------------------------------------------------------------------------------MUTATi0N: Cryptography for Hackers/Phreakers & Others ===================================================== Version 1.

00, Released 7/27/91 Written By Professor Falken Copyright (c) 1991 ------------------------------------------------------------------------------INTRODUCTION: -----------Mutation was written with the Hacker, Phreaker, Pirateer and Almost-Average Joe in mind. Its purpose is to extend highly secure cryptographic systems to the end user of the program. This program uses a modified National Bureau of Standards DES (Data Encryption Standard) algorithm to achieve this purpose. Along with the normal Electronic Code Book cipher there is also the option of creating a Block-Chained cipher. I decided to write THIS program because I felt there was an inadequate supply of encryption utilities out there. Let me explain, the encryption utilities that were in the public domain (Shareware & Copyrighted) either employed insecure encryption algorithms or the key (password) length was much too short to make cracking it hard. Take Central Point Software's "PC-Secure" for example. PC-Secure employs NBS's DES algorithm but the key length is limited to 32 characters. While the DES standard is safe, a key length of 32 is not all that secure. Not to mention that I'm sure Central Point Software put some type of backdoor in the program just in case SOMEONE made a ciphertext that NEEDED to be deciphered via abnormal means. Another SHAREWARE utility is "The Private Line" the only thing private about the ciphers this program makes is they won't be able to be read your cat. The Private Line employs DES, however, their key length is a miserable 16 characters long. I think my 486-33 could bust these ciphers in a matter of weeks. Unlike these previous programs, and the hordes of other programs which follow in their footsteps, I am proud to release a highly secure, command-lined, low memory overhead, and portable cryptographic tool. BRIEFING: --------Mutation has a possible key length of 118 characters for Electronic Code Book mode, and 56 characters per KEY for Cipher Block Chaining's 2 key requirement. Not to mention there are NO known trapdoors written into this program. As for the DES algorithm, thats another story (See:TRAPDOOR THEORY). Mutation can be used in Electronic Code Book mode, which is the default mode if no options are specified, and a Cipher Block Chaining mode. The ECB(Electronic Code Book) mode uses only ONE key. A key is the password that you want to use to encrypt & thusly also decrypt the file with. While ECB only uses ONE password, CBC(Cipher Block Chaining) uses TWO passwords to encrypt the file with.

The files you wish to encrypt can be really anything. A list of telephone numbers, friends names, passwords for various systems, technical notes, where you hid the dead body etc. You can really encrypt anything. However, I would recommend at this time to stay away from encrypting EXE & COM files. There is a small bug in the program which will add a few bytes to the end of each file. While this will not effect the output of an ASCII file, it may mess up an EXE/COM file. I hope to fix this bug in upcoming versions. USING THE ECB OPTION: ----------------------In order to invoke the ECB option (default) of Mutation, all that is needed is knowing whether you wish to ENcrypt(+) or DEcrypt(-) the file, what password(KEY) you wish to use, and the INCOMING filename and what the OUTGOING filename should be. For instance, I wish to ENCRYPT a file called TELEFONE.DOC, I will use "fatcuntwhorecumbelchinggutterslut" as my password. I suppose I will output the ENCRYPTED text to a file called TELEFONE.DOC . You see, this makes sure that the original text is OVERWRITTEN and never seen again. Here's how its done: C:> m + fatcuntwhorecumbelchinggutterslut <telephone.doc> telephone.doc C:> OK, so now you have this nice file called TELEPHONE.DOC which looks so messed up, if you didn't know better, you'd swear its the face of your neighbors crack-smoking child. So, after an amount of time elapses you decide you need a telephone number out of that file. No problem. Enter: C:> M - fatcuntwhorecumbelchinggutterslut <telephone.doc> telephone.dec C:> Now, you can read TELEPHONE.DEC and get the phone number you need. But, if you noticed, I used a DIFFERENT filename for DECRYPTING the file. The reason for this is just in case I fucked up the KEY and it OVERWROTE my encrypted file with the incorrect decrypting KEY. So when I check out telephone.dec and see that it is FINE! I can then rename telephone.doc to something else, copy some bullshit file over its place, then erase it. See that way no one will be able to match your enciphered text with your deciphered text and figure out your key. See how easy it was?! USING THE CBC OPTION: --------------------< NOTE: CBC IS NOT AVAILABLE IN VERSION 1.00 OF MUTATi0N > < COMING VERSIONS WILL HAVE CIPHER BLOCK CHAINING ENABLED > The Cipher Block Chaining option is a little bit different from the ECB option, not to mention a bit more secure(See TECHNICAL SPECS.& NOTES). CBC requires you to enter TWO passwords(KEYS). Lets say we wish to use CBC on a file called TECHNOTE.DOC, we will use "everyonewantstobeabigshottheres" & "toomanychiefsandnotenoughindians" as the two passwords. We will output our ciphered-text to a file called TECHNOTE.DOC

