Snuffle
From Wikipedia, the free encyclopedia
Snuffle is an encryption system designed by Daniel Bernstein and the subject of his court case, Bernstein v. United States.
Often lost in the discussion of Bernstein v. United States, the court case that overturned and eventually eliminated US export restrictions on cryptography, is that the subject of the case, Snuffle, was itself an attempt to bypass the regulations.
Snuffle showed how to use a cryptographic hash function, which was legal to export, as a strong encryption system, which was illegal to export. The irony of the case was that it was not the hash that was illegal, but the software that showed how to use it.
Snuffle source code is widely available on the Internet and included on the disks accompanying Bruce Schneier's Applied Cryptography. Although his court case was dismissed in October 2003, Bernstein still has not published his cryptography pages or the technical papers describing Snuffle.
In early 2005, Bernstein submitted an updated version of Snuffle, called Snuffle 2005 based on his Salsa20 hash function, to the ECRYPT Stream Cipher project.
[edit] How Snuffle works
Stream ciphers work by taking a string (the encryption key) and deterministically generating a bunch of random-seeming text from that key. That text is then XORed against the message you want to encipher. To decipher the text, the recipient simply hands the same key to the stream cipher and XORs the results with the ciphertext, resulting in the original message.
Snuffle simply works by using a hash function to generate the random-seeming text by hashing the key with sequential integers (1, 2, 3, etc.).