious graphical designers are more
than welcome in this new project.
- This is an own branch within the current CrypTool subversion repository.
3.6. Meaningful tasks to make the new maintainer familiar with
- Integration of further classic methods like e.g. autokey, Nihilist
or Enigma (without visualization).
- Integrate the RC5 algorithms as described above, in order to
see all places where to enhance the sources (function itself,
options, menus + status line info, online help, ...).
- Offer all kind of transpositions and superpositions for the
content of text windows in an easy-to-use dialogue window.
- Show in a dialog all keys which are saved for the different
encryption methods.
- Pattern matching dialogs.
- Create a test suite with examples and solutions, in order to
automate testing and to make sure, that program changes do not
negatively influence old and running functionality:
a) interface, to load test cases manually into the dialog boxes
b) interface, to load test cases from a file into the different
dialog boxes.
Maybe build a script language to control all dialogues or
use automated test tools off-the-shelf.
c) create command line interface (best after within the source
pure crypto functionality is separated from user-interaction)
so test cases can be read from a file without using
dialog boxes (without user interface), solved and the result
again written to a file:
-> automatic comparison of the solution possible
-> new version can be tested easier.
4. Limitations and requirements
4.1. Scope of this Education, training and awareness software
CrypTool is a demonstration primarily for training and awareness
purposes, which is intended to be used at once without any previous
configuration work.
Therefore the development goal of CrypTool was not to be used
productively for encryption or as a Certification Authority (CA) --
despite the functions are correctly implemented in CrypTool.
For instance - contrary to productive CA applications - the CA key pair
is contained directly within the software (source and binary) and
it is protected with a very simple PIN for the CA-PSE (personal
security environment).
The root key of the CA built in CrypTool 1.4.10 has a length of 2048
bit and it is valid for 20 years (July 6th, 2006 - July 6th, 2026).
Certificates issued with the root key of older CrypTool versions
(1.3.05 and older) cannot be imported in version 1.4.10.
Please notice when creating user certificates with CrypTool, that each
CrypTool program contains a root CA with the same key pair.
This means that everybody (!), who uses CrypTool, can sign user
certificates with this built-in CA.
Professional PKI software like the OpenXPKI, the FlexiTRUST from
FlexSecure, Entrust, the Secude CA or the Microsoft CA additionally
manage the whole certificate life-cycle, offer CRL handling, take care
for unique serial numbers and use defined registration processes.
Nevertheless all the modern crypto algorithms in CrypTool are
implemented according to international standards and are working
as "well" as in productive applications.
4.2. Win32 environment and roadmap
CrypTool requires a Win32 environment.
Some funcions require an installed Java Runtime Environment (>= version 1.5).
The computer equipment should have at least a 300 MHz CPU, 256 MByte RAM,
and 40 MByte free space on the hard drive (low requirements).
It is supported that CrypTool 1.4.10 runs under Windows XP and Windows Vista.
CrypTool doesn't need administrator access rights - neither for the
installation nor for the usage.
Different language versions (localizations) can be used in parallel at one
computer.
Persistent data is written only into the CrypTool directory, into
the Windows directory for temporary files (TEMP directory) or into
the user specific part of the Windows registry (Details see
chapter 3) (There are mo INI files used any more).
Remark: Where the TEMP directory of Windows is, can be seen by
entering %TEMP% in the Windows Explorer. The value can also be seen
and adjusted under Windows XP via "System --> System properties
--> Tab Enhanced --> Environment variables".
CrypTool also works basically under FreeBSD/Linux with Wine
(with reservations on functionality and stability).
See appendix 11.1.
Future goals are to port CrypTool to Linux or Java, and to create a
version 2.0 using Windows WPF (see chapter 3.5).
4.3. Interactive online help under Windows XP
Using Windows XP there is a special case where it is not
possible to get the online help via F1: Only menu entries with
submenus are affected. The problem only occurs while the submenu
is displayed. In this case pressing F1 has no effect.
Usually you can also help in CrypTool also for selected menu items
which itself have submenus -- independent of whether the submenu
is popped up or not.
Under Windows XP you only get the online help, if the submenu
is not popped up.
With other versions of Windows this doesn't matter - there it is
only important, that the menu has the focus.
Workaround with example:
Select the menu item "Indiv. Procedures \ RSA Cryptosystem":
If the submenu of "RSA Cryptosystem" pops up, but you want to
get help for the menu item "RSA Cryptosystem" itself, only
under Windows XP you have to close the submenu of
"RSA Cryptosystem" using the Esc or the left arrow key, and then
press F1.
4.4. Support for different languages
Program, help facility and the documentation are designed to run
in more than one language (currently in English and German).
The current Polish program has all its menus and dialogs in Polish.
The PDF files are still added in English.
