
*  PURPOSE OF EKACRYPT

   This program allows those who have sensitive security requirements to 
   encode their private files (binary, text or otherwise) and tranfer them
   to others with a nearly 100% certainty that, even if intercepted, they 
   will be meaningless without ALL portions of the encrypted file.


*  THE HERITAGE OF EKACRYPT

   EKACRYPT.EXE version 1.0 was released on 5/30/91 and was written with 
   Turbo C 1.5 by Don Kinstler (A.K.A. Electrik Kool Aid) in Binghamton, NY

It is the intellectual property of Don Kinstler, who reserves all rights to
it's sale, publication, or other un-fair misuse.  Attempting to decompile
or reverse-engineer EKACRYPT.EXE, in any way, will result in exceptionally 
bad karma for seven generations and may void your warranty.

   EKACRYPT may be freely distributed to others, as long as no fee or other
   enumeration is received for it's distribution.  It is free for the use,
   and as such is worth every penny.  Don Kinstler, or any subsequent 
   assignee will cheerfully refund your purchase price, less a 15% restocking
   fee in the event you are not fully satisfied.   YOU USE THIS PROGRAM AT 
   YOUR OWN RISK.


* METHOD AND PURPOSE OF EKACRYPT

   EKACRYPT is a utility based upon the encoding methods used by the Israeli
   Intelligence organization known to all as The Mossad.  The Mossad, like
   other organizations in their field, has a special and unique method of 
   encoding messages they do not wish to fall into the hands of hostile
   forces.  The algorithm they use for this is the basis for EKACRYPT.

Of course, any program freely distributed to others can not be considered
100% secure - it takes but a few minutes to reverse-engineer (decompile) any
such program, figure out how it works and thereby remove whatever safety the 
originator had...  EKACRYPT only ensures that someone can not decode your
data unless they have ALL the files created by EKACRYPT.  You must assume
responsibility for taking all precautions to prevent this from happening.

   If a message (or file) can be encrypted, it should (obviously) be able
   to be decrytped by the person who receives it.  If he has at his
   disposal the methods and codes used to decrypt, it only stands to 
   reason that ANYONE with enough time and patience can ALSO decode the
   information.  Even if it takes a super-computer going through the file
   bit-by-bit, eventually it will be decoded if the stakes are high enough.

EKACRYPT works in a slightly different way.  There are no magic wands
that you may wave over your private files and create super-secure and
non-crackable secret messages.  In fact, anyone with this program and
both cryptic files will be able to extract the information as fast as
the legitimate recipient can.

   It is assumed in implementing this program that YOUR computer is secure
   and your recipient's computer is ALSO secure.  The unknown variable is
   the transmission method, whether it be modem, floppy disk, or other media.

EKACRYPT takes a clear (non-crypted) file and creates a crypted file.
It then takes the crypted file and breaks it into two smaller crypted
files which are then crypted again.  Be aware, that during this process
a small compression routine is used, which may substantially shorten 
the total length of your file.

   By using different transmission methods for both halves, (say one by
   modem, another mailed on disk) you can prevent anyone with only one
   file of the set from being able to recover anything, NO MATTER WHAT
   RESOURCES THEY HAVE AT HAND.  It stands to reason that if you use
   EKACRYPT and promptly send both halves over your new modem, you might
   just as well mail a disk with the non-crypted file to whomever is 
   tapping your telephone...



* DATA SECURITY IN A MODERN WORLD

   If you are especially security conscious, you should be aware of a
   well-known "feature" of MS-DOS:

Files that are "deleted" still exist on your disk.  They CAN BE "un"-
deleted by almost anyone with rudimentary computer skills if they
gain access to the computer.  DOS does not erase the information,
it simply removes a file's entry from the FAT (File Allocation
Table - this serves as an "index" of what is on your disk.) while
leaving the actual data untouched (until it needs the physical space
taken up by the file for something else).

   Popular utilities such as Norton and PC tools exploit this "feature",
   and even if you dutifully erase the non-crypted file from your disk, 
   IT MAY STILL BE AVAILABLE TO ANYONE WHO USES THE COMPUTER.  Even using
   programs like Norton's WIPEDISK does not guarantee the information is
   no longer recoverable...  With the proper equipment, it is possible 
   to retrieve erased data from a computer disk, even if it has been 
   overwritten by other data.  If the Feds seize the box, they own
   every piece of data on it.

Therefore you should always use floppy disks to create and store
both the crypted and non-crypted versions of your data.  These can
be easily (and inexpensively) destroyed after they have served their
use, and offer the utmost in security if you are especially concerned.
Completely burning them renders their data non-recoverable by anyone.

