Snuffle is an encryption system designed by Daniel Bernstein and the subject of his court case, Bernstein v. United States.
Often lost in the discussion of Bernstein v. United States, the court case that overturned and eventually eliminated US export restrictions on cryptography, is that the subject of the case, Snuffle, was itself an attempt to bypass the regulations.
Snuffle showed how to use a cryptographic hash function, which was legal to export, as a strong encryption system, which was illegal to export. The irony of the case was that it was not the hash that was illegal, but the software that showed how to use it.
Snuffle source code is widely available on the Internet and included on the disks accompanying Bruce Schneier's Applied Cryptography. Although his court case was dismissed in October 2003, Bernstein still as of 2007[update] has not published his cryptography pages or the technical papers describing Snuffle.
In early 2005, Bernstein submitted an updated version of Snuffle, called Snuffle 2005 based on his Salsa20 hash function, to the ECRYPT Stream Cipher project.
Stream ciphers work by taking a string (the encryption key) and deterministically generating a bunch of random-seeming text, called keystream, from that key. That keystream is then XORed against the message you want to encipher. To decipher the text, the recipient simply hands the same key to the stream cipher to produce an identical keystream and XORs it with the ciphertext, resulting in the original message.
Snuffle simply works by running the hash function in counter mode: generating the keystream by hashing the key with a message based nonce and sequential integers (1, 2, 3, 4, etc.) appended.