Blowfish is a fast encryption algorithm designed by
Bruce Schneier. Bruce Schneier is well-know as a president of Counterpane
Systems, a security consulting firm, and author of Applied Cryptography:
Protocols, Algorithms, and Source Code in C, Second Edition (John Wiley
& Sons, 1996).
The Blowfish encryption algorithm was specially designed to encrypt data
on 32-bit microprocessor. It is significantly faster than DES and GOST when
implemented on 32-bit microprocessors, such as the Pentium or Power PC.
The original Blowfish paper was presented at the First Fast Software Encryption
workshop in Cambridge, UK (proceedings published by Springer-Verlag, Lecture
Notes in Computer Science #809, 1994) and the April 1994 issue of Dr. Dobbs
Journal. Blowfish--One Year Later appeared in the September 1995 issue of
Dr. Dobb's Journal.
BestCrypt software uses the Blowfish in Cipher Block Chaining Mode with
128-,256- and 448-bit key length and 16 rounds.
Additional information about the Blowfish algorithm is available also on
World-Wide-Web from: http://www.counterpane.com/blowfish.html
CAST-128 is DES-like free encryption algorithm developed
by Carlisle Adams. CAST algorithm detailed description can be found in
BestCrypt implements CAST-128 16-round algorithm with 128-bit
key and 64-bit block.
A computer where from a user may access BestCrypt virtual drives
that were shared for access on the Server computer. This computer may have
not BestCrypt software installed.
Container is an encrypted storage used by BestCrypt.
It can be mounted to a virtual drive
managed by the BestCrypt driver. All files stored on virtual drive are
actually stored in the mounted container in encrypted form.
USA Data Encryption standard (FIPS 46). Operates on 64-bit blocks
by successively modifying half of the bits with a function of the other half.
- DES encrypts one block in 16 rounds.
- DES uses 56-bit keys.
Triple DES or 3DES is three - pass DES modification. Triple DES is
approved by NIST as encryption standard
FAT (File Allocation Table) is standard MS DOS filesystem.
The Government Standard of the USSR 28147-89, Cryptographic protection
for Data Protection Systems, appears to have played a role in the former
Soviet Union (not only in Russia) similar to that played by the US Data
Encryption Standard (FIPS 46). When issued, it bore the minimal classification
'For Official Use,' but is now said to be widely available in software both
in the former Soviet Union and elsewhere. In apparent contrast to DES's
explicit limitation to unclassified information, the introduction to GOST28147-89
contains the intriguing remark that the cryptographic transformation algorithm
does not place any limitations on the secrecy level of the protected
The algorithms operates on 64-bit blocks by successively modifying half
of the bits with a function of the other half. Beyond that, the similarity
declines and several differences are visible.
- The Soviet System has 32 rounds.
- GOST 28147-89 has 256 bits of primary key and 512 bits of secondary
key. The secondary key is the block of eight S-boxes, which are specific
to individual networks and are not included in the standard.
- The primary key is divided into eight 32-bit words. For the first twenty-four
rounds, these are used cyclically in ascended order. For the last eight,
they are used in descending order.
The standard is also somewhat broader that FIPS46. It includes output feedback
and cipher feedback modes of operation, both limited to 64-bit blocks, and
a mode for producing message authentication codes.
IDEA is strong symmetrical block cipher developed in Switzerland
at ETH (Eidgenossische Technische Hochschule, which is the Swiss Federal Institute
of Technology, at Zurich). IDEA algorithm is widely used in popular
encryption software and libraries such as PGP, SSH, SSL
BestCrypt implements IDEA algorithm with 8 rounds and 128-bit key.
When a block cipher is used in CBC mode, the initialization
vector is exclusive-ORed with the first plaintext block prior to encryption
NTFS is standard Windows NT filesystem.
Password is a secret word or (better) phrase used to gain access
to virtual drive. A password should be specified when creating the
container. BestCrypt allows passwords from 8 up to 128 characters length.
The password should be difficult to guess. Once guessed or calculated, a password
can be used by an unauthorized person to read your sensitive data. To make
a good password (passphrase), use unusual words and digits as well as "SHIFT",
"CTRL" and "ALT" keys pressed simultaneously with letters or digits. Never
enter short passwords containing a single common word, for example, "system"
Rijndael is a block cipher, designed by Joan Daemen and
Vincent Rijmen. This very algorithm was selected by US NIST as AES.
The cipher was designed with hardware implementation in mind. It has
variable block length and key length. BestCrypt implenents Rijndael
with 256-bit key and 128-bit block.
AES page for more
computer where BestCrypt software is installed and where
administrator controls the networking access to encrypted data.
computer where user stores containers with encrypted data.
This computer may have not BestCrypt software installed.
"Trap door" is the name of a feature that allows to authorities
with legal permission to bypass protection and to gain access to data without
the permission of its owner.
The Twofish encryption algorithm is designed by Bruce Schneier,
John Kelsey, Chris Hall, Niels Ferguson, David Wagner and Doug Whiting.
Twofish is a symmetric block cipher; a single key is used for encryption
and decryption with block size of 128 bits. Twofish algorithm was
AES candidate. As the authors of the algorithm
state, we have spent over one thousand hours cryptanalyzing Twofish, and have found no attacks that
go anywhere near breaking the full 16-round version of the cipher.
BestCrypt uses full 16-round version of Twofish with 128- and 448-bit
Additional information about the Twofish algorithm is available also on
World-Wide-Web from: http://www.counterpane.com/twofish.html
Virtual drive is a virtual device created and managed by the
BestCrypt driver. Virtual drives are used to access the encrypted data and
files stored in containers.