****************************************************************************** PT-76 February 1995 ****************************************************************************** 1. Product Description: CryptoMactic is a program for the Macintosh which allows one to select any file or folder on a hard disk and encrypt it with one of several encryption algorithms. The program also provides capabilities for erasure or sanitization of media. This product test addresses version 1.01. 2. Product Acquisition: CryptoMactic is available from Kent Marsh Ltd., 3260 Sul Ross, Houston, TX 77098. The retail price for the program is $99.00, but the vendor as well as wholesale sources have listed the program for half that amount at various times. The telephone number for Kent Marsh is 713-522-LOCK. 3. Product Tester: Chris Mc Donald, Computer Systems Analyst, Directorate of Information Management, White Sands Missile Range, NM 88002-5506, DSN 258-7548, DDN cmcdonal@wsmr-emh34.army.mil. 4. Product Test: a. I obtained a copy of the program directly from the vendor during a promotional sale. I have conducted tests over a five month period on different Macintosh platforms running at least System 7.0. b. The installation procedure followed the User Guide instructions without any deviation. As with other Kent Marsh programs, documentation instructs one to make a backup copy of the program prior to installation. The installation procedure requires the user to simply select the name of the startup hard disk on which the program will be installed. When the program has completed installation, the user must then restart the Macintosh. c. The installation procedure does require that one temporarily disable any virus protection software already installed. If one scans the installation disk prior to the procedure, this should not present a problem. It will be necessary in certain cases, however, to readjust one's anti- viral program parameters after installation. For example, I found that upon reactivation of Gatekeeper it alarmed on the CryptoMactic's extension loading on startup. d. One can begin encryption/decryption operations immediately. The installation program places a "diamond" as a menu item selection on the main Apple menu to the right of the Special menu selection. One chooses the file or folder to encrypt, and then selects Encrypt from the menu. One receives a window in which to enter the code key to be used for the encryption operation and an additional pop-up menu to select the encryption algorithm to be used. Once you have entered a code key, the program will prompt you to verify it. As the program encrypts the source file or folder, CryptoMactic erases the original file. e. Decryption of a file or folder proceeds in the opposite direction of encryption with the exception that upon selecting Decrypt from the menu one only has to enter the code key once to complete the operation. If one forgets the code key, it may still be possible to decrypt a file or folder with the CryptoMactic Administrator "override" capability. The documentation states that, since each copy of CryptoMactic has its own "internal signature", the Administrator override capability can only be used to unlock files or folders encrypted with that copy. Therefore, obtaining a single copy of the CryptoMactic Administrator should not endanger the protection afforded by CryptoMactic in general. f. I completed over 50 different encryption/decryption operations of files and folders of varying sizes. In all cases the operations were flawless and performed as documented. I attempted to utilize several disk editors to determine if code keys were present. I was not successful in finding any keys within the encrypted material. g. The program offers five different encryption modules: (1) LightningCrypt - a proprietary encryption algorithm developed by Kent Marsh. (2) QuickCrypt - a proprietary encryption algorithm developed by Kent Marsh derived from the Data Encryption Standard (DES) algorithm. (3) DES - Data Encryption Standard algorithm described in Federal Information Processing Standard 46-2. (4) DES-CBC - The cipher-block chaining implementation of DES. (5) Triple DES The speed of operations decreases from (1) to (5) with LightningCrypt the fastest and Triple DES the slowest. On the other hand, the inherent security of each module increases in the same order. The documentation, for example, describes Triple DES "as mathematically twice as secure as DES". I verified the speed of operations. I would refer the reader to several articles and a book by Bruce Schneier on the cryptographic strength of each module entitled "Protect Your Macintosh", ISBN 0-56609-101-2. h. CryptoMactic allows one to configure a number of preferences from the "diamond" menu. I verified the functionality and operational character- istics of these: (1) Encryption type - the selection of the encryption algorithm (2) Erase pattern - the selection of a pattern of ones, zeroes, and final values to sanitize media (3) Secure (unrecoverable) erase - the selection when erasing files from the desktop to preclude recovery 2 (4) Code keys are case-sensitive - the selection to make "A" distinct from "a" (5) Minimum code key length - the selection to prompt for a standard length code key (6) Confirm code keys - the selection to require verification of a code key (7) Display/Hide/Display code key as "*" - the selection to determine how a code key is displayed (8) Show icon at startup - the selection to have the CryptoMactic icon appear at the bottom of the Macintosh screen (9) Display menu in Finder - the selection to insert the "diamond" menu (10) Display progress bar - the selection to have a thermometer-style box indicate the progress of encryption/decryption (11) Show animation - the selection to have an additional animated sequence in the progress bar during encryption/decryption (12) Allow use over network - the selection to permit encryption/ decryption and erasure operations on network volumes (13) Skip applications - the selection to have CryptoMactic ignore application files when encrypting a group of files or an entire folder (14) Make self-decrypting - the selection to have an encrypted file turn into an application which will automatically decrypt itself when an user double-clicks on the file and enters the correct code key (15) Allow override - the selection to permit the CryptoMactic Administrator to decrypt a file or folder without use of the code key i. The "allow override" preference depends upon the CryptoMactic Administrator application. This application is not part of the initial program installation. One can choose to install it by opening the CryptoMactic Administrator folder on the installation disk and dragging the CryptoMactic Administrator file to any folder on the hard disk. I installed the application and successfully overrode several encrypted files with override permitted. I attempted unsuccessfully to override files with override disabled. CryptoMactic Administrator can be password protected. I tested this option which functioned as documented. I also used CryptoMactic Administrator to set preferences as described in paragraph 4h above. Under the application one can set preferences which a standard user cannot change. I verified the functionality of this option, but made no serious attempt to circumvent it. I did observe that, when I attempted to 3 change a preference as a standard user, the program presented a warning message that this was against my authorization. However, I did receive visual confirmation as to the specific preferences which I as the Administrator had established. There may be instances where an Administrator would not want a standard user to know all the preference settings. j. CryptoMactic provides a variety of erasure or sanitization routines to meet most user requirements. One has options to sanitize either a file, or unused/free space on a disk, or an entire disk. One has various erasure patterns to select. I tested all of the options with various erasure patterns selected. All operations performed as documented. I was unable to retrieve any information sanitized utilizing several disk editors and recovery tools. 5. Product Advantages: a. CryptoMactic appears to perform as advertised in providing encryption and sanitization capabilities. b. The program, given its many options and preferences, is reasonably priced. c. Although several programs provide self-decrypting applications, CryptoMactic offers more secure encryption algorithms. d. The program is easy to use for the individual user. 6. Product Disadvantages: a. Government users will require a waiver under FIPS 46-2 to protect unclassified sensitive information using the product's software DES implementation. Such users may also require additional information on the erasure/sanitization routine for applications involving classified national defense information. b. If one does not choose the "allow override" preference, then information may be lost if a user forgets a key. c. Key management in a large enterprise may present problems in the absence of sufficient personnel resources to implement centralized key administration as well as centralized installation procedures. 7. Comments: Kent Marsh has a sound reputation for its family of Macintosh security products. CryptoMactic continues that reputation. [The opinions expressed in this evaluation are those of the author, and should not be taken as representing official Department of Army positions or a commercial endorsement.] 4