What Others have said or printed about Cryptosystems Journal

This web page was compiled from text which has appeared in actual issues of Cryptosystems Journal.

I have extracted that text, so that people can say in their own words, their thoughts about Cryptosystems Journal.

These have been listed in reverse chronological order (most recent Volume first).

Volume Four

"Many thanks for calling my attention to the fact that I failed to renew my subscription to the estimable Journal. It was unintentional and probably unavoidable: toward the end of 1994 I became very ill, and am now recovering. I believe I qualify for the $10 discount for retired persons: I am 78 years old and retired from my lifetime engineering career May 1982.
I enjoy the Journal very much, although I do not seem to have enough time to spend on cryptography -- too many other hobbies and distractions! But the subject is of considerable interest to me. I am busy installing programs on my two new computers (486DX2's -- one laptop and one desktop). And I have to learn Windows ... which I hoped I never would need.
I really look forward to delving into Volume 3 -- It's more intriguing than an Agatha Christie novel! I am truly delighted and impressed with Volume 3. It is a work of art as well as a real reference tome! Thanks for the great job on the Journal -- it is a real contribution to the state of the art for crypto enthusiasts."
-- We. A. Whitcraft, Jr., Massachusetts
"To be perfectly honest, I wouldn't have been surprised if you never completed Volume 2, because the amount of work that you have had to put in to each volume must have been stupendous -- you've got to run out of gas sometime!
Even though we're quiet, we're still a patient and very impressed audience, and I'd personally like to let you know how much we appreciate the enormous amount of work you've had to do to make the Journal available to the rest of us.
Thanks again for your efforts, and very best regards."
-- William J. Riordan, Massachusetts
"I especially like the wide ranging content. It makes a good companion to Cryptologia. Keep up the great work."
-- Stuart Bouchey, Virginia
"Cryptosystems Journal is thorough & unique."
-- Guy Cole, California
"I especially like the articles concerning the random number generation. The RANGER Device is certainly the best random number generator."
-- Jerome Delcourt, France
"I drifted away from a cryptology hobby last year but current reading of SCI.CRYPT has rekindled an interest. Your letter could not have arrived at a better time. Your discounts seem to be very generous but I am not sure are all that wise. I am sure that you cannot make a profit with the Journal, but you must be able to cover expenses and pay yourself minimum wage."
-- A. Duncan Chiquoine, New York
[It is true that this is a "labor of love", it was Henry Ford who said "see how much you can give for a dollar instead of how little". (full quote is in Volume 1 Number 2].
"Cryptosystems Journal makes interesting reading. Additional articles of information (e.g. the book reviews) are good too. You put a lot of work into it -- Thank You!"
-- Dr. Stanley Cohen, New York
"I especially like the fact that you've been reviewed favorably by Cryptologia."
-- Mark Johnson, California [Indeed, page 11 contains the review of Volume Three which appeared in Cryptologia.]
"I am impressed. Your WIN_FREQ.EXE ran just as advertised. It is especially handy because I don't have to permanently install it in WINDOWS which is already cluttered.
And, the Journal is right down my alley. Not that I'm a programmer, just a little Quick Basic; or a cryptanalyst (some of the editors at Cryptologia will agree).
In the Journal I got to your comments on the Bacon cipher, and then to page 37 where you sing the praises of Steganography. You are indeed a fellow of my own perceptions.
While trying out your disk I ran a Julia program without knowing what I was doing. Fortunately, the HP LaserJet 4 was on, and I got six of your beautiful fractals. You are a very clever fellow, Mr. Patti. My regards."
-- Penn Leary, Nebraska
"I have read Volume 3 once, cover to cover, and am now re-reading selected portions. Another great intellectual result."
-- Hugh Roberts, E-Mail
"Just got Volume 3 ... looks great ... can't believe how far the Journal has come since Volume 1 Number 1."
-- David Hamer, E-Mail
"Although I am still a paper and pencil cryptographer, I have thoroughly enjoyed reading and re-reading your previous three volumes, which I received as a Christmas present. Enclosed is my subscription renewal for Volume Four."
-- Joseph Oefelein, New Jersey
Lou Kruh wrote in Cryptologia (Volume 19, Number 3, July 1995):
"It has been about 2½ years since the last issue of this excellent journal. Most of the delay was caused by a house fire but it has been worth the wait as Patti has produced his largest cornucopia of cryptologic nuggets to date, and in color.
Articles include Borland's Turbo Pascal Version 7, Frequency Distribution Program for Windows, Windows Random Number Testing, a tutorial on the PEAK Cryptosystem where the algorithm, key, and block size are all extensible, PGP (Pretty Good Privacy), A step-by-step guide for building and testing a GigaHertz RANGER Device (random number generator), Julia Sets, Feathery Fractals, the PostScript Language, and a major contributed story and program on Warlock, A New Matrix-based Paradigm for Public Key Cryptography.
There are also book reviews and many other short articles on a variety of cryptologic topics. Diskettes contain files and executable programs for all featured algorithms, and Frequently Asked Questions (FAQ) from the USENET SCI.CRYPT newsgroup. To complete a terrific package, the masthead contains a Baconian cipher and the bar code at the top of each page is also a cipher.
A folder describing the Journal's purpose and the contents of each issue is available on request."
Professor Highland wrote the following in Computers & Security Volume 14 Number 7. I have a lot of respect for him -- he retired as a Distinguished Professor, was a Dean of a Graduate School, wrote 27 books, close to a zillion articles, and received many awards.
"Some seven years ago we called our readers attention to the Cryptosystems Journal when Volume 1 Number 1 appeared in 1988. It was a labor of love, published and edited by Tony Patti. That first issue was 31 printed pages. But its biggest feature to the crypto community was an accompanying set of three disks packed with helpful programs.
Now somewhat over two years since the last issue, Volume 3 [dated December 1994] was released. The delay was caused by the editor's home burning down and its concomitant problems. Fortunately he had followed safe computing practices and had off-site backups of all but the most recent critical materials. The 158-page, four-color journal was worth the wait. Even for the most avid speed reader there is enough material to keep busy for two or three months unless one was willing to give up going to work. Along with a copy of the current issue I received a note from the editor which stated: "hope that you will not be disappointed." I can tell our readers now that I am overjoyed by this volume.
Along with the printed pages are two 3.5 inch disks. Together they have over 118 programs and files covering 2.38 MBytes. Probably of most interest to the average computer security director or staff member, aside from the numerous articles and detailed testing and explanation is the availability in one place of the Cryptography FAQ. This is a 10 part selection for the SCI.CRYPT board."
Beyond Computing (a publication of IBM and the New York Times organization) published my letter on page 10 of the March/April 1995 issue:
"I agree with Dr. Sanford Sherizen's article 'Information Security Is Good Business' in the November/December issue: Today's communications infrastructure does leave a company vulnerable to computer criminals. However, there are two points that I would like to emphasize.
First: The greatest threats come from individuals within an organization itself, partly because these individuals have physical access to, as well as knowledge of, the systems.
Second: Encryption is the technology that requires the greatest resources to defeat, but with today's fast computers it requires few resources to implement. I receive many publications each month, but yours is one of the few I read from cover to cover.
-- Tony S. Patti, Editor and Publisher, Cryptosystems Journal, Holland, Pa."