For each supported language we deliver at the moment an extra setup.
4.5. Restrictions / Features
- In order to demonstrate the RSA cryptosystem and to factorize
integers CrypTool uses the long integer arithmetic of the Miracl
library from Shamus Software Ltd. We restricted the integer bit
length up to 8192.
- From binary files "only" the first almost 2 GB can be loaded into
the hex editor (< 0x7ffff000 = 2.147.479.552 Bytes).
In contrast text files can be loaded in unlimited size by the text
editor (if you got enough resources on your pc).
- Reading and saving text file always uses the two characters CR/NL
(so usual under Windows) to characterize the begin of a new line.
This means that documents you get from unix, where a new line is
characterized only with the character LF) are getting longer [LF
is changed into CR/NL]. So the validation of a signature could fail.
- Display of special mathematical characters within the HTML help:
Microsoft's HTML-Help calls the predefined Microsoft Internet Explorer
(IE). Version IE 6 sometimes has problems, to display mathematical
characters like the Gauss bracket.
If your computer has IE7 as predefined Microsoft browser, the it
works ok.
The basic HTML files, which are aggregated within the CHM file are
displayed correct with IE7 and Firefox 1.5 and 2.0.
Within the online help chapter about the modulo operator the Gauss
bracket is used to describe the next lower integer.
- For performance reasons it was decided that CrypTool limits the
document size when performing n-gram analysis:
- for binary data up to 64 kByte and
- for text data up to 256 kByte.
Files opened, which are longer, are truncated -- only in this
special analysis -- to the maximal length.
- Hash values of external files, which are not loaded into the internal
editor, can be calculated for files of any size.
- With the AES-Tool you can encrypt and archive files with a
maximum size of 4 GB (as long as compiled with VS2003).
Please keep in mind, that the output of the stand-alone AES-Tool
is not identical with the output you get within CrypTool, using
the menu item sequence "Crypt/Decrypt \ Symmetric (modern) \
Rijndael (AES)" (even if you create a file with has the extension
"aes"). CrypTool itself currently uses a fixed IV (0), which is
not stored. AES-Tool uses a random IV, which is appended together
with the file name to the end of the encrypted data.
4.6. Using certificates created with older CrypTool versions
If you want to keep on using certificates, created with CrypTool versions
older than 1.4.00, you can do so:
a) for RSA and DSA keys:
Export the PSEs with the old CrypTool into a PKCS#12 format and
load these files into the new CrypTool.
b) for ECC keys:
Here it is enough, to copy the according files
(e.g. [da][db][EC-prime239v1][1131039030][d] )
from the old CrypTool\pse directory into the new one.
5. Installation / de-installation / operating
5.1. Installation and further usage of keys of previous versions
To install CrypTool on your PC, copy the CrypTool setup executable
to a suitable place in the file system and double-click on it.
The default target directory is "C:\Program Files\CrypTool".
The target directory can be altered in the installation routine.
You need access rights for the target directory.
If you install it as administrator in "C:\Program Files\CrypTool"
then you still can run CrypTool later as a normal user.
If you change the name of the target directory "CrypTool" e.g. in
"CrypTool-1.4.10-Final-E", then the entry in the start menu of the
Windows task bar will adapted accordingly.
If you already possess an earlier version of CrypTool, it is
recommended uninstalling the old version of CrypTool before
installing the new one, as otherwise it is possible that some
of the old files will not be overwritten. Please note:
- During de-installation not all of the directories and files in
the program directories (normally "C:\Program Files\CrypTool")
may be deleted. If so, delete these manually.
- De-installation will delete all user generated asymmetric keys.
If you intend to further use those keys also in the newly installed
version of CrypTool, then perform the following steps. Copy the
entire pse\ directory in order to protect these keys. De-install
CrypTool and install the new version. Finally copy the saved
pse\ directory to the installation folder. Also see chapter 4.6.
Alternatively you can export/import RSA and DSA PSEs using the
PKCS#12 format.
Please note that it might be necessary to adjust the access
permissions if multiple users want to share one CrypTool
installation. In that case set the access rights in the
sub-trees "pse\" and "pse\pseca\" to full access for each user.
The "pse\" sub-tree should not be manually altered as, if the
structure becomes inconsistent, it may be necessary to completely
reinstall CrypTool in order to use the certificate based methods.
5.2. Installation under multi-user operating systems
In multi-user systems like Windows XP the administrator has full
access to the whole file system; the other users are normally
restricted.
If a normal user installs CrypTool he needs write access for the
directory in which CrypTool should be installed:
- e.g. for the directory %ProgramFiles% (normally C:\Program Files),
if the sub-directory "CrypTool" does not already exist; or
- for the directory %ProgramFiles%\CrypTool (C:\Program Files\CrypTool),
if this already exists.
