Public-domain DES commands, library and utilities by Phil Karn, KA9Q This file last updated 21 Dec 1987 The makefile compiles everything and runs test data (from the NBS certification suite) through DES. Everything runs as-is under MS-DOS. For UNIX, change the name of the console in getpass.c. For big-endian machines like Pyramid and the 68000 (Macintosh, Sun, Amiga), comment out the definition of LITTLE_ENDIAN in the makefile. DEC VAXen and the Intel 8086 family (IBM PC) are little-endian, so this definition should be left in for them regardless of the operating system. If you get the byte order wrong, the test output in "certify" will say "ENCRYPT FAIL" instead of "OK"; just change the flag and recompile. The des executable (source in main.c) is a encrypt/decrypt filter compatible with Sun's des command. Included are uuencode/uudecode utilities for encoding and decoding the binary ciphertext from des into printable ASCII for secure transmission through mail systems. Radlogin is an experimental program for secure login over insecure channels (like packet radio). It runs under Berkeley UNIX only. Make it the shell for a special, password-free login (e.g., "radio"). When it starts the user will be asked his REAL login name, which is then looked up in /etc/rkeys. (This file must be protected since it contains DES keys). The time of day is then printed in hex as a challenge, and the user must encrypt it using DES and his key and type the answer back. The user uses the program "descalc" to perform his local calculation. All this is very clumsy; at a minimum it requires Doubledos (net.exe in one partition, descalc in the other) and manual retyping of the challenge in plain and ciphertext form. Ideally this should be part of net.exe, invoked perhaps by a special telnet option after the user's name is entered. If the client telnet refuses the option, it sends an ordinary password prompt; otherwise it does the authentication and bypasses the password. The format of /etc/rkeys is as follows: user_nameDES_key_in_hex karn 0123456789abcdef n4hy fedcba987654321 This is all experimental, of course; improvements are most welcome. Phil