Volume Three

"Your Cryptosystems Journal arrived as I started an illness -- Your Journal did as much to get me well as any medicine.
On the topic of APL (which was written about in Volume 2 Number 1) I know a little. For the PC-type computers there are 3 types:
1. Standard APL
  1. Scientific Time Sharing -- Probably best - about $600.
  2. I.P. Sharp now Iverson - Shareware - about $60.
    The shareware simulates the S/370 and is a bit slow below 20 MegaHertz.
    Both have extensive documentation.
2. Array of Array Extended APL
  1. Scientific Time Sharing APL II (for 386/486 only) - about $1600.
  2. IBM APL-2 (for any PC) - about $600.
  3. Iverson APL I386 - about $90. Their address is: Iverson Software Inc., 33 Major Street, Toronto Ontario M5S 2K9 CANADA.
3. "J." Iverson's Rewrite of APL, "The way it should be" (my quote) - about $30.
The first two types are very powerful and would be natural for crypto work. As shown in the book Mr. Babbage's Secret Tale of a Cypher and APL by Frantsen and published by Prentice-Hall. "J" on the other hand is another step forward in programming. Something for my retirement to master. It is the only APL that runs on my HP95.
Volume 2 Number 2 was most interesting. I enjoy your writing. You do good work."
-- John R. Clark
Professor Emeritus, Computer Information Systems and Mathematics
"Each Volume gets better. Far more professional looking now. We look forward to announcing availability and a review of Volume 2 in a forth-coming issue of The Surveillant. Keep up the good work."
-- Elizabeth Bancroft
Director, National Intelligence Book Center
"As the first subscriber for Volume 2, I would like to say the wait was worth it. What would I like to see? A simple thing. A version of ONE_TIME that works with RANGER but only results in ciphertext with uppercase letters or uppercase letters and numbers. Very simple minded, but I believe having merit for some uses where electronic transmission is not involved. I wish you good luck in your future work."
-- Stuart H. Bouchey, Virginia
[Ed: I completely agree. I had hoped to be able to create such a program for this volume, but we will have to wait until the next Volume.]
"It was very good to receive Volume 2, Number 2 of Cryptosystems Journal. You always exceed yourself in each issue and you set a hard task and a mark to beat."
-- Dr. Harold Joseph Highland, FICS
Editor-in-Chief, Emeritus, Computers & Security
"I especially like the ground level approach to everything".
-- Dr. Patrick Maslen
"I enjoy your writing and software."
-- John Barnard
"I just finished Volume 1, great job, though I haven't had a chance to play with the software. It's tough finding time when you work full time and go to school at night. Your exploration of Gauss-Jordan and matrices has both stretched my knowledge/abilities of math and given me new avenues to explore. I'm in an Engineering program and start Calculus next semester."
-- Cliff Wheatley, Pennsylvania
"Tony Patti has once again come out with an excellent issue of Cryptosystems Journal. Volume 2 Number 2 covers the SUMMIT cryptosystem, and includes articles on the Ranger device, computer graphics, reviews of books and products, and many other interesting topics. The tome runs some 118 pages, and comes with a program diskette."
-- The Computer Supplement #16 to the Cryptogram, July 1992, page 6.
"The author, who also edits and publishes this well written, information-packed journal and accompanying software does an amazing one-man-job while raising a family and holding a responsible full time position. His enthusiasm for cryptology is evident and once you read a copy of this journal you will not want to miss a future issue.
-- Louis Kruh, Cryptologia, October 1992, page 343.
"We have a collection of unusual publications this month. Tony Patti still prints his Cryptosystems Journal that's big on cryptography and chaos topics.
-- Don Lancaster, Electronics Now, November 1992, page 74.
The Nov. 1992 issue of Corporate Computing contains my letter to the editor which reads in part:
"I especially enjoyed "E-Mail Snooping" in your September issue. While this article focuses on employers' monitoring of employees' e-mail messages, there's a flip side to the coin: Corporate secrets are also at risk. Indeed, some years ago I caught (via system activity logs) a system administrator who made a practice of reading whatever confidential management documents she wished.
Encryption is the single best technology for ensuring information privacy of the type discussed in your article. I suggest your readers consider high-quality end-to-end encryption, wherein a message is encrypted at its source and decrypted at its destination. In this way, a higher level of data security is provided because the information does not exist as plain text at any intermediate point".
The Nov. 1992 issue of Infosecurity News contains my letter to the editor which reads in part:
"Your question about the origin of the term "Tempest" reminds me about one of the open U.S. Congress committee hearings covering computer security that I attended during the mid-1980s.
After the prepared statement by an employee of the U.S. Department of Defense, one of the congressmen asked if the term Tempest that had been used in the statement had anything to do with the phrase, 'a tempest in a teapot.' The DOD employee replied 'no'. Nonetheless, I feel that this phrase, 'tempest in a teapot,' is powerful at describing modern electronic technology in this context. You have a storm (see the dictionary definition of tempest) of electronic signals operating within a conductive and grounded teapot (oops, I mean case).
Also, tempest derives from the Latin tempus, meaning time, hence our word temporal. This is also an apt tie-in since electronic signals are hunted for, found, and measured with oscilloscopes and spectrum analyzers, which operate in the time and frequency domains, respectively.
In partial answer to another question that was raised in the issue, I suspect that some part of the decrease in purchases of Tempest equipment is related to the reports of shielded buildings being built. Clearly, if your entire building is shielded, you can purchase less expensive computers to go inside the building."
The following letter I wrote was published in Popular Electronics (August 1994):
"I want to tell you how much I enjoyed building and using the 125-MHz Logic Probe, which was described in the February 1994 issue of Popular Electronics. In the past I had used an oscilloscope to test circuit functionality, but I have found this logic probe to be considerably quicker, in part because the audible tone allows me to keep my eyes on the board instead of moving back and forth between the circuit board and the oscilloscope screen. I have been working on hardware random-number generation (very important for ultra-secure secret codes), using an array of 16 crystal oscillators, each of which operates up to 80 MHZ, so I especially appreciate the 125-MHZ bandwidth of the logic probe. Keep up the great work!
I sent the following letter to the Editor of Algorithm (A. K. Dewdney), and I understand that my letter was going to appear, but unfortunately the magazine has ceased existence. For those who are interested in the history of mathematics, I have included my letter here:
Dear Algorithm:
I was extremely pleased to see my favorite mathematical curve, Euler's Spiral, in Algorithm. I was disappointed that Cornu, and not Euler, was given credit for this curve. The standard equations for this curve are:

