riordanmr@clvax1.cl.msu.edu (Mark Riordan) (05/17/91)
Archive-name: mail/privacy-enhanced-mail/rpem/1991-05-16
Archive: dcssparc.cl.msu.edu:/pub/crypt/rpem*.tar.Z [35.8.1.6]
Original-posting-by: riordanmr@clvax1.cl.msu.edu (Mark Riordan)
Original-subject: rpem: Privacy Enhanced Mail/public key program
Reposted-by: emv@msen.com (Edward Vielmetti, MSEN)
Announcing the initial release of "rpem", a mostly public domain
Privacy Enhanced Mail system incorporating a public key encryption system.
"rpem" is a program that encrypts messages and encodes the result
into a printable form suitable for inclusion into mail messages.
(Of course, unencoding and decryption are also provided.)
In general, adherence to RFCs 1113-1115 is attempted, but complete
adherence is not possible because a different public key scheme is used.
Possibly of greatest interest to sci.crypt readers is the public
key encryption code that comes with rpem. In fact, this project's goal was
initially to provide simply the public key functions; the privacy
enhanced mail program was a "demo" program that got out of hand.
The public key encryption algorithm used in rpem is Rabin's:
ciphertext = plaintext^2 mod pq (p, q are primes)
The public component of the key is pq, and the private component
is p and q. Rabin's algorithm is probably slower (on decryption) and less
aesthetically pleasing than RSA, for instance, but it's in the
public domain. Also, unlike RSA, breaking Rabin's scheme is provably
as hard as factoring a product of two primes.
A crude means of registering public keys via email to and anonymous
FTP from dcssparc.cl.msu.edu is provided. This is not meant as a
serious answer to the problem of public key distribution.
rpem is distributed in source form via anonymous FTP from
dcssparc.cl.msu.edu (35.8.1.6). Following the model of MIT Project
Athena's Kerberos distribution, there are two files:
pub/crypt/rpem.tar.Z for recipients in the USA, and
pub/crypt/rpem_export.tar.Z for all others.
If you are outside the USA, retrieve the latter file only.
It includes everything in rpem.tar.Z but "des.c".
Export of this software from the United States of America is
assumed to require a specific license from the United States
Government. It is the responsibility of any person or
organization contemplating export to obtain such a license
before exporting.
Most of the code in the distribution was written by me, but the
project would not have been possible without valuable contributions
by Bennet Yee, Marc Ringuette, Arjen Lenstra, Michael Rabin, and Phil Karn.
These people should not be held responsible for any shortcomings in the
product.
Nearly all of the code is in the public domain; a few routines
are distributed under GNU-like restrictions.
The source code is entirely in C. Some pains have been taken to
make it portable; rpem has been ported to PCs running OS/2 and PC-DOS,
and a number of Unix boxes, including Sun 3, Sun 4, NeXT, HP 9000/3xx,
IBM RT, Silicon Graphics, VAX, DECstation, and Convex. If you port
the code to another platform, please tell me what it took and send
me the output from "make benchmark".
I expect to make enhancements to this package, especially in the
area of digital signatures. Hence, if you want a more polished product,
I recommend waiting until later this summer. However, I have been putting off
distribution of the package long enough. Besides, I want to take
a break for about a month to work on another project.
I'm not a genuine cryptographic expert. Send comments, criticisms,
and suggestions for improvement to:
Mark Riordan Michigan State University riordanmr@clvax1.cl.msu.edu
-- comp.archives file verification
dcssparc.cl.msu.edu
-rw-r--r-- 1 200 staff 157442 May 16 03:03 /pub/crypt/rpem.tar.Z
-rw-r--r-- 1 200 staff 151321 May 11 13:23 /pub/crypt/rpem_11May91.tar.Z
-rw-r--r-- 1 200 staff 151026 May 6 15:18 /pub/crypt/rpem_6May91.tar.Z
-rw-r--r-- 1 200 staff 150998 May 16 03:03 /pub/crypt/rpem_export.tar.Z
found rpem ok
dcssparc.cl.msu.edu:/pub/crypt/rpem*.tar.Z