Table of contents Up Previous Next Glossary Home   Glossary  

  • Blowfish

    Blowfish is a fast encryption algorithm designed by Bruce Schneier. Bruce Schneier is well-know as a president of Counterpane Systems, a security consulting firm, and author of Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition (John Wiley & Sons, 1996).

    The Blowfish encryption algorithm was specially designed to encrypt data on 32-bit microprocessor. It is significantly faster than DES and GOST when implemented on 32-bit microprocessors, such as the Pentium or Power PC.

    The original Blowfish paper was presented at the First Fast Software Encryption workshop in Cambridge, UK (proceedings published by Springer-Verlag, Lecture Notes in Computer Science #809, 1994) and the April 1994 issue of Dr. Dobbs Journal. Blowfish--One Year Later appeared in the September 1995 issue of Dr. Dobb's Journal.

    BestCrypt software uses the Blowfish in Cipher Block Chaining Mode with 128-,256- and 448-bit key length and 16 rounds.

    Additional information about the Blowfish algorithm is available also on World-Wide-Web from:

  • CAST

    CAST-128 is DES-like free encryption algorithm developed by Carlisle Adams. CAST algorithm detailed description can be found in rfc-2144

    BestCrypt implements CAST-128 16-round algorithm with 128-bit key and 64-bit block.

  • Client

    A computer where from a user may access BestCrypt virtual drives that were shared for access on the Server computer. This computer may have not BestCrypt software installed.

  • Container or Container file

    Container is an encrypted storage used by BestCrypt. It can be mounted to a virtual drive managed by the BestCrypt driver. All files stored on virtual drive are actually stored in the mounted container in encrypted form.

  • DES, Triple DES (3DES)

    USA Data Encryption standard (FIPS 46). Operates on 64-bit blocks by successively modifying half of the bits with a function of the other half.

    • DES encrypts one block in 16 rounds.
    • DES uses 56-bit keys.

    Triple DES or 3DES is three - pass DES modification. Triple DES is approved by NIST as encryption standard FIPS 46-3.

  • FAT

    FAT (File Allocation Table) is standard MS DOS filesystem.

  • GOST 28147-89

    The Government Standard of the USSR 28147-89, Cryptographic protection for Data Protection Systems, appears to have played a role in the former Soviet Union (not only in Russia) similar to that played by the US Data Encryption Standard (FIPS 46). When issued, it bore the minimal classification 'For Official Use,' but is now said to be widely available in software both in the former Soviet Union and elsewhere. In apparent contrast to DES's explicit limitation to unclassified information, the introduction to GOST28147-89 contains the intriguing remark that the cryptographic transformation algorithm does not place any limitations on the secrecy level of the protected information.

    The algorithms operates on 64-bit blocks by successively modifying half of the bits with a function of the other half. Beyond that, the similarity declines and several differences are visible.

    • The Soviet System has 32 rounds.
    • GOST 28147-89 has 256 bits of primary key and 512 bits of secondary key. The secondary key is the block of eight S-boxes, which are specific to individual networks and are not included in the standard.
    • The primary key is divided into eight 32-bit words. For the first twenty-four rounds, these are used cyclically in ascended order. For the last eight, they are used in descending order.

    The standard is also somewhat broader that FIPS46. It includes output feedback and cipher feedback modes of operation, both limited to 64-bit blocks, and a mode for producing message authentication codes.

  • IDEA

    IDEA is strong symmetrical block cipher developed in Switzerland at ETH (Eidgenossische Technische Hochschule, which is the Swiss Federal Institute of Technology, at Zurich). IDEA algorithm is widely used in popular encryption software and libraries such as PGP, SSH, SSL

    BestCrypt implements IDEA algorithm with 8 rounds and 128-bit key.

  • IV, initialization vector

    When a block cipher is used in CBC mode, the initialization vector is exclusive-ORed with the first plaintext block prior to encryption

  • NTFS

    NTFS is standard Windows NT filesystem.

  • Password

    Password is a secret word or (better) phrase used to gain access to virtual drive. A password should be specified when creating the container. BestCrypt allows passwords from 8 up to 128 characters length.

    The password should be difficult to guess. Once guessed or calculated, a password can be used by an unauthorized person to read your sensitive data. To make a good password (passphrase), use unusual words and digits as well as "SHIFT", "CTRL" and "ALT" keys pressed simultaneously with letters or digits. Never enter short passwords containing a single common word, for example, "system" or "John".

  • Rijndael or AES

    Rijndael is a block cipher, designed by Joan Daemen and Vincent Rijmen. This very algorithm was selected by US NIST as AES.

    The cipher was designed with hardware implementation in mind. It has variable block length and key length. BestCrypt implenents Rijndael with 256-bit key and 128-bit block.

    Visit AES page for more information

  • Server

    computer where BestCrypt software is installed and where administrator controls the networking access to encrypted data.

  • Storage

    computer where user stores containers with encrypted data. This computer may have not BestCrypt software installed.

  • "Trap door"

    "Trap door" is the name of a feature that allows to authorities with legal permission to bypass protection and to gain access to data without the permission of its owner.

  • Twofish

    The Twofish encryption algorithm is designed by Bruce Schneier, John Kelsey, Chris Hall, Niels Ferguson, David Wagner and Doug Whiting.

    Twofish is a symmetric block cipher; a single key is used for encryption and decryption with block size of 128 bits. Twofish algorithm was AES candidate. As the authors of the algorithm state, we have spent over one thousand hours cryptanalyzing Twofish, and have found no attacks that go anywhere near breaking the full 16-round version of the cipher.

    BestCrypt uses full 16-round version of Twofish with 128- and 448-bit keys

    Additional information about the Twofish algorithm is available also on World-Wide-Web from:

  • Virtual drive

    Virtual drive is a virtual device created and managed by the BestCrypt driver. Virtual drives are used to access the encrypted data and files stored in containers.

  Table of contents Up Previous Next Glossary Home   Top