These equations are taken directly from Page 266 of Leonhard Euler's book Methodus Inveniendi Lineas Curvas Maximi Minimive proprietate gaudentes which was published in 1744 and is a celebrated work on the calculus of variations. The spiral does go by many names (which is testimony to its importance and utility), including "Euler's Spiral", "Clothoid" ("Clothoide" in French, "Klothoide" in German), "Cornu's Spiral" ("Spirale de Cornu" in French), and "Fresnel's Spiral" ("Spirale de Fresnel" in French).
The curve originated from Euler's study of an elastic spring. Euler acknowledged (on page 264 of his book) Johannes Bernoulli's work (in 1694 in his memoir Curvata Laminae Elasticae) concerning elastic lamina, but Euler is generally considered to be the first person to understand the real nature of this spiral. It was not until 37 years later (in 1781, shortly before Euler's death) that Euler determined and wrote the equations for the asymptotic points (at the centers of the spirals). Euler clearly worked with this spiral over an extended period of time.
Fresnel deduced in 1818 that the intensity of the illumination at any point of a diffraction pattern utilizes a similar equation (combining together a variation of the two equations shown above) into one equation for the variable "I" (for intensity). That is why these are sometimes called Fresnel's integrals.
It was not until 1874 (more than a century after Euler wrote of this spiral) that Cornu plotted Euler's Spiral (based on a table that Gilbert had published in 1861). The American Mathematical Monthly stated in 1918 that calling this spiral "Cornu's Spiral" is "highly inappropriate" based on Euler's previous work.
The equations shown above are Three Dimensional (x and y are functions of v). Using a version of my Pascal Program which displays three dimensional graphics with true 3-D perspective (previously written about in the March 1991 issue of Algorithm), the attached computer-generated graphic shows Euler's spiral in both its 3-D and 2-D greatness (this image and program were previously published in my Cryptosystems Journal Volume 2 Number 2). We stand today on the shoulders of giants...

Volume Two Number Two

"I am pleased to hear that you are continuing your publication. I should like to compliment you on your exposition of Galois Fields. It is the clearest and most understandable one I have ever read."
-- Marvin Kessler, California
"I identify with the gentleman in Volume 2 Number 1: my intro to the charms of hobby cryptography was also via Detective Fiction Weekly. My grandfather subscribed to it but cared only for the stories, so in the early thirties (in Los Angeles) I began solving 'grams. What with discovering girls and getting my first ham license (W6GAM) at about the same time in 1932, I began to drift away from other hobbies and never really got back into cryptography until after I retired some years ago. It follows that my mathematics is long behind me, unfortunately (and for some very strange reason I always got along better with quantum mechanics and complex variables than I did with matrix and set theory). I doubt that I'll ever be truly comfortable with the math behind your work, though I grasp enough of it to get an intuitive if not detailed understanding of it."
"After reading through Volume 1, the first issue of Volume 2, and running some of the programs, I am more than a little amazed at both the quantity and the quality of the contents of the Journal and the disks -- and all as a "spare time" hobby, and with a family to keep happy at the same time! I feel a bit guilty that I will not likely be a contributor of anything more substantial than appreciation and continued membership."
"I think that you are doing a fine job at maintaining a balance between enough challenge to make it interesting but not so heavy as to drive away all but very serious mathematicians. So keep it up (as much as you can); I especially look forward to excursions into chaos theory and fractals."
-- Burt Andrews, Maryland
"Another fabulous issue. I can't figure out whether the programming, the text, or the ideas are the best. But all are far superior to what is usually dispensed in any and all fields and I can only imagine how much work you put into it."
-- Dick Mesirov, Pennsylvania
"On page 89 of Volume 2 Number 1 you mention the MS-DOS PROMPT command. Below is the PROMPT that I have in my AUTOEXEC.BAT file (and which I claim no originality for). Try it! Maybe you'll like it too!!
PROMPT $e[35;44;1m$e[s$e[1;67H$d$e[2;67H$t$h$h$h$e[u$P$G$e[33;44;1m
Keep up the good work."
-- Bob Margeson, New Hampshire
"I've enjoyed Vol. 2, No. 1 very much, and have completed construction of the RANGER device [in Volume 2 Number 1]. During the construction, I thought of an improvement to your design; let me explain:
Why not have TWO oscillators (or even four, for that matter) driving separate 74LS161's. The output from the two least significant bits of each of the 161's then goes into 2 & 4, and 6 & 8 of the 74LS240. By using two oscillators that have almost the same frequency, one would obtain a "pseudo-Vernam" constantly wrapping bit counter number stream with a very, very long period. This "periodicity" is assuming that the oscillators will always start at exactly the same time, and at the same point in the output curve. probably real doubtful...
Further developing the idea, if the device had FOUR separate oscillators operating at as close as possible, but not identical, frequencies, you might be able to characterize the output as "QuadroPseudo-Vernamish" in nature... You would be concatenating four different constantly wrapping bit counter number streams. Each oscillator would drive a separate 161, and the LSB output from each of the 161's would input into 2, 4, 6, and 8 of the 240.
I may be wrong in my naming on the concatenating of the two [or four] bit counter number strings as the Vernam method. I got the idea from Kahn, pp. 397, last paragraph, wherein Moorehouse simply encrypted a 1K keytape with a .999K keytape and obtained a secondary keytape 999K in length.
Of course, from a hardware standpoint, the noisy Zener diode method is a lot simpler & requires less power.
Congratulations on another fine issue; I'm looking forward to V. 2 No. 2."
-- Hugh Roberts, Colorado
[Ed: Great idea! See the 16-oscillator RANGER device in this issue! The Zener diode is essentially analog, while the crystal oscillators allow an all-digital really-random number generator. Sixteen oscillators allows doing away with the 74LS161 counters and instead 74LS175 latches are used.]
[Ed: and a second letter from Hugh]:
I've been doing some reading in the area of voltage parameters for certain electronic components, i.e., outputs within operating voltage limits, and the thought struck me concerning a conversation we had some time ago about getting TTL oscillators that are of poor quality so as to induce an additional source of randomness. I recall that the manufacturers would not consider giving up their rejects. [Ed: this is true, I wrote to a dozen manufacturers and received nary a response]
Why not operate the TTL oscillator below its minimum standard operating voltage? If the idea is correct, the oscillator should operate less precisely below the minimum of its specified voltage. If you're operating your "matrix" of 16 oscillators and getting good results, why not have one of the oscillators in the first rank outputting really poor quality oscillations???
-- Hugh Roberts, Colorado
[Ed: perhaps a reader will try this and report on the results of this experiment. It would be possible to have two power supplies (with a common ground) -- a small 5-Volt power supply for the 74LSxxx IC's and a second (1 Amp) voltage-adjustable power supply for the crystal oscillators.]
The July 1990 issue of The Cryptogram contained a brief review of Volume 2 Number 1. The review stated that the issue contained "a virtual tutorial on the subject of Galois Fields" and several other "noteworthy articles".
The July 1990 issue of Cryptologia reviewed Volume 2 Number 1 and highlights "as justification for studying Galois Fields, Patti cites an NSA recruitment brochure which lists Galois theory as an important mathematical tool".
The August 1990 "Hardware Hacker" column in Radio-Electronics contained an announcement of my free 3-D "Lorenz Attractor Owl's Mask chaos theory programs". This program is enclosed on the diskette in this issue.
The book "The Magic Machine: A Handbook of Computer Sorcery" contains (as a reprint of the April 1989 Scientific American), mention of Cryptosystems Journal on pages 305 and 347.
The March 1991 issue of Algorithm contains a "Letter to the Editor" which I wrote answering a question of another Algorithm subscriber about the Lorenz Attractor and describing and offering my 3-D Lorenz Attractor software.
The June 1991 issue of Computer Technology Review contains a letter I wrote entitled "Encryption has both a Public and Private Life". This corrected mistakes in the article "Encryption Angles, Multitier Complete Security Solutions" which appeared in the December 1990 issue. The thesis of my letter is that the secret-key-based cryptosystems which appear in Cryptosystems Journal are intrinsically more secure than the public-key-based cryptosystems which the December 1990 article erroneously presented as being the most secure available.
The December 1991 issue of Delaware Valley Computer User contained a letter I wrote talking about the easiest way to implement EDI (Electronic Data Interchange) for business computer communications. I wanted to demystify the process which a recent issue had portrayed as a very difficult and expensive process (it is not).
Volume 15 of The Computer Supplement to The Cryptogram contained mention of this journal and my offer of free cryptosystems (the GF and HILL diskettes).
Cryptologia Volume 16 Number 1 contains an article entitled "In Appreciation" where I am one of 34 people who are thanked for their assistance to Cryptologia.
And Computers & Security continues to reference Cryptosystems Journal in its "Abstracts of Recent Articles and Literature".

