NAME

pcp - The Pure Crypto Project encryption system

SYNOPSIS

pcp [-pure] -e|-d|-s|-ss|-v file|-pipe
pcp -wipe files

DESCRIPTION

This is a reference manual and therefore it is neccessarily incomplete and assumes that you are already familiar with the basic concepts behind public key cryptography and the Pure Crypto Project. You may want to access
"http://senderek.de/security/pcp-protection.html" to learn more about PCP's background.

PCP is a public key encryption software to protect email and data files.

It runs in two different modes, the CONSERVATIVE mode, which is the default mode uses SHA-1 as the hash algorithm under all circumstances. The PURE mode uses the discrete logarithm hash function SDLH for hashing that will depend on a user's hash key (hashmodulus and generator), stored in the key file. You can tell from a "..." you see every time SDLH is used.

PCP can be used to perform the basic functions of encryption, decryption, signing, verifying and wiping files. It processes one single file or works in a pipeline when the "-pipe" option is given on the command line instead of a file name. When the "-wipe" option is given, PCP will process any number of files.

OPTIONS

-pure The option ensures that SDLH is used as the hash algorithm for everything during this invocation of the program. PURE mode can be set permanently in the config file "pcp-mode". This option is useful especially when files are encrypted for a user who runs PCP in PURE mode and has his secret keys stored purely.

-e

Encrypt a file with a user's PCP key that can be selected by the user's identification string or selected from a list. The output file "file.pcp" contains only numbers giving no clue which key has been used to encrypt it.

-d

Decrypt a file using the encryption key in PCP's home directory and write the clear text to "file.clear". In case a decryption error occurs, i.e the hash chain used for encryption can not be recovered completely a chosen ciphertext attack is being assumed and nothing except a warning is written to the output file.

A user who runs PCP in conservative mode will create a SHA-1 fueled hash chain. If you decrypt such a cryptogram runing PCP purely you will use SDLH to recover the hash chain and consequently will fail to decrypt the cryptogram. This is the intended functionality!

You can ask your partner to encrypt the file again using the "-pure" option, if you insist on pure crypto or you may downgrade your PCP to conservative mode, implying that you use the "trusted-sha" directory and more importantly store your encryptionkey SHA-1 protected with only 8 pointers into the random data pool. The decision is up to you.

-s

Sign the file using your signingkey in PCP's home directory. The signature is appended to the message body and stored in "file.sig".

-ss

Create a signature stored in a separate file. The message is assumed to be in a file named without the suffix ".sig".

-v

Verify the integrity of a signature stored in a file. If the signature is separate the message is assumed to be in a file named without the suffix ".sig" and PCP will not work within a pipeline.

-wipe

Fills the files given on the command line with random data taken from a file wipedata and deletes it from the file system

CONFIGURATION FILES

There are two configuration files in PCP's home directory. $HOME/.pcp/pcp-mode PURE mode is enabled with "pure" in the first line. The default is CONSERVATIVE.
Checking the integrity of the signingkey at the begining of every invocation is done with SHA-1 when "fastcheck" is the second line. All other hashing is done with SDLH, only the integrity check at the start of pcp is speeded up.

Once you use FASTCHECK in PURE mode there will be warnings that the signed security hash is inconsistent with the computed one, which is indeed correct as you use coservative hashing compared to pure security hashes on the keys used.

$HOME/.pcp/pcp-comment The first line of this file will substitute the default comment. c:\pcp\pcp-mode and c:\pcp\pcp-comment Are the locations under WINDOWS.

FILES

There are two files in PCP's home directory which are security relevant for a safe performance. $HOME/.pcp/entropy This file is used to protect the secret keys. It is of utmost importance that you spend as much effort as possible to ensure that this file will contain at least 1 100 000 Bytes of truely random data. It is not sufficient to use a pseudo random generator to generate this file. $HOME/.pcp/wipedata This file contains random data used to wipe files. c:\pcp\entropy and c:\pcp\wipedata Are the locations under WINDOWS.

AUTHOR

Written by Ralf Senderek.

COPYRIGHT

All rights reserved. © 2003
This is free software. Use this software on your own risk or not at all. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

SEE ALSO

pcp - the Pure Crypto Program (http://senderek.ie/research/pcp)
protect-secretkey, read-pgpkey, read-sshkey, read-opensslkey, sechash, check-keys