|
1.
Why choose BlowFish over the other "script-based" FileMaker
encryption solutions?
a.)
The algorithm has been published since 1993 and
many security specialists have analyzed it and
attempted attacks. (With so called "script-based" solutions,
you only have the opinion of the seller, since
the "encryption method" has never been
analyzed by third party cryptographic specialists!)
Don't trust YOUR data to someone who simply SAYS "it's
secure"! Listen to the EXPERTS!
b.)
Blowfish has become a very popular encryption
'standard' and is used in MANY products, including
the popular TiVo™ digital
video recorders! Click HERE to
see a list of many of the current users of BlowFish!
c.)
The BlowFish plug-in tends to run MANY times
faster than interpreted scripts! This can save
you HOURS when working with large databases! (Even
DAYS in encrypting very large databases!)
2.
How do we know this plug-in really (and correctly)
uses Blowfish?
It has been tested with the testing vectors (known
input-output tables) published along with the algorithm.
Since the plug-in (and FileMaker Pro 7) uses multi-byte
character sets known as Unicode, the result tables
have been updated to reflect Unicode input/output,
and are provided in the download package for your
own testing and verification.
3.
Does the plug-in require any other libraries
or software
to be installed?
No.
The plug-in just requires FileMaker Pro 7, 8 or 8.5, FileMaker
Developer 7, 8 or 8.5 or FileMaker Server 7 or 8.
4.
Exactly what is in the download?
Windows
Version
An
ENCRYPTED, "ZIPPED" file containing
the Blowfish folder, which contains the plug-in,
sample databases
showing how
to use it and all documentation.
Macintosh
OS X Version
A
compressed file (sitx or zip) containing the
Blowfish "disk
image file" (dmg) which when mounted, contains
the BlowFish folder, that contains the plug-in,
sample databases showing how to use it and all
documentation. Simply "DRAG" the BlowFish
folder to your "Documents" folder (or
wherever on your Mac you wish to store it.).
5.
How short/long can the key be?
The key can be from 4 to 56 characters in length.
Keys longer than 56 characters use only the first
56 characters in the key. Keys at least 8 characters
in length or longer are recommended for security reasons!
(The longer, the better!)
6.
How many characters (or how long a string) can
the
plug-in encrypt?
There is no limit on the plug-in. The only limit is
the size of FileMaker database fields (in version
7, that is approximately 2 GB!)
7. Can I send the encrypted text in an email or
over IM?
YES!
The encrypted text simply consists of the "hexadecimal" Unicode
text characters: "0123456789ABCDEF" which
are compatible with any email, instant messaging
or other application that can handle simple Unicode
text (the normal text characters used in a Mac
or Windows PC.)
To
send the encrypted text, simply copy the encrypted
field text to the clipboard and paste it into any
email message. To decode any encrypted text you
receive in an email or message, simply copy the
encrypted text to a Filemaker field and decrypt
it with the BlowFish Plug-In as you would do normally.
HINT:
Sometimes in transiting thru emails, the encrypted
text gets added characters and line-feeds added
to it. To properly decrypt the text, these extra
characters must be removed before calling the BlowFish "Decrypt" function.
To remove any added characters, use the FileMaker
built-in text function "Filter", using
hexadecimal characters as the filter like this:
Setfield( <target
field>, Filter( <encrypted text>, "0123456789ABCDEF"))
Where <target
field> is the field you will pass to BlowFish
to decrypt, and <encrypted text> is the
encrypted text you received in the email or IM.
Then
simply call BlowFish's "Decrypt" function
on the <target field>, recovering the original
text!
8.
How do I install the plug-in?
Plug-in
files must be installed in the appropriate folder
and enabled in FileMaker Pro, FileMaker Developer
or FileMaker Server before they can be used. Simply
copy the plug-in into the FileMaker Extensions folder
inside the FileMaker application folder and enable
it in the preferences dialog box.
Windows: Choose Edit menu > Preferences.
Mac OS X: Choose FileMaker application menu > Preferences.
Then
select the "Plug-Ins" tab and make sure
it appears with a checkbox next to the plug-in.
9.
How do I get rid of the dialog box that shows
up when
I first use the plug-in each time?
Simply
register the plug-in from Sky Dancer for a very small
fee! Special rates are available for developers and
companies needing multiple copies.
10.
What do the modes "ECB", "CBC" and "CFB" mean?
ECB:
Electronic Code Book (ECB) is a mode of operation
for a block cipher, with the characteristic that each
possible block of plaintext has a defined corresponding
ciphertext value and vice versa. In other words, the
same plaintext value will always result in the same
ciphertext value. Electronic Code Book is used when
a volume of plaintext is separated into several blocks
of data, each of which is then encrypted independently
of other blocks. In fact, Electronic Code Book has
the ability to support a separate encryption key for
each block type.
CBC:
Cipher block chaining (CBC) is a mode of operation
for a block cipher (one in which a sequence of bits
are encrypted as a single unit or block with a cipher
key applied to the entire block). Cipher block chaining
uses what is known as an initialization vector IV)
of a certain length. One of its key characteristics
is that it uses a chaining mechanism that causes the
decryption of a block of ciphertext to depend on all
the preceding ciphertext blocks. As a result, the
entire validity of all preceding blocks is contained
in the immediately previous ciphertext block. A single
bit error in a ciphertext block affects the decryption
of all subsequent blocks. Rearrangement of the order
of the ciphertext blocks causes decryption to become
corrupted. Basically, in cipher block chaining, each
plaintext block is XORed (see XOR) with the immediately
previous ciphertext block, and then encrypted.
CFB:
Ciphertext feedback (CFB) is a mode of operation for
a block cipher. In contrast to the cipher block chaining
(CBC) mode, which encrypts a set number of bits of
plaintext at a time, it is at times desirable to encrypt
and transfer some plaintext values instantly one at
a time, for which ciphertext feedback is a method.
Like cipher block chaining, ciphertext feedback also
makes use of an initialization vector (IV). CFB uses
a block cipher as a component of a random number generator.
In CFB mode, the previous ciphertext block is encrypted
and the output is XORed (see XOR) with the current
plaintext block to create the current ciphertext block.
The XOR operation conceals plaintext patterns. Plaintext
cannot be directly worked on unless there is retrieval
of blocks from either the beginning or end of the
ciphertext.
11.
Can FileMaker database fields encrypted on a
PC be
decrypted on a Macintosh and vise-versa?
YES!!!
The plug-in is fully cross-platform compatible including all Windows
PCs and Macintoshes with either PowerPC or Intel processors.
12.
Do I need a separate license for both the PC
version
and the Mac version?
A.
Yes. The two versions of the plug-in use different
key schemes.
13.
How can I find out more about Blowfish?
Visit
Bruce's Official Blowfish WEB site!
Visit: http://www.schneier.com/blowfish.html
|
BlowFish
FileMaker Plug-in for Windows™ and Macintosh™
Purchase License(s)