*Here you will find a summary of the most important features of the current release version of CrypTool 1 (CT1). This does not include features which are additionally implemented in the successor versions CrypTool 2 (CT2) and JCrypTool (JCT). All features of all versions are listed in the CT functions table.*

CT1 is a freeware program which enables you to apply and analyze cryptographic mechanisms. It has the typical look-and-feel of a Windows application. CT1 contains comprehensive online help, which can be understood without deep knowledge of cryptography. CT1 is available in English, German, Polish, Spanish, and Serbian. CT1 includes every state-of-the-art cryptographic function and allows you to learn about and use different cryptographic methods within the same environment.

The algorithms available include both classic and modern cryptosystems:

- classic methods: the Caesar cipher, the ADFGVX cipher, the double-column transposition (permutation), the Enigma encryption algorithm, etc.
- modern methods: the RSA and AES algorithms, hybrid encryption, algorithms based on lattice reduction and elliptic curves, etc.

A summary of all the encryption algorithms implemented in CT1 is available in the online help page for the *Encrypt/Decrypt* menu. Additionally many screenshots can be found on this hyperlink and in the associated CT1 presentation, which will help acquaint you with the operation of the program.

Upon encrypting a document, the result will be shown in a new sub-window, whose title contains both the name of the original document and the encryption key used. The usage of keys is supported by two special icons: Clicking the icon *Show key* allows you to store a copy of the key used to encrypt into an internal storage. If you then encrypt another document with the same encryption method, then the icon *Insert key* will be active in the key entry dialog box. This can be particularly helpful for complex keys.

**Automatic analysis tools** for the classic encryption algorithms are provided for obtaining the key of the encrypted document (possibly using additional information, such as the unencrypted document or the language of the document). For further information on automatic analysis, go to the help screen for the *Analysis menu* within CT1 and choose the encryption algorithm to be analyzed there.

To support your **manual analysis** of documents, CT1 can display a histogram of the document, determine the statistics of any N-gram, and calculate entropy and autocorrelation.

The encryption functions within the menu* Encrypt/Decrypt* are implemented in a way that they can be called upon and performed efficiently. On the other hand, the functions in the menu *Indiv. Procedures* are implemented in a way that they can be performed step by step and interactively. In this second menu, the main focus is on e-learning.

In the menu *Indiv. Procedures*, several different individual methods and protocols are offered, such as:

- calculation of hash values and analysis of their sensitivity
- creation of Message Authentication Codes (MACs)
- generation of strong keys for passwords according to the PKCS#5 standard
- compression and decompression of documents, which enables the study of file compression prior to the actual encryption of a given document
- generation and analysis of pseudo-random numbers
- demonstration of protocols for authentication und key exchange (DH)
- step-by-step demonstration (forwards and backwards) of various ciphers using the ANIMAL animation software
- application of common encodings like base64 and uuencode

Which menu items can be selected depends on the type of the active document. The menus and sub-menus of CT1 are dynamically generated, depending on whether a document is open in the main window, and if so, the document's type (binary or text). All menu items are always visible, but only the ones which are appropriate for the current document type can be selected. The remaining menu items are disabled. An overview of all menu items within CT1 (the menu tree) can be found in appendix A of the script.

Modern algorithms are implemented in CT1 according to international standards. The authors of CT1 have not implemented cryptographic functionality where good free programs are already available on the internet: for example, dictionary attacks against password files (see John the Ripper) are not included in CT1. Instead, CT1 contains a tool to test the quality of your passwords.

### The RSA Cryptosystem

The RSA cryptosystem (see menu *Indiv. Procedures \ RSA Cryptosystem \ RSA demonstration*) is covered comprehensively in CT1; the program supports a variety of codings, block sizes, and alphabets. The RSA key can also be generated from prime numbers selected by the user. Key generation, encryption, and decryption can all be followed step-by-step.

Factorization of numbers is also an important application of cryptography. Simple RSA cryptosystems can be easily cracked using the factorization algorithms presented in CT1, which will help you consider the minimum key length necessary for a secure system.