C:> M + <cbc> everyonewantstobeabigshottheres toomanychiefsandnotenoughindians <technote.doc> technote.doc C:> Notice that all that text overran the current line and splashed down onto the next. This is NO PROBLEM. Mutation will use up the WHOLE command line for incoming keys/filename etc... So if you have a pretty long password/s don't worry about it wrapping over, just be sure to leave enough room for the filenames. NOTE: Names without extensions (IE ibmbios. ) ARE valid in Mutation. Ok, so you have this NICE enciphered text. I bet you would like to read it later huh?! Well, remember your KEYS, else your screwed. Ok, LETS DECRYPT! C:> M - <cbc> everyonewantstobeabigshottheres toomanychiefsandnotenoughindians <technote.doc> technote.dec C:> Thats how its done. No problem huh?! Once you verify that technote.dec came out correctly be sure to overwrite/rename/etc. the encrypted ciphertextfile before going on. TECHNICAL SPECIFICATIONS & NOTES: --------------------------------The Data Encryption Standard Algorithm was conceived by IBM in 1977 and was adopted by the National Bureau of Standards as the nations Encryption Standard. The Data Encryption Standard Algorithm is a block cipher that enciphers identical eight-byte plaintext blocks into identical eight-byte ciphertext blocks. Or more technically: it transforms an input block (file) into a string of output bits of fixed length(output file). The enciphering/deciphering functions are such that every bit in the output block depends jointly on every bit in the input block and on every bit in the password. This DES algorithm is also known as the Electronic Code Book (ECB). Certain files exhibit great regularity, with many identical eight-byte blocks (for example, a memorandum always begins with TO: ). Normally under ECB encipherment, such identical blocks of plaintext yield identical blocks of ciphertext (when using the same key). Repetitions of some other blocks may also be visible; for example, telephone numbers in the plain text when aligned with the eight-byte DES blocks, can be recognized as identical in the ciphertext. It is doubtful whether this phenomenon is a serious weakness: to date no technique has been found which uses it to determine the password or obtain usable plain text of alphabetic/numeric files. However, if the existence of identical blocks can be concealed, a cryptographic system is strengthened at least intuitively, because the amount of information available to the cracker is reduced. This is where Cipher Block Chaining comes in handy. By using Mutation's Cipher Block Chaining option it is possible to use DES in such a manner that identical eight-byte plaintext blocks virtually always yield different ciphertext blocks, without