Volume Two Number One

"I find your journal very interesting and particularly like the straight forward style used therewithin. Your personal energy and vigor is quite visible throughout the publication. Please keep up the good work. I did wish to take the opportunity to encourage you in your editorial/educational pursuits; there are people out there who appreciate your efforts."
-- Mark Nadir, Florida
"My contact with cryptanalysis goes back to the early '30's when, as 12 or 13 years old, I used to try to solve the 'Aristocrat' ciphers that appeared regularly in a 10 cent pulp magazine called Detective Fiction Weekly. The feature was edited by M. E. Ohaver.
From there, I graduated to Helen F. Gaines classic text on Elementary Cryptanalysis which covers many, if not all of the encryption/decryption techniques available in her time. However, the war, earning a living, marriage and raising a family have all taken precedence over my cryptographic education, but since I have retired (2 years ago), I would like to once more achieve some expertise in this field. However, at the present time, I am little more than a dabbler in the simple substitution area, and not a very good one at that.
However, I have put together a rather extensive (and I think a very good) library of cryptography which I hope to delve into in the next few months. Since I will be 68 this month, time is running out.
In the mean time, my best sources of information on the subject, (just in case you are unaware of their existence are):
1. Aegean Park Press
  P.O. Box 2837
  Laguna Hills, CA 92653
2. Cryptologia -- a quarterly journal devoted to Cryptology
3. Tony Patti "
-- Marvin Kessler, California
[ed: I too have memories going back to approximately fifth grade. I remember a small black paperback book (title long forgotten) which covered many exciting secret topics including among other things writing invisible messages using lemon juice which magically appeared when heated. We are fortunate to live in a time where we have the intellectual tools (PCs) which can greatly expand our own capabilities. Although I have never had too great an interest in breaking codes, please read my review on page 83 in this issue of John Taber's CRYPT program which solves substitution ciphers. -- Tony]
"I especially like the following about the journal: Mathematical treatment of cryptography and the excellent computer implementation.
I would especially like to see the following subjects covered: Stream Ciphers, Public Key Systems, and possibly cryptanalysis of some of the algebraic based ciphers.
I know that the topics I mentioned could not possibly be covered adequately in one volume; however, I feel that focusing on ciphers which require "secret" keys is in itself insecure. Perhaps a volume devoted to Public Key Cryptography might be fruitful, if it is feasible within the philosophy of Cryptosystems Journal.
The other subjects I mentioned might be highlighted by references to good research sources or possible implementations/concepts currently circulating in those particular areas of cryptography. These comments are general at best and are only issued in a constructive manner. Your journal is an excellent source of material for the amateur cryptographer."
-- Chuck Perry, Texas
[Ed: I agree with you (and other readers) that there is much of interest in public-key (as contrasted with secret-key) systems. It is true that the secret-key systems rely on the secure distribution of the key via (typically) a low-bandwidth channel such as a courier. Public-Key Systems are indeed a topic which I hope to discuss at some point in the future. One problem I face is that the RSA system (which is arguably the best) is protected by U.S. Patent. However, there are other fairly secure public-key systems, and I should probably implement one of these in the future. -- Tony]
"I especially like the following about the journal:
1. the diskettes,
2. the detail within articles, and
3. the reviews.
I would especially like to see the following subjects covered: A section for neophytes as described in the letter on Page 7 of the last issue."
-- Cecil Collins, Canada
[ed: Indeed, many have said that the letter by "name withheld by request" was right on target and clearly stated the need for more tutorial articles. I hope that this issue continues to bridge this gap. When I was in school I always preferred to write a computer program versus writing a paper -- with a program you generally know when you are done -- with a paper (or a journal!) there is always a feeling that more could be done to improve the writing... -- Tony]
I especially like the following about the journal: "EVERYTHING"
-- Dick Mesirov, Pennsylvania
I especially like the following about the journal: "EVERYTHING"
-- Hugh Roberts, Colorado
I especially like the following about the journal: "The software you've written, topics discussed, and book reviews."
-- Waldo Winterburn, California
"I like the variety of programming languages and other areas (math, graphics, computer science, etc.)"
-- Greg Miller, Pennsylvania
"May I take this opportunity to add my voice to the chorus of compliments you have received on the quality of the Journal to date and to wish you success in the coming New Year."
-- Cecil Collins, Canada
"I especially like the following about the journal: "The good outlook, the references, and the tremendous enthusiasm.
I just finished reading through Volume 1, and am looking forward to Volume 2.
The Journal is very interesting -- I like its broad scope, and the many references and reviews. I too, would like to see more tutorial material ("Galois Fields"?). I admire your enthusiasm!
I think it is great to get the nuts and bolts information regarding cryptosystems implementations on the IBM PC. Certainly some of this material is widely applicable."
-- Tim Blancke, Massachusetts
"I agree that more explanations of the mathematics involved would be helpful. However, instead of reducing the number of issues, perhaps you could devote one issue to a program developed by someone else. I appreciate all the effort you put into your programs, but it must really eat into your free time. You must also be starting to feel burned out. Anyway, you've done a terrific job so far!"
-- Kenneth Madl, Colorado
[ed: It is true that the journal has taken considerable time and energy (the two fundamental particles in the universe?). It is also true that I don't have any free time, but I feel at this time that this is the most important contribution I can make to education and science. It is one way that I can give back something to this wonderful society and time that we live in. In some ways this is the very first time ever that these cryptosystems are achievable -- they require widespread and powerful computers with advanced compilers (there are something like 40,000,000 PCs in the world today). PC technology has been around long enough to be stable and develop a powerful base of software functionality; plus there is every expectation that PCs will be around for several more decades as a result primarily of advancements by Intel in developing even more powerful microprocessors (see further discussion of this topic on page 92). While others may concentrate their efforts on writing programs for computers such as the IBM 3090 mainframe, I much prefer to work one-on-one with a PC. Perhaps sometime in the future, someone will build upon the results of this journal just as today we build on the work of Lester Hill, David Kahn, and other giants. We can see further than ever before, not just because we stand on their shoulders, but also because we have the toolds today that were not even dreamed of a generation ago! -- Tony]
"Thank you for sending me the information I requested about your publication, Cryptosystems Journal. It looks like some of this material would be useful in our object code verification project. Also we may use the RANDTEST program in Volume 1 Number 3 to analyze the procedures we currently employ for sampling initiative petition signatures for verifications."
-- Donald F. Whiting
Assistant Secretary of State
State of Washington
[ed: Our free society is based, among other things, on the privacy and free speech rights of the individual. Cryptography is widely recognized in fulfilling these roles (coded secret messages were transmitted by our founding fathers in the 1700s). I am very pleased that today the application of cryptography, computer science, mathematics, and statistics has the potential application of ensuring the integrity of the free election processes which are also fundamental to our representative democracy. -- Tony]

