* THIS FILE CONTAINS IMPORTANT INFORMATION - READ CAREFULLY BEFORE PROCEEDING *
The IRIS distribution disk contains the following files:
IRIS.EXE - The PC-IRIS program
IRIS.DOC - Ascii documentation for IRIS
KEYS.DAT - Sample cipher key file
ENCRYPT.BAT - A quick interface to IRIS for file encryption
DECRYPT.BAT - A quick interface to IRIS for file decryption
READ-ME.DOC - Last minute notes / revisions
REGISTER.DOC - Registration details and order form
DEMO.BAT - DES file encryption demonstration
OZY.TXT - Text file used by demo
IR.BAT - Batch file to start IRIS from the root
INSTALL.BAT - Installation procedure
MERLIN.EXE - Encrypting COPY clone
MERLIN.DOC - Ascii documentation for MERLIN
LOCK.EXE - Session lock facility
LOCK.DOC - Ascii documentation for LOCK
The INSTALL procedure will create a directory '\IRIS', and copy the required
files into it. The command format is:
INSTALL source-drive target-drive
If you have a hard disk C:, load your distribution diskette in Drive A:,
and issue the command: A:INSTALL A C
Note that the IRIS.BAT procedure will need to be edited if your hard drive
is not 'C'. IRIS.BAT does not pass parameters to the IRIS executable, so do
not attempt to pass command parameters when invoking IRIS via this procedure.
If you are using a twin floppy machine, just copy the distribution diskette,
store the distribution as backup and use the copy as-is.
The ENCRYPT and DECRYPT batch files
ENCRYPT.BAT and DECRYPT.BAT provide an quick interface to IRIS
for DES file encryption and decryption. Usage is thus:
ENCRYPT filename DES-key or DES-keyphrase
DECRYPT filename DES-key or DES-keyphrase
ENCRYPT ozy.txt 43-23-F9-C2-55-7E-1F-B3
DECRYPT ozy.txt 43-23-F9-C2-55-7E-1F-B3
ENCRYPT ozy.txt bewaretheidesofmarch
DECRYPT ozy.txt bewaretheidesofmarch
Authenticating the IRIS program image
The CCITT checksums for IRIS are listed below. Check that your IRIS
program is correct and unaltered with: IRIS checksum /file=iris.exe
IRIS v3.5-1 CCITT: 6371
IRIS v3.6-3 CCITT: 7B7A
IRIS v3.7-0 CCITT: DB4E
UNMODIFIED copies of PC-Iris, PC-Merlin and PC-Lock may be given to others
for evaluation. These programs CANNOT be sold without written permission
from Digital Crypto.
If you intend to make use of any Digital Crypto product, we would appreciate
your prompt registration. In return for registration you will receive:
The latest Digital Crypto disk
The latest full documentation set
A license agreement
Telephone support / technical advice
Single PC registration is $39.00 (USD) or equivalent local currency
Payment to DIGITAL CRYPTO at: DIGITAL CRYPTO
PO BOX 1
United Kingdom CF6 2WB
Telephone UK: (0222) 711370 18:00 - 23:00 GMT
Contact Digital Crypto direct for details of VMS-Iris / UNIX-Iris / OS2-Iris,
access to source code / cipher libraries, customization, site licensing etc.
Features new to V3.7
F1. Keyphrase packing for DES
It is now permissable to supply a 'keyphrase' to the DES cipher
which will be packed into a pure DES key by CIPHER. Many users
will find this preferable, as the pure HEX DES key format is
difficult to remember.
IRIS applies several heuristic checks to decide if a keyvalue
entered is in pure-DES, or keyphrase-pack format.
F2. /[NO]ERASE qualifier syntax change
The /[NO]ERASE qualifier has been replaced by:
/ERASE=AUTOMATIC Automatically erase input file after
encrypt or decrypt operation.