altering the security of the existing algorithm. Thusly if you are encrypting a file that has a lot of repetition (IE- Indented source code, Spreadsheet, Listing) please use CBC to strengthen the code. However, as in life for every GOOD there is an EVIL, the CBC is easily cryptanalyzed on the basis of a moderate amount of ciphertext. You see, from enough enciphered short blocks, a cryptanalyst could recover the key, and then decipher each individual short blocks. But, I am not here to analyze various cipher systems, I'm here to teach the use of this product. CRYPTANALYSIS OF THE DES ALGORITHM: ----------------------------------So you ask, "Is DES crackable?" Well from a time standpoint, YES. But before you say "WHAT? I thought NO ONE could read it!" lets ask these questions: 1. Is it reasonable to assume that an opponent can obtain the required information to decipher the ciphertext. (IE-Finding them written down, extracting them from your head, etc.) 2. What is the computational COST of the attack? (IE- How much manpower, fast enough computing facilities etc..) 3. How much time does it require? (Can my opponent wait 30,000 years for the cracking of my text?) So it while it is TRUE that someone will be able to read your ciphertext, I really don't think they will care 10,000 years from now anyhow. But, just for the hell of it lets make a worst case hypothetical situation(I hate them). First, lets assume you have made a CBC cipher with two keys 55 characters per key. Second off, we MUST assume, that for some reason you have pissed off the WRONG people in the government (namely the people that effectively OWN the modified Cray Y-MP that the National Security Agency has) and they deem it necessary that they devote 100% of the computing resources to cracking your file. Third, we must assume your DEAD else, they would have used sodium-penathol a long time ago to get the KEY from you. Fourth- These government people plan on having their jobs AFTER the current administration leaves the White House. If all these pre-conditions are met, WELL, your up chunky-shit creek without a paddle. Because probably in 3-4 years they will have deciphered it. If DES keys were tested at the rate of one per 60 microseconds, the key trial would require in excess of 68,000 years. However, as critics are quick to point out: Massive parallelism and pipelining, the time to recover a key can be reduced to any value. In a pre-calculated scenario properly combining precomputation, a machine can be constructed that would recover the key with high probability in one day. The estimates of the cost are $5,000,000 with a precomputation time of 2 years. Even if these estimates are accepted, the way DES would normally be used, with Cipher-Block Chaining & Initial chaining value, would negate the advantage gained in the time-memory tradeoff. Thusly, it is VERY questionable if any organization would risk an investment of 5 million dollars and two years of precomputation under these circumstances. So really, your ciphers are very safe. TRAPDOOR THEORY: ----------------

Some critics of DES are leery about the methods of analysis used by IBM to validate the DES, and all such methods used by the National Security Agency, have been [CLASSIFIED] by the U.S. Government. Therefore, some critics have inferred that one cannot be sure that the statements by IBM and NSA about DES are as claimed. You see, the National Security Agency advised the designers that certain design criteria were considered by the agency to be sensitive. IBM was requested not to publish the selection criteria. Critics have suggested that special properties might have been incorporated into the design of the substitutions and permutations (aka Trap Doors) which would give a cryptanalytic advantage to a knowledgeable party. No proof can be offered to refute the existence of trap doors. Even if IBM, the National Bureau of Standards, or the National Security Agency were to reveal the criteria, there would undoubtedly be critics who would suggest that not all were revealed. The BOTTOM LINE is that after nearly 11 years of scrutiny, no viable method of cryptanalyzing DES has been discovered and published. Bell Telephone Laboratories & the Lexar Corporation examined the properties of the substitutions and permutations. While the Lexar Corporation reported some "peculiar" properties of the substitution boxes, to date, no feasible cryptanalytic for DES has been found. To keep the public happy, the Senate Committee on Intelligence conducted an investigation into the matter. The following summarizes the conclusions that were reached: 1. DES is more than adequate for its intended applications. 2. IBM invented and designed DES. 3. NSA did not tamper with the design. 4. NSA certified that the DES was free of any known statistical/mathematical weakness. 5. NSA recommended that the Federal Reserve Board use DES for electronic funds transfer applications. So if there is a TRAPDOOR or not, I really doubt they would risk releasing of their trapdoor to the public & intelligence community at large just to decipher some piss on the wall hackers file (Their point of view). PASSWORD LENGTH: ---------------In the past there has been a tendency among users of cryptographic systems to use a word or a name as a key. Today this procedure is VERY unsafe. There are a fewer than a million words in an unabridged, and fewer than a million names in the largest telephone directory. That number of potential keys could be tested in a few minutes on a powerful computer of today. Even the use of eight randomly chosen ASCII characters is unsafe. If a DES key is introduced directly, it should consist of 32 or MORE ASCII characters (IE-A-Z,a-z,0-9,and punctuation, and ALT-key combinations). You see by having Mutation being able to use 118 bytes of password, the user might, for example, enter several words chosen randomly and independently from an unabridged dictionary. Or the user may enter some phrase from a song or TV commercial. It is essential that these choices be made in such a way that the key cannot practically be found