The Journal has continued to receive exciting reviews:

Prof. Dewdney in the "Computer Recreations" column of the April 1989 Scientific American says that the issues of this journal "pursue [the] goal of describing and distributing state-of-the-art cryptosystems for IBM PCs and compatible computers".
Louis Kruh in the July 1989 and October 1989 issues of Cryptologia says that the "The successful introduction of this new journal dedicated to the implementation of cryptographic systems on IBM PCs (and compatible clones) has been followed by two impress issues." The journal "lives up to the promise of the prospectus and is an impressive effort."
Dick Mesirov in the Summer 1989 Computer Supplement to The Cryptogram (published by the ACA) states: "The journal is 100% computer oriented. Patti has a degree in computer science from the University of Pennsylvania and although I surely am not an expert on critiquing computer programming, I do know the difference between good and bad code. Patti's is very good.... For an insignt into current thinking, for a look at the type of ciphers we do not see in The Cryptogram and for a head start on what surely is the wave of the present and future I say 'subscribe'."
Also, I won the "phase place contest" in Don Lancaster's "Hardware Hacker" column of the September 1989 Radio-Electronics for the submission of the LORENZ Pascal program (also included on diskette in this issue of Cryptosystems Journal) in response to his April 1989 column. For those who are curious about electronics and would like to (or dream of) building things, Radio-Electronics is without peer. It remained in the electronics/hobbyist market even while others abandoned it for the apparent riches of the pure computer market (e.g Popular Electronics which went defunct but has since been revived). Don Lancaster's column is amazingly good and eclectic. He also writes great books -- I hope to describe his "The Incredible Secret Money Machine" in the next issue of this journal.

