SEAL
~~~~~~
Superior Encryption ALgorithm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~







Copyright 1993 Bubba Snake and Tyrone Shoelaces.

All Rights Reserved.


* DO NOT USE THIS SOFTWARE UNTIL YOU HAVE READ AND AGREE TO *
* ABIDE BY THE PROVISIONS IN THE SECTION "Legal Stuff". *
* NOT FOR EXPORT OUTSIDE OF THE U. S. A. *






Introduction
--------------



What is SEAL?

SEAL is a file encryption program for computer files.

What is encryption?

Encryption is a process that scrambles up computer files,
making them uninteligible and unusable.

Why would I want to do that?

Encrypting secret or sensitive data can keep them secured
from prying eyes. SEAL provides reasonably good protection
for computer files, is fast, and easy to use.

Can the files be unscrambled?

Yes, but ONLY with the correct key.

What's a key?

A key is a sequence of characters, usually a word or group
of words, that is used to encrypt a computer file. The file
can be decrypted (unscrambled) successfully, only with the
correct key.

How do I use SEAL?

Type 'SEAL /?' from the DOS prompt for a short help screen
showing usage and parameters. For more detailed instructions
read on.




Contents
----------

1. Overview

2. Quick Start Guide

3. Legal Stuff

4. Usage

5. Hints for Improved Security




1. Overview
-------------

SEAL is a file encryption/decryption program for IBM compatible
computers. SEAL will encrypt files to make them unusable until
they are decrypted. The intended purpose of SEAL is to protect
confidential, or sensitive data from unauthorized access.

SEAL is a command line utility that must be run from the DOS
command line ( C:\ ). SEAL may also be run in a DOS window
under MS Windows, or OS/2.

SEAL requires the use of a key along with the file to be
encrypted. The key may be any sequence of characters 4 to 80
characters long. This will usually be a word or group of words.
SEAL is very secure if and ONLY if the key is kept secret. It
is imperative that the key not be forgotten. There is no way to
decrypt a file without the correct key.

SEAL is very secure because it uses many different encryption
methods. These methods are chosen based on the characters in the
key. The longer the key is, the more secure the encrypted file
will be.




2. Quick Start Guide
----------------------

Encrypting files with SEAL is very easy. The simplest format
to use is:

SEAL FILENAME

where FILENAME is the name of the file to be encrypted.

The FILENAME is any valid existing file. The FILENAME may
optionally include a drive, and/or path.

When using this format, the key will be prompted for before
the file is encrypted.

A new encrypted file will be created with the extension SEA
in the current directory.



Decrypting files with SEAL is just as simple. The format to
use is:

SEAL FILENAME.SEA

where FILENAME is the name of the file to be decrypted.

SEAL knows whether to encrypt or decrypt a file because SEAL
writes a header with a unique signature in encrypted files.

The key will be prompted for and must be the same as the key
that was used to encrypt the file. If the incorrect key is
used the resulting file will be random garbage.


* See Chapter 4 for more detailed operating instructions.




3. Legal Stuff
----------------

DO NOT USE SEAL UNLESS YOU COMPLETELY UNDERSTAND AND AGREE TO

ABIDE BY THE FOLLOWING PROVISIONS FOR THE USE OF THIS PRODUCT.



SEAL is NOT FOR EXPORT outside the United States.

SEAL is protected by United States copyright law.

SEAL may not be disassembled, reverse engineered, run under
a debugger, or otherwise altered or modified.

SEAL is free copywritten software. No fee may be charged for
its distribution, except for reasonable and customary charges
for the sale of the media on which it is distributed.

SEAL may be freely distributed in complete, unmodified form
including all documentation, within the United States.

Compressing SEAL for archival purposes is permitted provided
all files may be decompressed to their original state.

SEAL is intended for lawful purposes only.

NO WARRANTY, EITHER EXPRESS OR IMPLIED IS GRANTED FOR THE
USE OF THIS SOFTWARE. THE USER OF THIS SOFTWARE BEARS ALL
RISKS AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE.
IN NO EVENT SHALL THE AUTHORS OF THIS SOFTWARE BE HELD
LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, OR
INCIDENTAL DAMAGES ARISING FROM THE USE OR INABILITY TO
USE THIS SOFTWARE.

In other words, use this software at your own risk.





4. Usage
----------


SEAL is a command line utility that must be run from the DOS
command line ( C:\ ). SEAL may also be run in a DOS window
under MS Windows, or OS/2. SEAL requires MS-DOS version 2.1 or
higher, and 64K bytes of free memory. SEAL also requires enough
disk space to create the encrypted file. The encrypted file will
be equal to the length of the original file plus 512 bytes.


SEAL is used like this:

SEAL [drive:][path]FILENAME [destination] [/password] [/O|o] [/h|H|?]

SEAL must be in an accesible directory, so that DOS can find it.
This means that the file 'SEAL.EXE' must be either in the current
directory, or a directory in the PATH. To see your current path,
type PATH at the DOS prompt. Copy 'SEAL.EXE' to a directory in
the path. For more information on PATH or copying files, refer
to your DOS manual.

