riordanmr@clvax1.cl.msu.edu (Mark Riordan) (05/17/91)
Archive-name: mail/privacy-enhanced-mail/rpem/1991-05-16 Archive: dcssparc.cl.msu.edu:/pub/crypt/rpem*.tar.Z [35.8.1.6] Original-posting-by: riordanmr@clvax1.cl.msu.edu (Mark Riordan) Original-subject: rpem: Privacy Enhanced Mail/public key program Reposted-by: emv@msen.com (Edward Vielmetti, MSEN) Announcing the initial release of "rpem", a mostly public domain Privacy Enhanced Mail system incorporating a public key encryption system. "rpem" is a program that encrypts messages and encodes the result into a printable form suitable for inclusion into mail messages. (Of course, unencoding and decryption are also provided.) In general, adherence to RFCs 1113-1115 is attempted, but complete adherence is not possible because a different public key scheme is used. Possibly of greatest interest to sci.crypt readers is the public key encryption code that comes with rpem. In fact, this project's goal was initially to provide simply the public key functions; the privacy enhanced mail program was a "demo" program that got out of hand. The public key encryption algorithm used in rpem is Rabin's: ciphertext = plaintext^2 mod pq (p, q are primes) The public component of the key is pq, and the private component is p and q. Rabin's algorithm is probably slower (on decryption) and less aesthetically pleasing than RSA, for instance, but it's in the public domain. Also, unlike RSA, breaking Rabin's scheme is provably as hard as factoring a product of two primes. A crude means of registering public keys via email to and anonymous FTP from dcssparc.cl.msu.edu is provided. This is not meant as a serious answer to the problem of public key distribution. rpem is distributed in source form via anonymous FTP from dcssparc.cl.msu.edu (35.8.1.6). Following the model of MIT Project Athena's Kerberos distribution, there are two files: pub/crypt/rpem.tar.Z for recipients in the USA, and pub/crypt/rpem_export.tar.Z for all others. If you are outside the USA, retrieve the latter file only. It includes everything in rpem.tar.Z but "des.c". Export of this software from the United States of America is assumed to require a specific license from the United States Government. It is the responsibility of any person or organization contemplating export to obtain such a license before exporting. Most of the code in the distribution was written by me, but the project would not have been possible without valuable contributions by Bennet Yee, Marc Ringuette, Arjen Lenstra, Michael Rabin, and Phil Karn. These people should not be held responsible for any shortcomings in the product. Nearly all of the code is in the public domain; a few routines are distributed under GNU-like restrictions. The source code is entirely in C. Some pains have been taken to make it portable; rpem has been ported to PCs running OS/2 and PC-DOS, and a number of Unix boxes, including Sun 3, Sun 4, NeXT, HP 9000/3xx, IBM RT, Silicon Graphics, VAX, DECstation, and Convex. If you port the code to another platform, please tell me what it took and send me the output from "make benchmark". I expect to make enhancements to this package, especially in the area of digital signatures. Hence, if you want a more polished product, I recommend waiting until later this summer. However, I have been putting off distribution of the package long enough. Besides, I want to take a break for about a month to work on another project. I'm not a genuine cryptographic expert. Send comments, criticisms, and suggestions for improvement to: Mark Riordan Michigan State University riordanmr@clvax1.cl.msu.edu -- comp.archives file verification dcssparc.cl.msu.edu -rw-r--r-- 1 200 staff 157442 May 16 03:03 /pub/crypt/rpem.tar.Z -rw-r--r-- 1 200 staff 151321 May 11 13:23 /pub/crypt/rpem_11May91.tar.Z -rw-r--r-- 1 200 staff 151026 May 6 15:18 /pub/crypt/rpem_6May91.tar.Z -rw-r--r-- 1 200 staff 150998 May 16 03:03 /pub/crypt/rpem_export.tar.Z found rpem ok dcssparc.cl.msu.edu:/pub/crypt/rpem*.tar.Z