If he does not have these rights, the installation program stops.
Therefore as a normal user without admin access rights, you should specify
as target directory a so called "local directory" (instead of "C:\Programme").
"Local" and accessible for any user could be e.g.: %ALLUSERSPROFILE%
(The default of the English Windows XP is:
"C:\Documents and Settings\All Users").
If you install CrypTool without administrator rights and you also have no
write access to %ALLUSERSPROFILE%\Start Menu, then the CrypTool specific
entries are missing in the start menu of WXP ("Start \ All Programs").
But every user can add these entries manually.
Remark: In the same way as with %TEMP%, you can see, where these directories
are on your disk by entering in the Windows Explorer %ALLUSERSPROFILE% or
%userprofile%.
5.3. De-installation of CrypTool
To de-install use the "Start" menu entry in the windows task bar.
Go for "All programs" \ "CrypTool".
Click "Uninstall CrypTool".
5.4. Operating under multi-user operating systems
a) All user-specific parameters are stored in the local registry
(including the files lastly opened): So no ini-file in the
Windows directory is needed any more and operating for multi-users
is supported.
b) If the user wants to create (or change) files from within CrypTool in
multi-user systems like Windows XP, then he needs writing access for
the appropriate target directory (or for the appropriate files).
If this does not work, the user normally gets a warning.
Writing access is explicitly necessary for only two directories:
- the default Windows directory for temporary files (TEMP) for the
cry*.* files,
- the sub-directory "CrypTool\pse", where the created asymmetric keys
and certificates are stored in.
c) Central installation on a Windows network server:
Especially in courses at schools educational software is only installed
at the central machine; the client PCs are calling the program from there.
This works with the program CrypTool itself. But if the online help is
called from a client PC, then it will not be displayed according to the
default settings of Windows XP. This is no problem specific for CrypTool,
but for all Windows online help.
The HTML-Help-program then normally only shows the content overview of
the index, but not the content of single help pages.
Online help under Windows normally comes from a CHM file, which bundles
all single HTML help files. Within the Microsoft HTML-Help-program the
Internet Explorer is used to display the HTML help files bundled in the
CHM file.
Early XP versions allowed a client PC to display help files on a server.
To close a security gap the Windows XP update (KB896358) was distributed.
Unfortunately this patch also causes that the Microsoft HTML help
doesn't display the actual help page [but the meta information like
content, index or search words are displayed correctly], if you want
to access from a client help files stored at a server.
Workaround:
Because de-installing a patch is no good idea and because in this scenario
it is not wanted to store the CHM files locally, you can change or add
a special registry entry:
Assuming that the CHM files are stored at a server partition X: With the
UNC path "\\dir-1\\dir-2" , you can allow the client PC to access
the server partition by adding the following entry at all client PCs:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\HTMLHelp\1.x\ItssRestrictions]
"UrlAllowList"="\\dir-1\\dir-2;file://\\dir-1\\dir-2;X:\\dir-1\\dir-2;file://X:\\dir-1\\dir-2"
ATTENTION: Changing the registry can cause Windows to stop working. You are
solely responsible for such changes.
To change the client's registry you probably need administrator rights.
Further information:
- http://support.microsoft.com/kb/896054
- http://www.robo-forum.de/cgi-bin/ultimatebb.cgi?ubb=get_topic;f=10;t=000065
6. List of delivered files
The package is distributed as a compressed, self extracting archive
in three different language versions:
SetupCrypTool_1_4_10_en.exe English language support only.
SetupCrypTool_1_4_10_de.exe German language support only.
The files, additionally delivered with the Polish version are not yet
considered here.
The self-extracting archives contain the following files:
ReadMe-en.txt .... This brief instruction (English).
ReadMe-de.txt .... This brief instruction (German).
md5sum.txt ....... MD5 hash values of all files within the CrypTool package.
sha1sum.txt ...... SHA-1 hash values of all these files.
CrypTool.exe ..... The executable e-learning program (English and German).
aestool.exe ...... A program (D + E) which encrypts files into
self-extracting programs. To decrypt the files,
the correct password must be entered.
CrypTool-en.chm .. HTML help archive containing the CrypTool online help
system in English.
CrypTool-de.chm .. The German version of "CrypTool-en.chm".
EC-Param.ini ..... Initialisation file for public key procedures
based on elliptic curves.
TEST-Param.ini ... Initialisation file for random number tests.
secude.dll ....... Library of cryptographic functions provided by
Secude IT Security GmbH.
ticket ........... License for the Secude library.
libxml2.dll ...... Is used by the secude.dll.
secidea.dll ...... Is used by the secude.dll for IDEA encryption.
srndmskb.dll ..... Used by secude.dll for collecting entropy when
initializing the Secude random number generator.
db.dll ........... Is used by the secude.dll.
secude.xml ....... Is used by the secude.dll.
libeay32.dll ..... Library from OpenSSL.
