TINYFISH - A BLOWFISH TINY VERSION 

This code is based on TINYIDEA, by Fauzan Mirza.
Author: 'Anonymous'  (This code is therefor PUBLIC DOMAIN)
Optimization and Documentation by 'Dutra de Lacerda' <dulac@ip.pt>


*** INTRODUCTION:

	BLOWFISH is an encryption algorithm created by Bruce Schneier,
	the author of the most respected "APPLIED CRYPTOGRAPHY" Manual.

	TINYFISH is implemented in a different way I would have done it:
	TINYFISH is optimized for size and flexibility while my version is for 
	ease of use, fool-proof and with security independent from intensity of 
	usage (TinyFish fails on this one).

	TINYFISH is a 'carry-anywhere' tool.


*** INSTALLATION:

	Put TINYFISH.COM on a Directory in the PATH.
	Copy the file "PI" to the root of your drive "C:\".

*** USAGE: 
	Once you are ready to start, run it as follows... at the Prompt:

	    TINYFISH + plainfile {Enter} ; to encrypt, or
	    TINYFISH - cryptfile {Enter} ; to decrypt.

*** ADVANCED:
	Since TINYFISH uses stdin and stdout for entering the passphrase,
	redirection will be available, meaning the passphrase can be inputted 
	from a file... and the echo can be sent to the NUL file.
	IMPORTANT: The Password, in a file, MUST end with a NewLine!!!

	    TINYFISH + plainfile < passfile > nul {Enter}
	    TINYFISH - cryptfile < passfile > nul {Enter}

	Additionally, when encrypting many files with common headers AND using 
	the same passphrase, the encrypted versions are the same until the 	plaintext files differ (this happens because no I.V. is used).
	Do NOT use it this way... Change the header in those files with some 	garbage data... This is a suggestion... and a warning.


*** TECHNICAL:

	This code (TinyFish) uses 32-bit register instructions, so it will not 
	run on CPUs older than the 386 (like 8088, 8086, 80186, V20, 20286).
	Will run on 386sx, 386, 386Dx and every 486 or newer CPUs.
	No check on the running CPU is made though. Sorry!

	Assembly was done using the excellent A386 Assembler, a successor 
	of the excellent A86 assembler only available to A86 registered users.
	Even A386 being suggested you may (?) use any other assembler.

	The BLOWFISH algorithm can be used with ANY block chaining mode;
	TINYFISH uses a CFB mode variation (as in TinyIdea) because it simplifies 
	decryption. In this CFB mode variation the algorithm operates only on the 
	CFB buffer; it is then XORed with the data to achieve the output. 
	
	The CFB buffer is then updated with the output, to further blocks 	processing. For decryption it is only necessary to reverse the order 
	of update and XOR. 

	BLOWFISH (and TINYFISH) requires initialization of the it's WorkData with 
	Random Data. This is done by loading the digits of PI as initial values 
	as part of the standard initialization procedure. However: 
	*ANY* other Random File will do. PI is only a very reliable source.

	PI Data is in a separate file, named PI, which must be kept in the same
	directory from where TINYFISH.COM is called, or in the root directory 
	"C:\"  which is a better choice.
	Using the "c:\" will eliminate directory searching and allow the use of
	only one file for PI...  also allow the usage of 'private' PI files in 
	your work directories, if you desire, thus increasing security.

	To use 'private' PI files, i do suggest to encrypt a PI file duplicate,
	in your work directory, and then encrypt it with any 'garbage' password.
	By 'garbage' we understood a password that will be forgotten and never 
	used again. Then you may use a NULL password just pressing <Enter>.


*** SECURITY: 

	BLOWFISH (used by TINYFISH) is a 16 round Feistel network, of 64-bit 
	blocks and with a 448 bit keyspace. Non-keyboard characters can be used 
	as input by using Alt-[numeric keypad] to enter the decimal ASCII code 
	for any character.
	
	You may use a file to store HUGE passwords, but remember that means the 
	password becomes dependent from your PC physical security.


	IMPORTANT: 
	This also applies to the PI file variants when a NULL password is used!!!

	At the present time there is no known cryptographic attack cracking a 
	standard 16-round BLOWFISH encryption. This means security is password 
	dependent... Meaning you should use BIG passfrases (or passfiles if you 
	have confidence on your machine's physical security. 
	
	Personally i would use a local PI file variant and use a passFRASE... 
	But you should know your own needs better.


Regards to All,
Dutra de Lacerda <dulac@ip.pt>

P.S. -	You may what to check my own "BLW-CBC.EXE", also with Sources in Tpascal:
	Search for "BLWC" in a FTP search engine as the Basic Name is BLWCBC??.ZIP