Volume One Number Three

"I recently read that the government is using something called 'STU-III for secure voice and/or data'. Can you explain what this is?"
-- Ken Madl, Colorado
[Ed: The STU-III is the latest member of the government's Secure Voice Programs. There have been a series of three such programs (the information in quotes is from the publication "Defending Secrets" reviewed on page 21):
1. The first program, initiated in 1977, was the 'Executive Secure Voice Network Program'. This provided 250 secure voice terminals at a cost of $35,000 each.
2. "The 'Secure Telephone Unit II' (STU-II) was developed by NSA in the early 1980s for protecting classified information up to Top Secret Compartmented, depending on the classification of the cryptographic key. The STU-II program also implemented a secure key distribution center. STU-II phones, which cost about $12,000 each, operate over ordinary telephone circuits and could be purchased until December 1986." There are more than 3,000 STU-II phones installed.
3. "NSA initiated the 'Secure Telephone Unit III' (STU-III) program in 1984 to develop a new generation of secure telephone equipment using classified NSA algorithms.... The STU-III program will feature the capability for multilevel security. The first production contracts were awarded in July 1986 to three vendors -- AT&T, RCA, and Motorola. They are authorized to market Type 2 products directly to the private sector. The 2-year fixed-price contracts totaled about $190,000,000 for 49,640 units. This is $3,828 per STU-III.
According to Motorola product information and price lists, the product family contains these two primary products:
1. The STU III/SECTEL (Secure Voice/Data Telephone Terminal) operates on a standard RJ-11 or RJ-45 phone jack and has a built-in 2400 bps modem. The cost is $2,944.
2. The STU III/DYNASEC (Secure Voice/Data CELLULAR Terminal) is interopratble with the above land-based STU-III but is designed to be mounted in an automobile and used with the cellular telephone network. The transceiver and other electronics are trunk-mounted. A 2400 bps modem is included in this model also. The cost is $9,995.
More information can be obtained from: Motorola Government Electronics Group 8201 E. McDowell Road P.O. Box 1417 Scottsdale, AZ 85252 ]
"I write for a number of reasons. One, because we both believe that cryptology is a marvelous intellectual challenge. Two, because I fully appreciate how much you need feedback from your audience. And three, because I am a retired college professor, slightly garrulous, who enjoys talking about my problems."
"Some years ago I purchased an IBM PC and enjoyed learning how to program it. Then I looked around for applications; not wanting to go the way of most hobbyists who end up collecting public domain software as though they were making a stamp collection. I then discovered the American Cryptogram Association and its Computer Supplement, which, by the way, leads me to you. I have written some programs to handle some of these classical, paper and pencil, cryptosystems but eventually concluded that I was working more with word problems than cryptology."
"Some reading about cryptology convinced me that modern cryptology was a better application to contend with; the problems are more challenging and the solutions are more closely tied to the workings of a computer, an emergent benefit for one fascinated by both topics. A bit more reading and it was quite clear that modern cryptology is applied math, far removed from the classical cryptology that I began with."
"And thus my problem. I am mathematically illiterate and am unable to read the books you have reviewed, although they exist in my library. I can get the general idea of what you are writing about in your Journal but only at the level of conversational knowledge. For me, the Journal appears to be written for people who already know what is being said and not the neophyte that would like to learn what the words mean. Thus I suggest that you have a section for neophytes, since I would like to believe that there are more of us, and that by following the specific suggestions in such a section, a veritable course syllabus, you would eventually bring us all to the point that we could then go back and reread the earlier issues. In my case, the only one I know, you can assume that I am aware of matrices from introductory books on computer programming, know what a prime number is, but no more than this of number theory, and that algebraic coding is only a book in my library. On the other hand, you can also assume that I am a computer literate."
"Individuals of my kind are simply overwhelmed by the knowledge that is assumed by practitioners such as you and with the best of intentions, cannot see how to proceed a bite at a time. To prepare such a map would not be a light undertaking and there would have to be enough of us to make it worth your while. At the same time it must be remembered that cryptology to the likes of us is a hobby and not a vocation, even to one retired."
"I enjoy the Journal in a vicarious way and have dreams of grandeur that I might someday be able to understand it. At least you have my financial support. I apologize for such an ego centered letter but it is the topic I know best. All good luck to your effort."
-- Name Withheld by Request
[Ed: I appreciate your letter enormously. It too has been my dream that Cryptosystems Journal could be of such a tutorial nature that I could teach all of the central crypto concepts, without assuming any previous knowledge in the field (particulary to someone who was eager to learn what has historically been a very esoteric field). It has become clear to me recently that I needed to do more -- that I was not doing enough in the pages of the Journal. Thus, your letter is very timely. I have expended extra effort, beginning with this issue, to explain the basics. I must confess that I too have found the mathematics to be the most difficult topic to this hobby. I have concluded that I have not achieved my tutorial goals because I have been spending too much time working on the programs which are included in each issue. It takes me a couple hundred hours (working in the evenings and on the weekends) to write, test, and debug the various programs. This has left me with only a few weekends to write the text of each issue. I have come to the conclusion that I might better serve Cryptosystems Journal readers were I to cut back next year to two issues per year (instead of three), but spend more time on the text and tutorial articles rather than spending most all of my time on the programs.]
"I would like to suggest that you put the text of the Journal on your diskettes in ASCII (or some other word processor format) for those of us who may want to manipulate it into something else. I use Ventura Publisher for all my documents, reports, etc.
Keep up the Good Work. I find Cryptosystems Journal to be 'absolutely fascinating'..."
-- Hugh Roberts, Colorado
[Ed: I thank you very much for your excellent suggestion. Based on your suggestion I had itended to include on diskette number 2 a copy of the text from all three issues in Volume 1. However, as you can see I simply ran out of room, and I did not have room to include the file for even a single issue. It turns out that the three issues occupy almost an entire 360KB diskette. However, I extend this offer to all readers: if you send me a blank formatted DS/DD 360KB diskette with a self-addressed and stamped diskette mailer or envelope I'll be happy to provide an ASCII copy of all three issues of Volume 1. I hope that when you send in your diskette that you'll also include a note with suggestions, comments, questions, topics for future issues, encouragement, etc.]
"I enjoyed very much your Volume 1 Numbers 1 and 2 issues. Here are some random thoughts. Some articles to publish in the future could be any or all of the following:
-- A Further Explanation and Methodology for the HILL System;
-- Similar Ideas for the R.S.A. Cryptosystem.
Some suggestions for future Book Reviews might be any or all of the following:
An Introduction to Cryptology
Henk C. A. Van Tilborg
Kluwer Academic Publishers. 1988.
Military Cryptanalysis: Parts I and II
L. D. Callimahos and W. F. Friedman
Aegean Park Press Cryptographic Series
Numbers 42-45.
Communication Theory of Secrecy Systems
C. E. Shannon
Bell System Technical Journal
Volume 28 October 1949 pages 656-715.
Special Section on Cryptology
Edited by Gustavus J. Simmons
Proceedings of the I.E.E.E. May 1988
pages 515-518, 533-627.
Again, you have done an excellent job; keep it up. It is my intention to continue my subscription."
-- Herbert M. Baruch, Jr., California
[Ed: Thank you very much for your letter and your suggestions. I would like to present an issue (including a working program) on the RSA cryptosystem. However, I believe there are patent licensing issues which would prevent me from doing so. In fact, the patent holders have even been active in keeping free public domain versions off of bulletin boards. The RSA Cryptosystem is protected under U.S. Patent Number 4,405,829 which was issued on 20-SEP-93. This patent is valid for a period of 17 years (through 19-SEP-2000). The patent is 20 pages long. Although the purpose of the patent system is to enhance science by disclosing to the public the technology of inventions, the 17 year period of exclusive rights appears to prevent even public domain versions unless licensed from the patent holders. While I'm on the subject of patents, I'd like to mention two others:
1,845,947 16-FEB-32 Weisner & Hill "Message Protector" This invention is a mechanical embodiment of the Hill encryption method.
4,037,093 19-JUL-77 Gregg et al "Matrix Multiplier in GF(2**m). This invention is electronics hardware for multiplying two elements in a Galois Field GF(2**m). It is also pointed out that this technique applies to matrix multiplication in GF(2**m).
If you would like a more complete list of cryptographic patents, I recommend:
United States Cryptographic Patents (1861-1981) by Jack Levine, and published by Cryptologia, Rose-Hulman Institute of Technology, Terre Haute, IN 47803. This 69 page book has page after page containing:
-- patent numbers
-- inventor's names
-- dates issued
-- titles of the patents
Beginning in this issue, I will be going into more details (with worked-through examples) of the underlying mathematics and computer science involved in HILL's and COOPER's algorithms.
I thank you for your list of additional books/articles to review. I would like to encourage any reader to submit such reviews for possible inclusion in future issues. As I've said before, I don't want to do all the learning!]
"I thoroughly enjoyed the second issue of Cryptosystems Journal. It maintained the high level of excellence established by the premiere issue. As to personal preference, I would like to see some programs in APL. Programs using Turbo Pascal version 5.0 are also of interest.
And, I would like to see some material on random number generators and particularly their testing. Kahn's book The Codebreakers indicates that Random Numbers were generated by the KGB by typists hitting keys at random. Tests show these numbers to NOT be truly random but also NOT insecure! Crypto AG has (or had) machines which made Random Number tapes from the decay of radioactive material as well as electrically noisy devices (a diode or transistor?). During the war, Random Numbers were generated by IBM punch card equipment. Linear feedback registers have been shown to be not good."
-- William Adams, Virginia
[Ed: This issue will accomplish many of those things you ask for. This issue includes eight programs in Turbo Pascal version 5.0. This issue includes the RANDTEST.PAS program to test random number generators. The next issue will cover the topic of random number generators. My primary concern is that improperly chosen random number generators may be the primary weakness which can be exploited by a cryptanalyst. I think you'll see some short APL programs next year. I agree that APL is well suited to the programming of mathematically-oriented cryptosystems (especiallythose using matrices and vectors such as HILL/COOPER). I am aware of the following book which deals exclusively with cryptography and APL:
The Standard Data Encryption Algorithm by Harry Katzan, Jr and published by Petrocelli (New York) and published in 1977. Although this book deals almost exclusively with DES, it does have a few pages (32-36) on a classical Hill implementation (including one page of APL). This book has a large amount of APL for implementing DES and includes detailed analysis and bitwise walk-through.]