SciLexer.dll ..... Library with the routines for the Scintilla text
editor.
Rijndael-Animation.exe .. Animation (Flash) of the AES algorithm.
Rijndael-Inspector.exe .. Animation (Flash) of the changes within the
data block when processing the AES algorithmu.
Enigma_en.exe .... Animation (Flash) of the 3-rotor Enigma machine.
Enigma_de.exe .... The German version of "Enigma_en.exe".
Enigma-Help_en.html .. HTML online help of "Enigma_en.exe" (English).
Enigma-Help_de.html .. The German version of "Enigma-Help_en.html".
eccdemo.jar ...... Demonstration (Java) of adding points on elliptic curves.
NT.exe ........... Educational program (Authorware) of number theory.
ZT.exe ........... The German version of "NT.exe".
TextNumberConverter.exe .. Auxiliary program of "NT.exe".
TextZahlWandler.exe ...... The German version of "TextNumberConverter.exe".
ToolBarWrapper.dll .. Necessary for the Authorware program NT.exe
NumberShark.exe .. The executable program of the educational game "NumberShark".
Zahlenhai.exe .... The German version of "NumberShark.exe".
NumberShark_en.chm HTML help archive for tne NumberShark online help (English).
NumberShark_de.chm The German version of "NumberShark_en.chm".
GameData.txt ..... First high-scores for the NumberShark game.
script-en.pdf .... A script on cryptography, prime numbers,
elementary number theory and the mathematics
behind certain algorithms.
script-de.pdf .... The German version of script-en.pdf.
CrypToolPresentation_1_4_10_en.pdf .. Slides presentation
CrypToolPresentation_1_4_10_de.pdf .. German version of presentation.
DialogueSisters.pdf ... Fantasy story by Dr. Elsner describing a
variant of the RSA cryptosystem.
DialogSchwestern.pdf .. German version of DialogueSisters.pdf.
ChinLab-en.pdf.pdf .. Story by Dr. Elsner about basic number theory
problems assigned to Marco Polo by the Great
Khan.
ChinLab-de.pdf.pdf .. German version of ChinLab-en.pdf.
Uninstall.exe .... Part of the NSIS installer.
examples\ ........ This directory contains various sample files
which are used in the scenarios provided in the
program. Files ending with the suffix ".txt"
are text files. All other files are binary.
Files whose names are in the format
"XX-enc-YY.*" are encrypted files. Please do
not change these files.
examples\CrypTool-en.txt
\CrypTool-de.txt
\CrypTool.bmp
\Playfair-enc-de.txt
\probetext-de.txt
\psion-enc.hex
\vernam.txt
\Startingexample-en.txt
\Startbeispiel-de.txt
\original.txt ..... "Harmless" sample for the hash collision
demonstration.
\Original.txt ..... German version of original.txt
\fake.txt ......... "Dangerous" sample for the hash collision
demonstration.
\Faelschung.txt ... German version of fake.txt
\letterFromAliceToBob-DECRYPTED-en.txt .. Sample files for the
\letterFromAliceToBob-DECRYPTED-de.txt .. demonstration of the
\letterFromAliceToBob-ENCRYPTED-en.hex .. side-channel attack on
\letterFromAliceToBob-ENCRYPTED-de.hex .. hybrid encryption.
\state2.hex ....... un-encrypted sample data of ...
\state2-enc.hex ... encrypted sample data of "Rijndael-Animation.exe",
used and created with "CrypTool.exe".
references\ ...... This directory contains text files in the
languages German, English, French, Spanish and
Latin. These files are routinely used as
references for the analysis of encrypted
texts. These files are write-protected.
references\deutsch.txt // Extract from the German value-added tax law
\english.txt // Extract from Agenda 21 [UN document]
\genesis-de.txt // Book of Genesis in the
\genesis-en.txt // languages German, English
\genesis-es.txt // French, Spanish and Latin.
\genesis-fr.txt // The 2-letter codes are according
\genesis-la.txt // to the ISO 639 language codes.
pse\ ............. This directory and its subdirectory pseca\ are
used to store (asymmetric) keys and
certificates that have been generated.
pse\[SideChannelAttack][Bob][RSA-512][1152179494][PIN=1234].pse
pse\pseca\calog These files are necessary for the administration of
\capse the key database.