### Interactive Demonstrations / Visualizations

CT1 includes many interactive demonstrations and visualizations to help improve the understanding of various cryptographic topics. These include the following:

- creating an electronic signature (menu
*Digital Signatures/PKI \ Sign Message*) - processing hybrid encryption (menu
*Encrypt/Decrypt \ Hybrid \ RSA-AES Encryption*) - analysis of the effect of modifications to a document on the resulting hash value
- sensitivity of hash algorithms (menu
*Indiv. Procedures \ Hash \ Hash Demonstration*) - generation of hash value collisions (birthday paradox) (menu
*Analysis \ Hash \ Attack on the Hash Value of the Digital Signature*)

- sensitivity of hash algorithms (menu
- Diffie-Hellman (DH) key exchange (menu
*Indiv. Procedures \ Protocols \ Diffie-Hellman Demonstration*) - demonstration of encryption and digital signing according to the S/MIME standard (menu
*Indiv. Procedures \ Protocols \ Secure Emails with S/MIME*) - side-channel attack (menu
*Analysis \ Asymmetric Encryption \ Side-Channel Attack on Textbook RSA*) - authentication protocols (menu
*Indiv. Procedures \ Protocols \ Network Authentication*) - shared secrets using the Chinese Remainder Theorem (menu
*Indiv. Procedures \ Chinese Remainder Theorem Applications \ Secret Sharing by CRT*) and Shamir (menu*Indiv. Procedures \ Secret Sharing Demonstration (Shamir)*) - visualizations of many algorithms (
*Vigenère(Vigenere), AES, Enigma*, etc.) (menu*Indiv. Procedures \ Visualization of Algorithms*) - applications of an ancient number theoretic theorem (Chinese Remainder Theorem) (e.g., analysis of the alignment of the planets of our solar system) (menu
*Indiv. Procedures \ Chinese Remainder Theorem Applications \ Astronomy and Planetary Motion*) - 3D visualization of large sets of random numbers (menu
*Analysis \ Analyse Randomness \ 3D Visualization*) - password strength tests
- evaluation of existing passwords (menu
*Indiv. Procedures \ Tools \ Password Quality Meter*) - generation of a password with a given minimum entropy (menu
*Indiv. Procedures \ Tools \ Password Entropy*)

- evaluation of existing passwords (menu
- computer-based training for number theory (menu
*Indiv. Procedures \ Number Theory - Interactive \ Learning Tool for Number The*ory) - point addition on elliptic curves (menu
*Indiv. Procedures \ Number Theory - Interactive \ Point Addition on Elliptic Curves*)

In addition to the interactive demonstrations, the CT1 package also contains the educational game The Number Shark, which trains young students to calculate factors of integer numbers.

### Online help, documentation, and tutorials

In developing CT1, much care was taken to ensure that context-sensitive help is available at any point by pressing the F1 key. To get a fast overview of the program's functionality, you can simply move through the menus and click F1 to get further information about any item that looks interesting.

The extensive online help comprises:

- explanations of all basic cryptographic terms
- a short list of cryptography references
- a chronology of the development of cryptography
- scenarios (tutorials) for an easy introduction
- a well-sorted index of cryptographic topics

Besides the online help, CT1 also includes the following documents:

- The readme file describes all important elements of the CT1 package, new features in this version, a description of the whole project, and information on installing and using CT1
- The CrypTool presentation, with over 100 slides, which gives an overview of the CrypTool project and CrypTool's features
- A detailed script (a PDF file with about 300 pages), focusing on mathematically-oriented information about
- cryptographic methods
- prime numbers
- elementary number theory (with many examples)
- current results of cryptanalytic research

- The fantasy story
*The Dialogue of the Sisters*by Dr. Carsten Elsner, in which two sisters in a psychiatric hospital use a variant of the RSA cryptosystem - The fantasy story
*The Chinese Labyrinth*by Dr. Carsten Elsner, in which Marco Polo has to solve some number theoretic problems to become a chief advisor of the Great Khan

### We are appreciative for the support of the following companies and projects:

- For hash functions, symmetric and asymmetric ciphers, and key management, CT1 uses the Secude Toolkit. That toolkit has been made available for us by the Secude IT Security GmbH.
- For the demonstration of ECC-AES hybrid encryption, we leverage the cv act library from cryptovision.
- For the demonstration of the RSA cryptosystem and number factorization, CT1 uses the Miracl library for arbitrary precision arithmetic.
- For the demonstration of hash collisions (birthday paradox), CT1 uses the OpenSSL library libeay32.dll.
- For the lattice basis reduction (LLL) attacks against RSA, CT1 uses the number theory library NTL from Victor Shoup.
- CT1 uses the GMP/MPIR library for primality tests.