   For even more safety, you could once again run each half of the file
   through EKACRYPT, creating FOUR totally-interdependent files which 
   will be useless if even one is missing.  This can be repeated again 
   and again, but you must re-assemble the files in the reverse order
   that they were created for decryption to work properly.  Anything
   else will result in a totally useless jumble of bytes on your disk.

The uses of EKACRYPT are simply limited by your imagination.  If you
should use a modem to transfer cryptic files, be sure to use an error
correcting protocol like Zmodem:  Even one misplaced byte will render
the entire file useless!


* USING EKACRYPT.EXE

   EKACRYPT is a command-line utility.  This means that all actions you
   wish to have performed by the program must be requested at the time
   you invoke it.  This is performed by what are known as parameters.
   For example, when you type "DIR *.*" from DOS, "DIR" is the command
   (or program) and "*.*" is the parameter (or instructions).

The command syntax for EKACRYPT is as follows, and must be typed from
the DOS prompt (usually A>, B> or C> - your prompt may differ):



 To encode (make a non-crypted or plain-text message crypted):

EKACRYPT e FILENAME.EXT OUTFILE1.EXT OUTFILE2.EXT
                                  
                                  > Output file #2 (any legal filename)
                      > Output file #1 (any legal filename)
          > Input (original) file
         > Command to ENCODE original file



 To decode (make a crypted file set readable again):


 When unencrypting files, YOU MUST ENSURE that the input files are listed
 in the correct order - THE SAME ORDER AS THEY WERE PRODUCED WHEN ORIGINALLY
 ENCRYPTED!!  Failure to do so will result in failure of the process.


EKACRYPT d INFILE1.EXT INFILE2.EXT CLEARTXT.EXT
                                 
                                 > Decoded (original) filename
                     > Crypted input file #2
          > Crypted input file #1
         > Command to DECODE crypted files


 For a brief summary of commands:

EKACRYPT ?




* THINGS TO REMEMBER

   During processing (encoding AND decoding) a file called EKACRYPT.TMP is
   created in the default directory.  This file is erased by the program on
   successful termination, but it - as all other files used by MS-DOS - can
   be unerased in the same manner as previously mentioned by almost anyone.

EKACRYPT will offer significantly better performance when run under a 
disk caching program.  If you have a hard disk and do not already use
such a program, you would be well-advised to get one.  The improvement
in speed on ALL your programs will make you think you have a brand-new
computer and will lengthen the life of the hard disk seek mechanism.

   Any damage to one or more of the encrypted files created by EKACRYPT, 
   will render the entire set of files useless for decryption.  It is 
   important to use an error-correcting protocol, like Zmodem, when 
   transferring files by modem, packet radio or other error-prone method.

Anyone who gets BOTH halves (or ALL of the files, in the case of multiple
passes through EKACRYPT) of the encrypted data OWNS THAT DATA.

   IT IS POSSIBLE these days to monitor a computer from quite some distance
   by using specialized equipment that detects the RFI leakage from your
   unit.  Anyone so inclined to do so can possibly see everything you do
   on the computer.  If your data is this sensitive, you would be better
   off not using a computer at all.  The equipment to do this is quite
   expensive, and if "they" want you that bad, you already know this.

Your computer is the weakest link in your security chain.  Consider the
damage you are susceptible to if an expert had control of it and use it
accordingly.

   If you use a tape-drive to make off-site back-ups of your business 
   data, you may be able to use EKACRYPT to prevent the loss of one copy
   doing irreparable damage to your organization.

The total number of input bytes which may be processed at one time is
limited to a maximum of 4,294,967,295 bytes, which should pose no real
problem for all but the most obscene of files.  Buy an AS/400.

   By creating off-beat filenames, it is possible to use EKACRYPT to
   "hide" sensitive data on your own computer.  This is only as secure
   as someone's patience in trying out permutations of all your files,
   assuming they know what they have encountered and can luck into the
   correct order.  You too will face this if you forget the filenames
   and their order...

If you still manage to get caught with your drug-smuggling receipts,
Swiss banking records, or illegal toxic-waste disposal records, remember
not to drop the soap...


* KUDOS

   EKACRYPT is the culmination of nearly 100 hours work and is based upon 
   the encoding methods used by the Israeli Mossad.  This method employs a
   cyclical binary array coupled to Huffman data compression.  Source code
   is available only by special request which may or may not be approved.

Requests for further information and donations (gasp!) may be forwarded to:

   Xenolith Associates
   ATTN: Don Kinstler
   P.O. Box 272 WVS
   Binghamton, NY  13905

This software and documentation is Copyright(1991) by Don Kinstler.