\CA_exts
\cert.dir
\cert.pag
\CRL_exts
\crls.dir
\crls.pag
\user.dir
\user.pag
animal\ .......... This directory contains files, necessary for the
animation program ANIMAL.
animal\Animal-2.0.2.jar
\animal.bat
\animal.properties
\AnimalResources
\AnimalResources.de
\AnimalResources.de_DE
\AnimalResources.en
\AnimalResources.en_US
\AnimalResources.es
\AnimalResources.es_SP
\animList.txt
\anmTypes.dat
\default.properties
\Editors.dat
\elementDefinitions
\exporters.dat
\figTypes.dat
\handlers.dat
\imgTypes.dat
\importers.dat
\languages.dat
\languages.default
\parser.config
\txtTypes.dat
\types.dat
animal\anims ..... This directory contains AML files.
Each AML file contains the description of an
animation for an encryption method.
animal\anims\caesar_de.aml
\caesar_en.aml
\des_de.aml
\des_en.aml
\nihilist_de.aml
\nihilist_en.aml
\vigenere_de.aml
\vigenere_en.aml
Bc\ .............. This directory and the ones below contain the utility
BC for calculations with arbitrary precision. It belongs
to "NT.exe", from where it can be started directly.
Only bc.exe and bc.1.txt are part of the original distribution;
the remaining BC files are from the "NT.exe" author and contain
scripts with number theoretic functions.
Bc\bc.1.txt
\bc.deutsch.txt ... German translation of bc.1.txt
\Bc.exe
\BCmax.bat
\bruch.txt
\calc.txt
\dislog.txt
\ECM.TXT
\pi.txt
\polynom.txt
\Prims.txt
\quadRest.txt
\res.txt
\seed
\sieb.txt
\testBruch.bat
\testPi.bat
\testPolynom.bat
\testSieb.bat
Bc\contrib\Authors
\bc-1.06.README
\ChangeLog
\COPYING
\COPYING.LIB
\FAQ
\INSTALL
\install-sh
\News
\README
\Bc\manifest\bc-1.06-bin.mft
\bc-1.06-bin.ver
xtras\ ............ Files needed by Authorware, used to build "NT.exe"
xtras\BMPVIEW.X32
\MIX32.X32
\VIEWSVC.X32
While CrypTool is running, the following files are generated and
managed:
cry*.* ........... CrypTool writes temporary files to the \temp
directory (file names begin with cry*.*).
These files have the following file extensions:
txt -> text file view
hex -> hexadecimal (binary) view
plt -> diagram/plot view (histogram, autocorrelation)
ogl -> OpenGL graphics view
org -> copy of an original file after file open
tmp -> temporary file for intermediate results
6.1. Checking the integrity of downloaded files
The integrity of files can be verified using hash values.
Hash values are like fingerprints -- with a small information base you
are able to identify a much larger object.
The files of the CrypTool project normally get on your computer by
downloading the archive (setup file) and unpacking the archive:
a) Downloadable files:
At the homepage of CrypTool www.cryptool.org you can find the
hash values of all files directly downloadable from the English
Web page within the files md5sum.txt and sha1sum.txt.
If you newly calculate the hash of a downloaded file and then
compare it with the values at the CrypTool homepage, you can see,
whether you got an unchanged copy of the original file or not.
If the hash values are different you should download the file
again and eventually try to find the reason, why you had a
modified file at your computer.
b) Additionally you can check the files WITHIN the downloaded setup
package:
The hash values of these files are within the files md5sum.txt
and sha1sum.txt, which will be unpacked as part of the archive.
In order to do the integrity check of the downloaded or unpacked files
you can use the wide-spread tools MD5SUM and SHA1SUM.
Alternatively you can use the program CrypTool itself:
The hash values of "external" files can be calculated, even
without loading them into CrypTool:
- click the menu "Indiv. Procedures \ Hash \ Hash Value of a File",
- open the regarding file,
- choose MD5 or SHA1 as hash algorithm,
- compare the shown hash value with the value within md5sum.txt or
sha1sum.txt.
Security reasons recommend to do the comparison for binary
files (EXE, DLL, PDF, ...), if you are not quite sure, that
your computer is untouched.
7. Brief history of the released main versions of CrypTool
Version Date Size of Windows Setup Needed Size Released
English German ca. on disc by
1.0.01 Oct. 1999 - 1.3 MB - DB
1.1.01 May 2000 - 2.3 MB - DB
1.2.00 Aug. 2000 - 2.8 MB - DB
1.2.02 Dec. 2000 - 3.2 MB - DB
1.3.00 Jan. 2002 4.7 MB 4.9 MB - DB
1.3.02 June 2002 6.4 MB 6.9 MB - DB
1.3.03 Sep. 2002 6.5 MB 6.9 MB - DB
1.3.04 July 2003 8.1 MB 8.6 MB - DB
1.3.05 Aug. 2003 8.2 MB 8.6 MB - DB
1.4.00 July 2006 18.2 MB 18.4 MB - DB
1.4.10 July 2007 26.7 MB 27.5 MB 47 MB DB
Remarks about the versions:
1.3.02 Many new functions compared to 1.3.00.
1.3.03 Many minor bug fixes and documentation improvements.
1.3.04 Some new functionality, some minor bug fixes, and major
documentation improvements and enhancements (online help, script).
