A data security program with key management for e-mail,
for use under Microsoft Windows or DOS.
Penknife takes any secret key phrase, and transforms or
enciphers files into lines of jumbled ASCII text. The
original file contents can be recovered from the jumble only by
deciphering with exactly the same key. Files thus
protected can be saved locally, archived off-site, or sent by
e-mail without exposing their contents.
Penknife can automatically skip e-mail headers and
signatures when deciphering, minimizing the need for manual "fix
up." Enciphered alias files hold secret keys and allow them to
be selected by public aliases, thus minimizing the impact of
secrecy on ordinary users. Keys can be updated while users can
continue to use exactly the same alias in exactly the same way.
Dated alias allow access to old archived ciphertext protected by
Now available in Advanced, Commercial Demo, Decipher-Only
and Corporate versions for DOS and Microsoft Windows. Not for
For greatest ease and security, the user should have an
alias file. An alias file is an enciphered file of
public aliases and related secret keys. The user can thus
select one of many secret keys by supplying the key to the
alias file plus the public alias for the desired key.
In normal operation, the user supplies the input filename,
output filename (if different), the alias, and selects encipher
or decipher. The program requests entry of the alias-file key,
once. The program then finds the "closest" alias file, deciphers
it in memory only, finds the indicated alias, then uses the secret
key associated with that alias to cipher data.
The "generate" function in the advanced version automatically
creates or adds to a local alias file, and will encipher the new
key in a different file for transport. The transport file can
be used as a beginning alias file, or added to an existing alias
file, without deciphering the alias file.
Examples of Commands
- Encipher Multiple .TXT Files Using Alias
penknife *.txt *.pen /e /a fred
- Decipher Multiple .PEN Files In-Place Using Alias
penknife *.pen /d /a fred
- Decipher Using Key Active on Dec. 15, 1993
penknife file1.pen file1.res /d /a fred /m 93-12-15
- Change Key to Alias File
penknife penknife.mgt /d (Enter Old Key)
penknife penknife.mgt /e (Enter New Key)
- Encipher Particular Files into Ciphertext Archive
penknife file1.txt+file2.txt+file3.txt arch1.pen /e
- Easy to use under Microsoft Windows or DOS.
- Fast: About 80K bytes/sec (on a 486DX2/50).
- Strong: Uses a 63-bit internal key, with a
random 32-bit line key on each ciphertext line.
- Small: Under 50K including on-line help.
- Enciphers any file of any sort and recovers the
original data without loss. CRC error-detection checks
each deciphered file. CRC also detects the use of a wrong
- No "wrong" operating mode: produces only
network-transportable ASCII ciphertext.
- Transparently handles DOS or Unix text
- Will ignore e-mail "headers" or ".sigs" or
optionally pass them through to keep with the deciphered text.
- Can limit output files to under 48K for
- Optionally overwrites the original file,
thus (providing DOS cooperates) hiding the original data, even
from file-recovery programs.
- Ciphers one file, multiple files, or an entire disk
with a single command. Filenames being selected can be
simply displayed without ciphering.
- Supports enciphered batch files of commands.
- Ciphertext can be concatenated in secure
- A limited commercial demo can be
distributed for corporate evaluation or individual use.
- The straightforward secret key cipher is
much like using house keys or car keys.
- Uses patented Dynamic Substitution
technology. Does not infringe any known patents.
- Enciphered alias files for each user hold
and protect their secret keys.
- A public alias for each key selects that
key from among all others in the alias file.
- A user need only remember one key for their
alias file, instead of remembering every key they use.
- Aliases support the use of large random
keys for better security.
- Dated aliases support access to old
- Aliases can be kept on a floppy and
personally retained when not in use.
- A key-generation mode constructs a long
random key for a given alias. Groups can be given a single key
for all members to use with each other.
- Generated keys are automatically added to the local
- Generated keys are also placed in a separate
enciphered file for transport to the far end or for
distribution to other members of the group.
- New keys can be added to an alias file without
deciphering the file and thus exposing the keys inside.
- Key updates restore security periodically,
or when individuals leave a group.
- Painless key-update: The user continues to
use exactly the same alias to select a new key.
- Key-updates can be programmed in advance,
to support automatic company-wide shifts to new keys on a given
- Corporate version supports corporate key
Terry Ritter, his
current address, and his
Last updated: 1995-08-07