by an opponent, either by guesswork or by enumerating some plausible set of keys. HINTS & EXTRAS: --------------< NOTE: CIPHER BLOCK CHAINING (CBC) IS NOT AVAILABLE FOR > < VERSION 1.00 OF MUTATi0N, FURTHER RELEASES WILL FIX THIS > Mutation in ECB mode can use KEYS up to 118 characters in length. In CBC mode, it can use TWO KEYS, with a maximum of 56 characters per key. That is assuming your using one letter filenames. Example: C:> m + <cbc> passwordOne passwordTwo <A> B This would give you A. as your input file and B. as your output file. The LARGER the password you use, the STRONGER the ciphertext becomes. So a 118 character password is MUCH better than a 70 character password. However, in Block Chaining, having two 56 character passwords are even STRONGER than one 118 character password. For the STRONGEST ciphertext possible, I suggest using Cipher-Block Chaining, with 56-char. passwords. Note, that you could use a 100-character password for KEY1 and a 18 character password for KEY2. Or a 34-character password for KEY1 and an 84-character password for KEY2. Just realize that the numbers can be swapped around, and just make sure its as long as possible for the STRONGEST text. Sometimes making the LONG password is about as much bother as it will be for someone trying to break it. Here are some ideas for making up these LONG keys: 1. Sentences from books. 2. Phrases from obscure songs. 3. TV/Radio Commercials. 4. A column from an old newspaper. 5. Make up a short story. 6. Make faces with the ASCII chars. :0 :) ;) etc. I'm sure you can think of other things to write about, like maybe your first screw, but that may too personal, incase someone breaks it. ALSO make sure you PROPERLY dispose of the ENCRYPTED filename, that you just decrypted. First copy a file over, then another, then to be safe, copy another, then rename the fucker, THEN erase the SOB. It would also be nice to have this program setup in your PATH. So that you can encipher stuff all over your harddrive! When the nice men in jackets come to borrow your computer don't let them have all your data that easily. CONCLUSION: ----------This documentation is A LOT longer than I intended it to be. In fact I shouldn't have written all that, I probably confused a lot of the readers. Oh well, you should be able do discern how to run the thing from the previous text and the small example built into the program. I would now like to thank Legions of Lucifer-Phuck for releasing this product on their intercontinental distribution system. I really

helps a program when it has access to a WIDE dispersal network. Again, thanks LoL-PHUCK. Earlier, I mentioned 'portability' of this code. The code is in 'C' and is quite portable, but I am not releasing the code for various reasons. First, there is the possibility that someone will be able to figure out how the DES code was modified by myself, and secondly I plan to release this on AMIGA & MAC computers. I plan on having the AMIGA version out sometime in the summer of 91'. The MAC will have to wait a few more months. Anyhow, greets go out to: All X Legion of Doom members hanging out and around, P/H/A & Doctor Dissector (KC3.0 is the BEST!), Prometheus, Sir Hackalot, Ex-Phortune 500s UNITE!, Shawn-Da-Lay Productions Wheres the NEW version of Telix Hacker?!!, Brew Associates Where RU?, L.E. Pirate(What happened to Dragonfire?!oh no)(What Cult of the Dead Cow?), The Rebel(716), 2600 Magazine(About time I get that damn subscription information-1.5 months later), Phrack Magazine, Mondo 2000 Magazine (Wheres my subscription fuckers?), Twisted Sector, The Ranger, The Viper, Slavelord, and all the others who give me phree file points... Not that I am partial to people who give me free points or anything.(haha) And for EVERYONE who I left out- YOU TOO! Anyhow, this ends this SUMMERs(1991) IBM program release schedule for me. Hopefully, you will see something from me sometime soon, other than updates to this and CNA Inquiry. Programs released to date: 1. 2. 3. 4. - Professor Falken = Ex-Legion of Doom! = Ex-Phortune 500 Automated CNA Finder Phreak Tools v1.x CNA Inquiry v2.x MUTATi0N v0.x Beta (1989) (1989) (1991) (1991)

MUTATi0N - Version 1.00 Conceived & Written by Professor Falken 6/91 Copyright (c) 1991 Released by Legions of Lucifer-Phuck #