1.1 What is Cryptosystem ME6?

Cryptography is that area of expertise which deals with secret writing, the art or science of storing information in a form which hides it from those not meant to see it, yet allows it to be revealed when needed. Cryptosystem ME6 is a software program which encrypts information stored in data files so that it can be read only by someone who knows the encryption key which was used to encrypt that data. The encryption key is a word or phrase given to the program which it uses to scramble the information in a way which is unique for that key. Once encrypted, the data is secure from unauthorized access, since anyone who does not know the key cannot decrypt the data. When Cryptosystem ME6 is used to recover the data the original key must be specified. If the correct key is supplied then the data is restored to its original form.

Cryptosystem ME6 uses a private (or symmetric) key encryption system. Data is encrypted using a key which is a phrase (which can be up to 64 characters long) or a sequence of 64 random bytes. Without this key the encrypted files appear to consist of meaningless bytes and the information in them is safe from prying eyes.

Files are normally compressed before encryption. There is no limit (except available disk space) on the size, the type or the number of files which can be encrypted in a single operation with ME6.

The encryption process in Cryptosystem ME6 uses pseudo-random number generators, a secure hash function (the MD5 Message Digest Algorithm) and plaintext feedback, combined in a way to ensure the security of the encrypted data. Data encrypted using ME6, even when subjected to statistical analysis, appears to consist of random bytes, providing no information.

For a fuller explanation of encryption and decryption please see An Introduction to the Use of Encryption. This also discusses various situations in which encryption is useful.

1.2 How easy to use is ME6?

A good software implementation of a cryptosystem should satisfy the requirements of security, reliability and ease-of-use. Ease-of-use means that the software will allow you to do what you want to do with a minimum of bother. Reliability means that the cryptosystem will always reveal exactly the information hidden when it is needed, that is, that the result of decrypting encrypted data will be exactly the same as the original data. Security means that the cryptosystem will in fact keep the information hidden from all persons except those intended to see it despite attempts to crack the system. Cryptosystem ME6 is a Windows program which supports mouse usage in the usual way. The conditions of any encryption or decryption operation are displayed at the main screen and the command buttons have been designed for ease-of-use.

1.3 How reliable is ME6?

Reliability, in this context, means that whenever you decrypt a file the result will be exactly the same as the file that was encrypted (assuming that the key used in decryption is the same as the key used in encryption). The reliability of Cryptosystem ME6 can be demonstrated by an exact analysis of the encryption procedure.

It is also possible to demonstrate the reliability of ME6 experimentally by encrypting and decrypting a large number of diverse files, using a variety of encryption keys, and checking that the result of decryption is the same as what was encrypted. The ME6 software incorporates such a reliability test. In Section 5.1 it is explained how this test is performed. This test can be repeated many times, and ME6 will be found to perform reliably.

1.4 How secure is ME6?

Even an expert cryptologist may not be able to determine (without prolonged investigation) whether a particular encryption method is secure or not. A new and complex system might require a year's study by professional cryptanalysts before a definite judgement could be made.

On the other hand, some cryptosystems are more or less weak, including a number of trialware and commercial encryption packages. Some have been broken, with the results published in the technical literature, for example, the encryption methods used in the commercial word-processing programs Word Perfect and Word. Some cryptosystems are believed to be strong because they have been studied intensively and no way to crack them in a reasonable amount of time has been discovered.

Cryptosystem ME6 is as secure as any cryptosystem that is commercially available. It cannot be broken by a brute force attack nor is it vulnerable to the usual cryptanalytical attacks. Reasons for Cryptosystem ME6's strength are given in the following chapter, after the encryption algorithm has been explained.

1.5 How fast is ME6?

The speed of Cryptosystem ME6 depends on (i) the speed of the hardware on which it is running, (ii) the degree to which a file it is encrypting can be compressed and (iii) disk access speeds (which are of course slower for floppy disks than for hard disks). Using a Pentium III at 600 MHz with 128 MB of RAM, and reading and writing to and from the hard disk, the following speed data was obtained:

1. Eighteen text files (each over 100 Kb in size) were encrypted (to output files with different names). The input files totalled 7.283 MB and the output files totalled 3.488 MB. The encryption was performed in 15 seconds, for an encryption speed of 510 KB/sec. The time required to decrypt the files was also 15 seconds.
2. 523 files in multiple folders and subfolders, totalling 18.330 MB were encrypted. The encrypted files totalled 13.814 MB. The encryption was performed in 1 minute and 38 seconds for an encryption speed of 191 KB/sec. The files were decrypted in 1 minute and 11 seconds.
3. These 523 files were archived into a ZIP file 12.195 MB in size. This was encrypted to a file with a different name in 25 seconds, for an encryption speed of 504 KB/sec, and to a file of the same name in 37 seconds, for an encryption speed of 336 KB/sec. (The latter time is greater because when encrypting to a file of the same name the input plaintext file is overwritten with random bytes.) In both cases the decryption time was also 25 seconds.

Thus, depending on what is being encrypted and how, ME6 encrypts files on this machine (a 600 Mhz Pentium III) at anywhere from about 180 KB/sec to about 520 KB/sec (or on average about 350 KB/sec).

1.6 Are there any limitations on file size, etc.?

Cryptosystem ME6 can handle any number of files in a single operation, and the files may be of any type. The only condition on file size is that there must be enough free space on the hard disk for a copy of the largest file being encrypted or decrypted.