Volume One Number Two

"I have enjoyed your Journal. I feel that is is one of the best bargains around. I was quite surprised to find 'real life' cryptosystems in Ada. Up to this time I have felt that only 'C' was efficient and powerful enough to implement 'production' Artificial Intelligence and Cryptosystems. Ultimately, AI will be revealed as a necessary component in solving complex ciphers."
-- Richard Colvard, California
[ed: I did have a lot of fun doing the Ada programming, and I'm glad the Ada programs expanded (by one) the number of languages you would consider for doing real work. Unfortunately, I still find the PC a little small for a language as big as Ada (and I suspect for serious AI). Oh well, we'll just have to wait until the Compaq 80486 machine comes out in 1990(?) ... ]
"I think you have done a fine job with the first issue. I particularly like your reviews and sources of information sections. Keep up the good work."
-- David Dodd, Pennsylvania
[ed: Thanks, I hope that the journal will serve as a springboard for further research and education in areas which you find interesting. Obviously, due to space (and time) constraints, I can only point you in the right direction. Therefore, I too find these sections particularly important. If any of you can recommend other sources of information which you think the other readers would find interesting, please drop me a note -- or better yet, send in a review!]
"Your One Time Pad System looks great! I was very interested in the chart on page 20 of the Journal which shows Hill cryptosystem key generation times. I wonder if your PC has a math coprocessor?"
-- Hugh Roberts, Colorado
[ed: Yes, I have a 80287 running at 10 MHz, but it is not used in the Hill program. In fact, since the math coprocessor is optimized for real (floating point) arithmetic, I am not aware of any crypto software which uses the coprocessor. However, this will change when I publish Volume 2 Number 2 (AUG 1989) which will use the COMP integer data type which is supported by the math coprocessors. The COMP type is an 8 byte INTEGER comprised of one sign bit and 63 "data" bits. Therefore, the integer range of the COMP data type is approximately -9223372037000000000 to +9223372037000000000. The only other integer data type which the 80x87 math coprocessor family supports is packed decimal arithmetic. This is a 10 Byte data-type (80 bits) which supports a range of -999999999999999999 to +999999999999999999. Both data types are considered to contain 18 significant decimal digits. Real number arithmetic is not used for cryptographic purposes because real numbers are only an approximation for most numbers - and information (and precision) can be easily "lost" when manipulating real numbers. For more information concerning math coprocessors, see the Sources section.]
"Your publication venture is off to a great start -- Congratulations! The first thing that I noted was the excellent tutorial nature of the entire issue -- marvelous for beginners but written in such a "user-friendly" manner that even old hands will not be bored in going through it. Especially enjoyed was your discussion of the Ada language. Your presentation put the whole matter in good perspective. Of great interest to me was the Book Review section, even 'though it is going to cost me some money. On page 31 of your first issue you refer the reader to David Kahn's memorable book The Codebreakers. As you are undoubtedly aware, a later edition was published some years ago, but was cut to the point that there was virtually nothing technical left in it -- evidently because some government agency did not want the general public to know anything about the technical aspects of cryptology."
-- Bill Whitcraft, Massachusetts
[ed: Concerning Kahn's book, a look in Books in Print at the local library showed the following entry:
The Codebreakers by David Kahn, 1967, $39.95, ISBN 0-02-560460-0, published by Macmillan.
Therefore, it appears that the complete 1162 page hardbound is still available (although at a somewhat higher price than the $25.00 I paid in 1980). Concerning suppression of information by the government, I recommend The Puzzle Palace by Bamford (see the Sources section) which states that the NSA requested that 3 paragraphs be removed from The Codebreakers -- and then Bamford tells what they were.]
"Congratulations on issue #1 -- it was truly an amazying effort! I was surprised and gratified to find documentation along with the computer disks. How you can find time for such an extensive effort is beyond me. Your group programming project sounds intriguing, and I'm more than willing to help out with the programming. Keep up the good work -- I'm very impressed!"
-- Ken Madl, Colorado
[ed: I really appreciate your help. In particular, Ken helped with the new LINE.PAS function which performs line-at-a-time comparisons of two files. This goes beyond the byte-at-a-time comparison which was previously extant. The request for participation has been answered/accepted by several other readers, and I appreciate the help and encouragement -- I do not want to do all the learning! If anyone else is interested in participating, it's not too late, just drop me a note...]
"Congratulations, for your first issue of Cryptosystems Journal. The programs have been excellent. I understand the one-time-pad to yield unbreakable ciphertext when used with a perfectly random key. Computerized random number generators are not perfectly random. Therefore, one-time-pads implemented with less than perfectly random keys are breakable. A cryptanalyst could get the program, evaluate the weaknesses of the random number generators, and exploit the key generator weaknesses."
-- John Brewer, Hawaii
[ed: You are absolutely correct. You have elegantly stated the point that I was trying to get across on page 10 of Volume 1 Number 1. As keys contain more and more bits, they account for larger portions of the stream of bits output from a random number generator. Also, although a key may contain 100000 or more bits, if the random number generator which generates the bits is "randomized" with only a 16-bit seed, then the cryptanalyst need really try only 2**16 possible keys (rather than 2**100000). It therefore becomes vitally important, that you not rely on the random number generator which is built into a compiler. You must strengthen the built-in random number generator. Future issues of Cryptosystems Journal will cover the testing and generation of strong random number generators.]
"I wish you luck in your endeavor. Being an editor is no easy job, so stick to it. You mentioned the works of Hill and Cooper a number of times, but nowhere do you list the papers. "
-- Rudolph Lauer, Maryland, Author of "Computer Simulation of Classical Substitution Cryptographic Systems"