FILENAME refers to the file to be encrypted. This may be any valid
existing file. The 'drive' and 'path' are optional, and only need
to be specified if the file(s) referred to by FILENAME are not in
the current directory. The FILENAME may optionally include wildcards.
Wildcards are the characters '*' and '?'. Wildcards allow you to
process many files at the same time. For more information, refer
to your DOS manual.

Examples:

SEAL WAZOO.TXT

Encrypts the file WAZOO.TXT located in the current directory.

SEAL A:\WAZOO.TXT

Encrypts the file WAZOO.TXT located on the floppy disk in
drive A:.

SEAL *.*

Encrypts all files located in the current directory.




Destination is optional and refers to the place where seal will
place encrypted files. If a destination is not specified, all
encrypted files will be placed in the current directory.

Example:

SEAL WAZOO.TXT C:\FILES

Encrypts the file WAZOO.TXT, and places the encrypted
file in the directory FILES on drive C:.


/password is the key that SEAL uses to encrypt the specified
files. The password must be preceded by the slash character (/).
If a password is not provided it will be prompted for as the
program runs. The password must be from 4 to 80 characters in
length. SEAL is case insensitive. This means that all alphabetic
characters are converted to uppercase. Therefore all of these
passwords are equivalent:

/password
/Password
/PASSWORD
/passworD

The password may include any character. The only restriction is
in the use of imbedded spaces. If you want to include spaces
in your password, enclose the password in quotes like this:

SEAL WAZOO.TXT "/This is a long password with spaces."

If you do not enclose the above password in quotes, SEAL
will interpret the password as '/This' and ignore the rest.


* NOTE * See the section "Hints for Improved Security" below
for hints on choosing appropriate passwords.





The parameter '/O' or '/o' means 'Overwrite'. If this parameter
is specified, SEAL will competely overwrite and delete the
original file after it has finished writing the encrypted file.
By default (if /o isn't included), SEAL leaves the original file
intact and unchanged. SEAL will NOT overwrite files that are
marked read only, hidden or system. The reason to use this
parameter is that when you use the DEL or ERASE commands to
delete files, the files aren't really deleted. DOS simply
marks the space used by the files as available for use. The
files could then be 'undeleted' and are often completely intact.

Example:

SEAL WAZOO.TXT /O

Encrypts the file WAZOO.TXT, and places the encrypted
file in the current directory. After the encrypted file
is written to disk, the file WAZOO.TXT will be
completely overwritten and deleted. The encrypted file
will be called 'WAZOO.SEA'.



The parameter '/H' or '/h' or '/?' means 'Help'. If this
parameter is specified, a screen showing a list of options will
be display. This help screen will also be displayed if SEAL is run
with no parameters.

Example:

SEAL /?

Displays a help screen.




All of the examples given so far have been for encrypting
files. To restore your original file(s) the encrypted files
must be decrypted with SEAL. The same parameters are used
for decryption as encryption. SEAL knows whether a file is
encrypted, because SEAL writes a unique signature at the
beginning of each encrypted file.

Example:

SEAL FOO.BAR /secret_password /o

Creates encrypted file 'FOO.SEA' in the current
directory and overwrites and deletes 'FOO.BAR'.

SEAL FOO.SEA /secret_password /o

Creates decrypted file 'FOO.BAR' and overwrites 'FOO.SEA'.
The new file FOO.BAR will be exactly the same as the
original file FOO.BAR.




5. Hints for Improved Security
--------------------------------


Use a long key.

The longer the key is, the less susceptible your encrypted
file is to 'brute force' decryption. Brute force decryption
is trying each possible key. The longer the key the more
possible keys exist. Example key lengths with the number of
possible keys follows:

key length approximate number of possible keys

1 228
2 51,984
3 11,852,352
4 2,702,336,256
5 616,132,666,368
6 140,478,247,931,900
7 32,029,040,528,470,000
8 7,302,621,240,492,000,000
10 379,619,462,565,700,000,000,000
15 233,895,951,675,800,000,000,000,000,000,000,000
80 4.313E +188 (188 digits)

The above table assumes the possible use of all characters.

In practice most people will use only alphanumerics and a
small group of punctuation marks. The following table lists
approximate number of likely keys for a given length:

key length approximate number of likely keys

1 40
2 1,600
3 64,000
4 2,560,000
5 102,400,000
6 4,096,000,000
7 163,840,000,000
8 6,553,600,000,000
10 26,214,400,000,000
15 1,073,741,824,000,000,000,000,000
80 1.462E +128 (128 digits)



Bear in mind that modern computers can execute millions or
even billions of operations per second. Consequently, a
decent hacker could decrypt a file encrypted with a short
key (less than 5 characters) in a few hours. A long key
(greater than 10 charcters) would take years to decrypt.
A very long key (greater than 20 characters) would take
centuries.


Use a key that is meaningful, but not obvious.


Keep the key secret.


Use the /o switch if others have access to your computer.


Don't always use the same key.


Use a 'keyed key'.

You and the recipient of your encrypted file could each have
an identical copy of the same book. Any book will do (novel,
phone book, bible), as long as both books are identical.
Choose a page number and line number by some random method.
Get the key from that page number and line number. Tell the
recipient of your encrypted file the numbers. The recipient
looks up the key in his book based on the numbers.