1.3.05 Some minor bug fixes.
1.4.00 Beta10 Dec. 2005 First public beta of version 1.4.00.
1.4.00 Beta12 Mar. 2006 Second public beta of version 1.4.00.
1.4.00 Beta14 July 2006 Third public beta of version 1.4.00.
1.4.00 Many new functions compared to 1.3.05.
1.4.10 Beta04 May 2007 First public beta of version 1.4.10.
1.4.10 Beta06 July 2007 Second public beta of version 1.4.10.
1.4.10 Set of functions and online help heavily enhanced compared to 1.4.00.
8. Feedback
If you have any problems or find any errors, please do not hesitate to
send an exhaustive description of the problem (and some screenshots)
via e-mail to one of the persons mentioned in chapter 9 below or
to the mailing list.
We would be very grateful for suggestions of any kind regarding
CrypTool and we'll be helpful whenever our time allows.
We would also be interested to hear how and where you use
CrypTool.
9. Contact addresses
- esslinger@fb5.uni-siegen.de
- joerg-cornelius.schneider@db.com
- henrik.koy@db.com
- cryptool-list@sec.informatik.tu-darmstadt.de
10. References / Hints / Awards
10.1. Articles about CrypTool
10.1.1. c't 14/2001, pp 204-208
A 5-page article on CrypTool was published in July 2001 in this
renowned and widely circulated German computer magazine.
10.1.2. DuD October 2002
A 4-page article on CrypTool was published under the title
"CrypTool - spielerischer Einstieg in klassische und moderne
Kryptographie. Neue Version - fundierte Awareness in Deutsch
und Englisch" in the German technical journal "DuD Datenschutz
und Datensicherheit" (Privacy and Data Protection) in the
issue 10/2002.
10.1.3. KES 2/2003 (May 2003)
A 6-page article on CrypTool was published under the title
"(Ver)Schlüsselerlebnisse - CrypTool unterstützt Verständnis für
die Grundlagen der Internetsicherheit" in the German technical
journal "KES - Zeitschrift für Informations-Sicherheit" (journal
for information security) in the issue 2/2003.
[The Title means "Experience cryptography -- CrypTool improves the
understanding of information security].
10.1.4. Proceedings 8th German IT-Security Congress of GISA (May 2003)
The presentation "Awareness in der Informationsgesellschaft: CrypTool
- Kryptographie spielerisch verstehen" was given by Mr Koy at the GISA
(German Information Security Agency) congress 2003 in Bonn.
The article for the congress is within the proceedings, "IT-Sicherheit
im verteilten Chaos", at page 485 - 500.
10.1.5. Datenschutz PRAXIS (June 2005)
A 2-page article on CrypTool was published under the title
"Spielend verschlüsseln lernen mit dem kostenlosen CrypTool" by
Dr. Rainer W. Gerling, in the German journal "Datenschutz PRAXIS",
in the issue June 2005
[The Title means "Learn playfully how to encrypt with the free software
CrypTool].
10.1.6. Report Touch Briefing Information Security (October 2006)
The "Touch Briefing Information Security" report 2006 contains the article
"The CrypTool Project – Improving Awareness and Education for Cryptology".
Accessable via: http://www.touchbriefings.com/pdf/2259/esslinger.pdf
Using the search keyswords "awareness cryptology" both google.de and
google.com afterwards listed this article at the top ranking.
10.2. Further references
10.2.1. Wirtschaftswoche special issue
In the special issue "Cryptography" of the magazine Wirtschaftswoche
(Sept. 2000) there was a competition entitled "Crack the text!".
Please see http://www.wiwo.de/wiwowwwangebot/fn/ww/sfn/buildww/cn/
cn_artikel/id/62633!100301/SH/0/depot/0/bt/1/index.html.
If you followed the hints provided, you could be able to crack the
task using CrypTool in a few mouse clicks.
10.2.2. GISA citizen CD "Into the Internet - with Security"
The German Information Security Agency (GISA) and the German
ministry for internal affairs published in spring 2002 a CD
in order to inform citizens how to use computers and Internet
and how one can securely use the Internet.
CrypTool is included on this CD to raise the knowledge about
cryptographic security functions.
More than 600,000 copies of this CD have been produced.
The content of this CD is the basic for the GISA security portal
"for inexperienced Internet users" (http://www.bsi-fuer-buerger.de).
10.2.3. GISA Software Suite BOSS 2.0 (Jan. 2007)
The German Information Security Agency (GISA) delivered CrypTool 1.4.00
as part of the software suite "BSI OSS Security Suite 2.0 (BOSS)".