[ed: You were not the only one to note my having accidentally left these out. This issue's Sources section, contains the citations. More importantly, the text of the three articles (Hill wrote two articles) are in electronic form on the diskettes containing my free public-domain cryptosystems. The articles were reproduced with permission of the publishers.]
"I enjoyed the first issue of your journal very much. I liked the programming examples, with the chance to fiddle with the code. I also like the opportunity to learn a new language, not to mention the book reviews. I learned many things from this issue, and hope to continue to do so. Could you elaborate on your idea of using keyboard keypresses (page 10) as part of a random number genearator?"
-- John Peter Taylor, Virginia
[ed: A sample of the technique I was referring to is actually part of my public-domain HILL program (in Turbo C). When you choose the "Generate A Key" function, the message "Type various characters on the keyboard in order to get more randomness..." appears. If you type characters at this point, they echo back as asterisks. It is possible for you to enter up to approximately 1000 characters (when utilizing the larger sized matrices). These keypresses are entirely optional; if you do nothing, the program just uses its regular random number generator. What my HILL program does is not too sophisticated, but it should give you some ideas of what is possible. My Hill program uses the 7-bits of the ASCII letter which is input as additional non-linear data. It also calls the randomize function every time you press a key. A stronger method would force the use of the keyboard, starting at the beginning of the key generation. Also, a stronger method would time the number of microseconds between keypresses, and use this as a piece of somewhat random data. Of course, this process of keypresses happens only once. After the key pair is generated, the key pair must be sent to the person with whom you are communicating. Since both encryption and decryption keys are generated at the same time, only one person needs to go through this process of entering keystrokes.]
"The first issue of Cryptosystems Journal was excellent. You have obviously put a lot of work into it. Cannot agree with [not wanting to do] bit manipulations, although I understand the rationale for not wanting to program at that level. Considerable information is included in the characters which should be removed to make ciphers more secure. The programs are good for educational and hacking purposes but I would be reluctant to use them for applications as is."
-- William Adams, Virginia
[Ed: The issue is not so much my not wanting to do bit manipulations, but the realization that the PC is better suited for other types of manipulations. There is much to be learned in optimizing a cryptosystem to a particular type of hardware, in this case the PC. I enjoy letting the PC do several hundred million arithmetic calculations to generate a key (this might take about an an hour). However, there is not much we can do in terms of making bit transpositions and bit substitutions more efficient. These are, indeed, tedious to program. I believe that the future will show that the really strong cryptosystems are based not on moving bits around (like DES), but on the application of number theory to cryptology (e.g. COOPER, HILL, and the RSA Public- Key Cryptosystem). I am pleased that you find my programs educational -- this was my goal. I do advise you to change one or more aspects of my programs before using them for "applications" because using a "standard" cryptosystem invites easier cryptanalysis. You are correct that "considerable information is included in the characters". That is the reason why my programs randomize the eighth bit of ASCII text. My programs also split the characters into two halves (nybbles) prior to processing, and then add additional random bits to each half.]
"A one-time-pad is useless in encrypting files to be stored on disk [my emphasis]: In that case, the key must be at least as long as the plaintext file, and it must also be truly random and not rely on a mathematical algorithm for its generation. Such a key, of course, is not portable and must be stored on a floppy disk. In that case, it would be just as easy to remove the file from the hard disk as it would be to encrypt the file and store the key.
The "features" you pointed out in my CRYPT program should really be called limitations, because that's what they are. These limitations will all be elimitated in my version 3.
In a recent phone conversation you told me you try to shy away from product ciphers, preferring other mathematical algorithms. If a Master's degree in Mathematics is needed to understand an algorithm, then only those with a Master's Degree in Math who have thoroughly studied the algorithm should use it."
-- Mario Maniscalco, Ohio, Author of the CRYPT program which was reviewed in the last issue.
[Ed: You raise three points:
First, while encrypting a disk-based file is occasionally useful (for example a one-way encryption of a password file on a multi-user system), the real purpose of cryptography is secure communications over unsecure channels. Therefore, we encrypt a disk file prior to sending the ciphertext out over the modem. For example, in the case of 2 PCs communicating (for example across a continent), each can have key files stored permanently on their hard disks. Therefore, keys need not be removable.
Second, I look forward to receiving version 3 of CRYPT, and will provide a review of it. I commend you for continuing to enhance your program.
Third, and really interesting, is that, although occasionally the terminology can appear "advanced" (for example, "Galois Field"), the mathematics which underlie cryptology all boil down to High School-level algebra and mathematics (the only mathematics classes I took in college were two semesters of Business-related Calculus). My Master's degree is in Computer Science. If you are comfortable with (or are willing to learn) integer arithmetic, matrices, vectors, and polynomials, you have all of the basic understanding to "dig into" the computerized manipulations of the math concepts.]

Volume One Number One

Since this is the first issue, I do not have any letters from readers telling me about errors in previous issues! However, since this is a regular column, I would like to print a few of the sentences of encouragement from the letters I have received:

"Good luck with Cryptosystems!! It has to be a monumental task."
-- Dick Mesirov -- Pennsylvania
"Best of luck with your Journal. I look forward to it."
-- John Taylor -- Virginia
"Best wishes for success with your new Journal!!"
-- William Whitcraft -- Maine
"I congratulate you for the massive amount of programming involved, and for your willingness to share your effort with others."
-- Kenneth Madl -- Colorado
"Thank you for your effort to produce and share your software."
-- Dr. Richard Spillman -- Washington
"I am delighted that you are offering a Journal."
-- David Dodd -- Pennsylvania