ToringoCrypto uses some common cryptology algorithms to provide functions such as encryption, decryption and checksum calculating. Currently, this plug-in provides RSA and DES encryption, decryption and CRC checksum calculating features for REALbasic developers.

Since many REALbasic users are unprofessional programmers or novices, we will introduce the cryptology algorithms that ToringoCrypto supports briefly. We are going to introduce how to use these algorithms, and their advantages and disadvantages, instead of their basic theories and implementation. If you feel the names of these algorithms are strange, or know nothing but the names, we suggest that you read the entire content of this section.

In the end of this section, a typical case will be provided, which we hope will help you understand the uses of this plug-in and these algorithms.

Cyclic Redundancy Check (CRC for short) is a popular technique to determine whether data has been changed or not. The CRC checksum (also known as CRC value) of a piece of data can be deemed as its "eigenvalue". The CRC values of the exactly same data remain same. If changes are made to the data, its CRC value will alter accordingly. Therefore, comparing the CRC values of a file or a piece of data before and after copying or transmission can determine if the file or data remains intact, not destroyed or changed unexpectedly.

It is rare that the same CRC checksums are evaluated for different data. However, if you want to identify a group of data including tens of thousands of elements with their CRC values, you'd better use CRC 32. Furthermore, since Cyclic Redundancy Check isn't designed for this purpose, we recommend that you write extra code to handle the situation of different data having the same CRC values in coincidence.

Please see ToringoCRC module to learn how to use ToringoCrypto plug-in to get the CRC values of files on the disk or data in the memory.

Data Encryption Standard (DES) was a widely used symmetric encryption algorithm (symmetric encryption means the same password is used for both encryption and decryption). It transfers data which can be read and analyzed by human beings to an unintelligible form (called cipher) based on the password you provide.

Nowadays DES is rarely used because its password is short and the encryption isn't strong enough. In the latest version of FIPS-46 standard (FIPS-46-3), Triple Data Encryption Algorithm (TDEA) was introduced as the enhancive version of DES. TDEA encryption/decryption operation is the compound operation of DES encryption/decryption operations. Although its speed of encryption/decryption is slower than DES, its strength of encryption can satisfy regular security needs. Now TDEA is widely used in SSL (Security Socket Layer) and other fields. We suggest you use TDEA to encrypt data, rather than DES.

ToringoCrypto provides DES and TDEA encryption/decryption operations following the FIPS-46-3 standard (called ECB/TECB mode). Other modes of DES/TDEA algorithms are not implemented yet.

Besides TDEA, AES and Blowfish are also popular symmetric encryption algorithms. Encryption/decryption operations of these algorithms are provided by other third-party REALbasic plugins.

Please see ToringoDES module to learn how to encrypt/decrypt files or data basing on DES/TDEA with ToringoCrypto plug-in.

RSA is one of the most popular unsymmetrical encryption algorithms. It can be used for both encryption and signature. As a public-key cryptography algorithm, RSA only needs public keys (actually, the standard RSA algorithm needs two public keys) when encrypting. Although public key and private key have dependency relationship in mathematics, it's almost impossible to evaluate a corresponding private key by specified public keys. What's more, RSA algorithm itself doesn't have a limit on the length of keys, so that long keys can be used for security.

RSA is slow in calculating. Only a little data can be encrypted once for the limit of the algorithm itself. If a large piece of data needs to be encrypted, it must be divided into many little pieces and encrypted one by one, which will slow the encryption process down. Therefore RSA is usually used together with symmetric encryption algorithm. Besides, since a private key cannot be evaluated from given public keys, you are not able to specify keys by yourself like using symmetric encryption algorithms such as DES. Instead, usually a pair of public key and private key should be evaluated together randomly, before encryption.

Please see ToringoRSA module to learn how to encrypt/decrypt data based by using RSA algorithm with ToringoCrypto plug-in.

To expound the usage of the above-mentioned algorithm and ToringoCrypto, let's take an example of a program of cryptographic file transfer through UDP protocol (you can also imagine it as a function of some instant messaging software). Suppose two instances of this program are already running respectively on two computers A and B. Now the user of computer A has chosen a file and pressed the "transfer" button, then:

1. The program on computer A sends a request (use the Write method of UDPSocket class of REALbasic to send a set of specific chars) to the program on computer B.

2. The instance on computer B asks the its user whether to receive the file or not, after receiving the message.

3. The user of computer B presses the "receive" button.

4. The program on computer B calls method ToringoRSA.GetRandomKeys to generate a pair of public key and private key randomly, and send the public key to the program on computer A.

5. The instance on computer A receives the public key.

Since the program is usually used to transfer file of several Megabytes, but encrypting such a file via RSA algorithm directly may take several minutes. When design it, we consider using TDEA (or other symmetric algorithms) so that the speed will be much faster. So instead of encrypting the file with the received public key directly, the instance on computer A will:

6. First, generate a string made up of 48 Hex chars randomly (you can refer to the first example of method ToringoRSA.Decrypt ).

7. Encrypt the string with the received public key by method ToringoRSA.Encrypt , and transfer the encrypted password to machine B.

8. Use ToringoDES.Encrypt to encrypt the file with the 48 Hex chars as password.

9. Transmit the encrypted file to the program on computer B.

10. Since UDP protocol is not reliable, method ToringoCRC.Checksum will be used to compute the CRC32 checksum of the encrypted file. The checksum will be sent to computer B as well.

After receiving data, computer B will:

11. Call ToringoCRC.Checksum method to evaluate the CRC32 checksum of the received file, and compare it with the checksum sent from computer A. If the two checksums don't match, send a message to request the program on computer A send the file again.

12. Decrypt the received password which encrypted in step 7 by using ToringoRSA.Decrypt with the public key and private key generated in step 4 to get the original password.

13. Call ToringoDES.Decrypt method to decrypt the received file with the password just decrypted to get the original file.

Because the private key was never passed between computers A and B, even if all the data transferred between programs on computers A and B were intercepted and captured by the third party, it would be impossible to decrypt the data directly, which could ensure the security of the process of transfer.