See http://www.bsi.de/produkte/boss/index.htm
10.2.3. Mentions on different web sites
a) When writing "The Code Book" Simon Singh collected on his web site
http://www.simonsingh.net/ a lot of material about cryptography, its
history and its education.
Within his newsletter (http://www.simonsingh.net/Newsletter_13.html)
from Feb 11, 2004 he recommends CrypTool as one of four worldwide
crypto tutorials:
- www.simonsingh.net/The_Black_Chamber/home.html
- www.cryptoclub.math.uic.edu/indexmain.html
- www.antilles.k12.vi.us/math/cryptotut/home.htm
- www.cryptool.com
b) The Professional Security Testers Warehouse (PST) had a submission by
Jaganmohan Kataru (CISSP, MCSE) in the Security News Dashboard at Sep
21, 2005 with the post subject: "eLearning Program for Cryptology":
http://www.professionalsecuritytesters.org/modules.php?name=Forums&
file=viewtopic&t=34
Similar post was at the "CISSP, SSCP, CISM, CISA, ISSPCS, and SANS
GIAC GCFW Open Study Guides Web site" for Cryptography
http://www.cccure.org/modules.php?name=News&new_topic=51 with the
title "Cryptool A great tool to learn more about cryptography",
posted on Thursday, September 22, 2005.
c) Wikipedia:
- English:
- http://en.wikipedia.org/wiki/Cryptool
- http://en.wikipedia.org/wiki/Cryptography
- http://en.wikipedia.org/wiki/Topics_in_Cryptography
- German:
- http://de.wikipedia.org/wiki/CrypTool
- http://de.wikipedia.org/wiki/Kryptographie
- http://de.wikipedia.org/wiki/Wikipedia:WikiProjekt_Kryptologie
- French:
- fr.wikipedia.org/wiki/Cryptool
- Polish:
- http://pl.wikipedia.org/wiki/Kryptografia
d) A small selection of further pages:
http://www.pki-page.org/
http://www.bsi-fuer-buerger.de/toolbox/tb08.htm
http://www.itejas.com/index.php/2005/09/22/learn_cryptography_with_cryptool
http://www.privacycom.net/pwatch/viewArticle.php?article=48
https://www.a-i3.org/content/view/415/28/
http://www.fh-lueneburg.de/mathe-lehramt/krypto/krypto.htm
http://www.kryptographiespielplatz.de/
http://www.tinohempel.de/info/info/kryptografie/index.htm
http://www.edsb.ch/e/themen/sicherheit/tipps/kap4.htm
http://www.roehri.ch/~sr/links/crypto.html
http://williamstallings.com/Crypto/Crypto4e.html
(resource site for the book "Cryptography and Network Security",
4th edition by William Stallings)
...
10.3. Further freeware projects (Crank, CAP, CryptoStudio, etc)
Available with complete source code are:
- http://freshmeat.net/projects/crank/
Crank was initiated in January 2001 by Matthew Russell and is
released under the GNU general public license, the GPL.
In the Crank project the idea was to create a program with a graphical
user interface under Linux which will allow to automatically break
classical crypto algorithms.
The focus was on the analysis of mono-alphabetic substitution ciphers
and the development of generic and flexible analysis tools.
The current version 0.2.1 was released in August 2001. Since then
no further development took place.
On the project web page there are also some interesting links
on classical cryptanalysis.
- http://freshmeat.net/projects/griffon/
Griffon was started in 2000 by Adrian Mulvaney and is
released under the GNU general public license, the GPL.
Griffon is a GTK+ GUI cryptanalysis package for pre-digital ciphers.
Mono-alphabetic transposition and substitution ciphers and Playfair
are covered. The program includes a customizable frequency count.
The current version 1.0 was released in November 2000. Since then
no further development took place.
- http://www.kryptosproject.org/ (old)
http://kryptosproject.sourceforge.net/ (new)
Kryptos is an open source project begun at the George Mason University.
Kryptos is educational software for teaching cryptography with a
static GUI, but many modern algorithms, which can origin from
different dynamically selectable crypto libraries.
It has no cryptanalysis functions.
The current version Kryptos 3.01 was released in December 2006
and requires .NET Framework 2.0.
- http://cryptostudio.sourceforge.net/
CryptoStudio from Prof. Marco Russo
The current version 1.0 was releases in June 2005 and is available
in English and Italian.
It is a GUI (looking like Microsoft's Visual Studio) offering
functions of the general purpose cryptographic open source library
OpenSSL and using its command line tools. So the web page states:
"Many of the CryptoStudio functionalities are a mere GUI wrapper of
OpenSSL tools, intended to make those tools available also to
uninitiated users".
