ASPICRYP v0.3 (c) 1996 Cedric Reinartz 1. Disclaimer ------------- !!! This software is "as it is" !!! The makers and developers of ASPICRYP make no representation, warranty, assurance or inducement, express or implied, as to its adequacy, sufficiency or freedom from defect of any kind. Neither the makers or developers will have any liability to any user resulting from the use of it nor are they responsible for any data loss or computer failure resulting from any inherent incompatibilities with any other software or hardware. 2. Introduction --------------- ASPICRYP is a DOS based TSR which hooks to an ASPI-Manager and encrypts the data going to a SCSI-device using the BLOWFISH algorithm in CBC-Mode. You have to specify a password on the commandline which must have (for security reasons) at least 4 characters (8 or more are recommended). The programm is hardcoded to encrypt all the data going to and to decrypt all data comming from the SCSI-device 0:3:0 . In this way you can encrypt any SCSI-devices: Harddisks, CD-ROM, CD-Writer, Tapedrives, MO, ... . Up to now I have only tested a (single) Tapedrive (HP1533A) with two different programms. Since the encryption process is very fast, there is absolutely no delay when using my Tapedrive (wich has a transfer rate of about 500kB/s) on a 486DX2/66 or higher. Attention: After encryption the data can NOT be compressed by the SCSI-Device! So use a backup programm which compress them prior to sending them to the SCSI-device. I'm interested in any feedback! If you have any questions, suggestions or improvements, please leve me a mail. 3. Changeing the parameters --------------------------- I'm sorry, but there is no programm (up to now) which does the job for you. If you are capable of using a HEX-Editor you can change the hardcoded parameters using this structure: Length Default Remark -------------------------------------------------------------- Byte 00 Logical Unit Number (LUN) Byte 03 Target ID Byte 00 Hostadapter Nr Byte 00 00 -> parameters for device 1 are valid Byte FF Logical Unit Number (LUN) Byte FF Target ID Byte FF Hostadapter Nr Byte FF FF -> parameters for device 2 are not valid Word relative Pointer to the text which is shown at initialisation: " 0:3:0 " (You should patch this text also) Byte 0ah,"ASPICRYP v" ! this part will never change ! Search for the beginning of the copyright message and go backwards. This structure will be the same in future versions. For v0.3 it starts at 1DC9 Hex. YES you can encrypt two devices at a time (with the same password ofcourse). But: I never tested this. 4. Technical Notes ------------------ This software needs at least: - IBM compatible AT-system with an 80386sx processor or better - DOS 3.0 or above - 10kB of free DOS-RAM (you can load it high) - ASPI-Manager installed Speed: 1.8 MB/s on a Pentium 90 2.7 MB/s on a Pentium 133 Limitations: Command posting is not supported by ASPICRYP (yet). So, before decryption (and returning to the main programm) ASPICRYP waits until it has all the data from the SCSI-device. This may slowdown the main programm. 5. Copyrights ------------- BLOWFISH is a data encryption algorithm which was published in the Dr.Dobb's Journal magazine, issue #213 on April 1994. It was developped by Bruce Schneier and is unpatented and placed in the public domain. In the September issue 1995 of DDJ Blowfish was (after a sponsored contest) still unbreaked. The advantages of this encryption algorithm is its design for 32bit CPUs like the 80386 and above. The Blowfish IMPLEMANTATION used in this software was done by: Markus Hahn Schellingstrasse 13 72622 Nuertingen GERMANY E-Mail: 681614@pcmail.rz.fht-esslingen.de and Cedric Reinartz Schumannstrasse 51 40822 Mettmann Germany E-Mail: cer@servww4.ww.uni-erlangen.de (till end of 1996) ASPICRYP v0.3 was done by Cedric Reinartz. It can be distributed freely if: - both (the programm and this manual) are distributed together - both are unmodified - no fee (excluding material and shipping costs) is taken If you use ASPICRYP v0.3 for your own private purpose, you can do so without paying any money (to me or someone else). But: You have to send me a note that you are using it! For any non private use you have to contact Cedric Reinartz. 6. History ---------- v0.1 Internal version, not released v0.2 1st released Version v0.3 Bug removed: ASPICRYP corrupts other programms which uses 386 code. (I used PUSHA and therefore corrupted EAX, now it's PUSHAD). Hex-Patch Description corrected. 7. Future --------- - possibility to remove ASPICRYP from memory - API, so other programms can control the behaviour of ASPICRYP - possibility to reconfigure ASPICRYP at runtime - possibility to chain ASPICRYP with other driver (so you can load more than one ASPICRYP if you have different devices with different passwords) - Configuration programm (so you don't need to Hex-patch)