/ERASE=CONFIRM Prompt the user to confirm that input
file erasure is required, after encrypt
or decrypt operation
/ERASE=NONE Do not erase the input file after encrypt
or decrypt operation
F3. /DEBUG qualifier
The /DEBUG qualifier causes the display of internal data structures
created during PLAYFAIR and BAZERIES encryption / decryption.
F4. /[NO]CONTROL new qualifier
The /[NO]CONTROL qualifier control processing of non-printable
/[NO]CONTROL - Skip non-printable plaintext
/CONTROL - Process non-printable plaintext
F5. /[NO]PUNCT new qualifier
The /[NO]PUNCT qualifier control processing of punctuation
characters in input plaintext.
/[NO]PUNCT - Skip punctuation characters
/PUNCT - Process punctuation characters
F6. Case sensitivity of /KEYVALUE preserved
The case (upper or lower) of supplied keyvalues is now retained
and passed to the CIPHER program. This increases the available
keyspace dramatically, and thereby improves security, but users
should be aware that if they encrypt with 'INTHEBEGINNING' and
then decrypt with 'inthebeginning', plaintext will NOT result.
F7. /ECHO_PLAIN and /ECHO_CIPHER filter non-printable characters
The echoing of plain and cipher text is now filtered to only
display printable characters.
F8. Temporary files now have '.XYZ' extension
Temporary files left behind when IRIS is terminated prematurely
via CTRL-BREAK etc, now have the extension '.XYZ'. This makes
IRIS temporary files easier to locate and delete.
F9. New checksum algorithm provided: BYTESUM
The bytesum algorithm provides a simple arithmetic sum
(modulo wordsize) of all the bytes in a file.
F10. Weak & Semi-weak key detection for DES
Weak and Semi-weak DES keys are now rejected by the key
F11. BAZERIES cipher algorithm
IRIS now supports an extended version of the Bazeries cylinder.
F12. Block count display during CIPHER
IRIS will display a count of block size and blocks processed
during cipher operations. /BRIEF will suppress this feature,
as will /ECHO_PLAIN or /ECHO_CIPHER.
F13. VERNAM cipher improved
The random number generator implemented in IRIS v3.5 was found
to be inadequate, and has been replaced by a scheme using both
additive and linear quadratic methods, with produces a period
of roughly 2^55.
WARNING: PC-IRIS VERNAM v3.7 is incompatible with PC-IRIS
VERNAM v3.5 - Do not use one with the other !!!
Performance of VERNAM has been enhanced by increasing the i/o
blocksize to 255 bytes.
F14. IRIS image now returns exit codes
The IRIS image returns exit codes which indicate completion
0 Normal completion
1 Abnormal completion
2 Terminated by user (CTRL-BREAK)
F15. Message handler changes
The format of IRIS error messages has changed from:
%IRIS-E-SOMERR, some error has occurred
ERROR: SOMERR, some error has occurred
The message handler now 'beeps' when errors of severity
WARNING, ERROR and FATAL are issued.
F16: Qualified error messages
Some error messages (mainly I/O errors) now have an additional
qualification string giving additional information about the
reason for the error condition.
B1. /NOSPACE padded blocks with EOF characters
The /NOSPACE qualifier did not re-pack blocks when space characters
were removed. The short blocks were then padded with EOF characters
which made decrypted plaintext appear to be truncated. This problem
has been fixed.
B2. AMORPHFAIL error fixed
A bug in the command parser caused the AMORPHFAIL error to occur
whenever the user entered /KEYVALUE in full. (/KEYVAL worked fine).
Several other parser enhancements have also been introduced.
C1. /[NO]LOWER qualifier syntax changed
The /[NO]LOWER qualifier has been replaced by:
C2. /[NO]ECHO_PLAIN qualifier default value changed
/ECHO_PLAIN now defaults to false. (Because of block count feature).
C3. /ECHO_PLAIN and /ECHO_CIPHER prohibited
Use of /ECHO_PLAIN and /ECHO_CIPHER in the same cipher command
is prohibited, and will generate a 'NOTBOTH' warning error and
NO echoing of text at all.