Users can also find utilities for file encryption, basic s/mime mail
management etc., but no cryptanalysis.
- http://gcipher.sourceforge.net/
GCipher is a small encryption tool for Unix, without online help and without
cryptanalysis. The three classic ciphers can be performed via the GUI as
well as via command line and via network proxy.
The current version 1.0 was published in June 2003 by Shannon -jj Behrens.
The only other programs known to us, which usefully combine
cryptography and cryptanalysis (under a graphical user interface),
are such, where the source code is not public:
- CAP from Dr. Richard Spillman
The current version 4.1 was released in 2004 for download.
This software exists in English only.
From the programs we know, CAP and CrypTool have the most
exhaustive functions for cryptanalysis.
http://www.cs.plu.edu/courses/privacy/index.htm
- CryptAid from David Lovelock
(development probably stopped already in 1997)
http://archives.math.utk.edu/software/msdos/miscellaneous/cryptaid/.html
- The Visual Basic program "Cryptological Mathematics" from
Prof. R.E. Lewand (vivid presentation of some number theoretic
functions, functions for encryption and encryption; no functions
for cryptanalysis; software to accompany his book; probably from the
year 2001)
http://faculty.goucher.edu/blewand/cryptomath/companion_software.htm
- John Trafton's student cryptography project in Java:
(single statistical functions and classical encryption methods;
available since December 2002)
http://phoenix.goucher.edu/~jtrafton/Crypto.
- Wilhelm M. Plotz' Java application "CipherClerk"
(encryption and decryption with many classic algorithms;
last update in 2003)
http://members.aon.at/cipherclerk/
- CryptoBench - GUI around Wei Dai's Crypto++ library
Compact and clearly arranged GUI implemented around Wei Dai's
Crypto++ library (no cryptanalysis).
The current version 1.0.1 of the CryptoBench exists since 2004.
Wei Dai's Crypto++ library is open source, the GUI of CryptoBench is
freeware, but not open source.
http://www.addario.org/cryptobench/
If we are missing something here or are incorrect anyhow, please feel
free to inform us, so that we can complete or correct the list.
We explicitly want to state, that we would welcome very much if the
efforts made for these single programs could be combined into one
merged new program. We are very keen about any co-operation!!
In general the biggest award for us is, if CrypTool is broadly used in
education and training. Additionally we have been very glad about the many
positive feedback we got so far.
CrypTool was honoured with the following awards (see web page):
- TeleTrusT Special Award
The TeleTrusT Special Award for education about cryptography and
promoting acceptance, awareness and understanding of cryptographic
methods was conferred at the ISSE conference.
- European Information Security Award 2004
The CrypTool project was a finalist in the European Information
Security Award (EISA 2004) in the category education and training,
hosted by the RSA conference Europe.
- IT Security Award NRW 2004
CrypTool and the Institute of Information Systems (University of
Siegen) received the IT Security Award NRW in the category education
(e-learning / knowledge transfer about cryptology).
11. Appendix
11.1. Hints for using CrypTool on Linux with Wine
11.1.1. ... Installing CrypTool
11.1.2. ... Wine configuration
11.1.3. ... Running CrypTool
11.1. Hints for using CrypTool on Linux with Wine
These hints are based on tests with Wine 0.9.9.
We do not recommend to use CrypTool under Wine, because too many things
there only work partly. A full featured CrypTool version for Linux can
be expected if the port using GCC and Qt4 is successful (see chapter
3.5). Any developers who can contribute to this sub project are most
welcome.
11.1.1. Installing CrypTool
In the last step of the installation wizard the user has the
option to start CrypTool. This does not work under Wine. Please
start CrypTool as described below.
11.1.2. Wine configuration
CrypTool does not work with the version of riched32.dll built into
Wine. Try to open a file. It will show up empty if the wrong
version of riched32.dll is used. The problem will probably not
occur if Wine is configured to use an existing Windows partition.
If you use Wine without Windows perform the following steps to fix
the problem:
- Install CrypTool.
- Get hold of riched32.dll (we are using version 5.0.1458.47)
and copy it in the CrypTool installation directory.
Possibly you have to perform the same procedure with other DLLs
used by riched32.dll.
Their names are listed in Wine's error output.
- Configure Wine to use it.
In the standard configuration this works.
If it does not add the following line in the [DllOverrides]
section of the Wine configuration file:
"riched32" = "native,builtin"
11.1.3. Running CrypTool
To start CrypTool change to the directory where it was installed
and start it with:
$ wine CrypTool
If you do not change to the installation directory CrypTool will
not find some important files.
11.1.3.2. Bugs and workarounds
* The online help cannot be invoked with F1.
Use the following line to display the online help:
$ wine winhlp32 CrypTool.hlp
|