Dolphin Encrypt

Dolphin Encrypt uses a symmetric key encryption process to encrypt data on
MS-DOS computers. Information is encrypted using an encryption key which
is kept secret. Without this key encrypted files cannot be read and are
safe from unauthorized access. The key can be from 8 to 60 characters in
length, so it can be a phrase which is easy to remember. Upper and lower
case are equivalent, so you don't have to remember exact capitalization.

Dolphin Encrypt can encrypt multiple files with a single command. For
example, DE2 E *.* encrypts (E = "encrypt") all files in the current
subdirectory (the program asks you to enter the encryption key, and erases
it from memory upon termination). To convert all files with .TXT suffix to
encrypted files with .ENC suffix (leaving the original files unchanged)
you would use the command DE2 E *.TXT *.ENC. File pathnames are supported
and there is extensive error checking. Decryption is equally simple: Just
use D for "decrypt" instead of E. If you wish to transmit encrypted data
as email then Dolphin Encrypt can be told to output the encrypted data as
text. There is no limit on the size, the type or the number of files.
Files are normally compressed during encryption (smaller file size means
faster transmission when sending encrypted files electronically). Screen
output can be sent to a file or to a printer for a record of operations.

The encryption algorithm relies partly on the RSA Data Security, Inc., MD5
Message Digest Algorithm. Encrypted files appear even to special analysis
tools as composed of random bytes. Dolphin Encrypt requires DOS 2.1 or
higher. A printed manual clearly explains the use of the software with
examples, and includes a detailed description of the encryption algorithm
used.

Dolphin Encrypt Advanced Version

There is an enhanced version of Dolphin Encrypt which has all of the
features described above, and also encrypts whole floppy disks. All common
disk sizes are supported and are automatically recognized. To make an
encrypted copy in drive B: of a disk in drive A: you would use DE2 E A:
B:

Dolphin Encrypt Advanced Version has additional command line options,
including the options of echoing or not echoing the key and of decrypting
and displaying only (without writing any plaintext to disk). The Advanced
Version can be run silently from another application program to encrypt or
decrypt data. Dolphin Encrypt Advanced Version has a script language (with
if-else-endif) which allows automation of frequently-performed, complex or
conditional operations. The Advanced Version package also includes utility
programs to read text files, compare files, purge files and wipe a disk
clean; these can be called from scripts.

A decryption-only version (Dolphin Decrypt) is available separately. This
can be sent to recipients of encrypted data who need only to decrypt data
sent to them.

Dolphin Software, 4815 W. Braker Ln. #502, Austin, TX 78759
512-479-9208
-----------------------------------------------------------------
                Evaluating Encryption Software

How does one evaluate encryption software? Firstly it should be said that
the evaluation is relative to one's needs. What is best for one person or
organization may not be best for another. So the first step is to identify
one's security needs: Which information needs to be protected? How well
does it need to be protected? Is encryption of the data better than other
possibilities (such as the traditional method of keeping the information
in a safe)? Who will maintain the encryption keys and be responsible for
performing the encryption and decryption? Who might attempt to gain access
to the information, and what level of cryptanalytic skills might they
possess? What methods of encryption are available, how much do they cost
and what are their merits? Should different methods of encryption be used
for different kinds of information?

Assuming that a software encryption process is needed, one that will
encrypt files (and possibly floppy disks), how to decide among competing
encryption software packages? The following questions need to be
considered:

(i) Is the software compatible with the hardware and the operating system
that it is to be used on?

(ii) How easy is the system to install? Does it require some hardware
device to be installed, and if so, must the machine be opened? Can the
software be installed on a hard disk, or must it be run from a floppy
disk?

(iii) How easy to use is the software? How much training is required to use
the software properly? Does it require a special level of technical
expertise? Does the software provide any on-line help?

(iv) What kind of encryption key is required? Does the software allow long
keys? Does it allow any typeable and displayable character in keys? Does
it reject some keys as too weak? Is there an option to echo the encryption
key to the screen during input (or not)?

(v) Will the software encrypt all kinds of files, and all sizes? Is there a
single procedure to encrypt all kinds of files? Does the software allow
encryption of multiple files in a single operation?

(vi) What encryption options does the software provide? Does it allow
encryption or decryption without destroying the original data?

(vii) Does the software compress the data as well as encrypt it?

(viii) Is there a way to automate complex encryption operations, such as
running the software from a batch file?

(ix) Is there provision for purging sensitive data which has been encrypted
but which may still exist on the hard disk in plaintext form? Does the
software handle this automatically?

(x) Does the software check for errors? Does it trap operator errors?

(xi) How fast is the software? Given the amount of data that will be
encrypted and decrypted on a daily basis, is the operation likely to
require one minute of computer time? One hour?

(xii) Is the documentation clear and comprehensible, and does it provide
answers to questions?

(xiii) Does the software provide means for producing a permanent record of
its operations, providing information about the files being encrypted or
decrypted?

(xiv) What level of security does the software provide? Is it strong enough
to withstand the level of cryptanalytic attack that encrypted data might
on some occasion be subjected to? Do encrypted files exhibit any kind of
pattern or structure which might assist cryptanalysis?

(xv) Is the cost of the software commensurate with its ease-of-use,
reliability, and speed, and with the level of security it provides? Is a
site license available?

  +---------------------------------------------------------------+
  |   From the America Online - New Product Information Services  |
  +===============================================================+
  | This information was processed from data provided by the      |
  | above mentioned company. For additional details, contact the  |
  | company at the address or telephone number indicated above.   |
  |    All submissions for this service should be addressed to    |
  |   BAKER ENTERPRISES, 20 Ferro Drive, Sewell, NJ 08080 U.S.A.  |
  +---------------------------------------------------------------+
