Federal Office for Information Security (BSI)

Chiasmus™ for Windows/Linux

Content

Description

Chiasmus™ is an encryption program for Windows (Windows 95, 98, 2000, ME, NT 3.5.2 and higher, XP, Vista, 7, 8, 10) and Linux. Chiasmus is a 32-bit application, but it also runs on newer 64-bit operating sytsems (Windows 7, 8 and Linux). With Chiasmus it is possible to encrypt individual files or entire folders.

The built-in random number generator enables you to generate keys yourself. However, keys previously exchanged with communications partners can also be used. The keys can either be read from a file or else entered over the keyboard.

Chiasmus is easy to install. During installation, no entries are added either to the Start menu or the registry, or to any other system directories. The software does not use any system drivers or DLLs either. On the other hand, Chiasmus does not embed itself into any other applications (Word, Excel, Access, Lotus Notes, etc.). This rules out the possibility of transparent encryption of application data in the background. Encryption and decryption of files or folders must always be initiated by the user in a separate operation.

The Chiasmus software product is subject to greater risks than a hardware solution. With a PC that is connected to the internet, it is possible that protection could not be provided to the extent required. The protection requirement of the information to be protected should therefore be no higher than "normal".

Chiasmus is available as a Windows program with a graphical user interface and as a command-line-based Linux program. The Windows program is switchable from German to English language. The Linux program is availabel in German language only.

The Chiasmus-user has chosen three files for encryption and is now requested by the software to choose a key Figure: Chiasmus for Windows in operation

Figure: Chiasmus for Linux in operation Figure: Chiasmus for Linux in operation. The Chiasmus user has enciphered the file dokument.odt with the keyfile key2009.xis. The password is not displayed on the screen.

How to obtain the software

Conditions of use

Chiasmus may only be used where its use is in the interest of the Federal Republic of Germany. Details are set out in the license agreement.

Ordering

To order the product, complete and sign the order sheet and send this together with the necessary evidence to:

Bundesamt für Sicherheit in der Informationstechnik
Department Z 3/Sales
PO Box 20 03 63
D-53133 Bonn
Germany

Documents

Cryptographic details

The core of the program is the BSI's own symmetric block encipherment algorithm, Chiasmus. Chiasmus was specifically developed for software implementations. Chiasmus encrypts 64-bit blocks into 64-bit blocks, using a 160-bit key. Chiasmus for Windows/Linux uses Chiasmus in cipher block chaining (CBC) mode. The effective key length is 128 bits, the remaining 32 bits constituting a checksum.

Amendments and bug fixes of the Windows version

  • In versions up to 1.2 there have been isolated instances (approx. 0.2% of encryption operations) in which the encrypted file could not be decrypted again. This error does not affect the security of the product and has been fixed from Version 1.3.
  • In versions up to 1.2 there were occasional instances in which users with Administrator privileges were unable to use user profiles created with older versions. This error was fixed in Version 1.3.
  • The physical deletion of files has been removed from Chiasmus version 1.5 because under NTFS (New Technology File Sytsem) a reliable deletion of files is not possible.
  • In version 1.5.0.10 some users with Administration privileges were not able to save user profiles.
  • Version 1.5 contains a few extra changes that do not have any security implications.
  • Version 1.6 contains a few extra changes that do not have any security implications. The design has been adapted to the new BSI design.
  • In version 1.7.0.4 the function "Encrypt directory" causes an error in some combinations. This error is fixed with version 1.7.0.6
  • Version 1.7.0.7 contains a few extra changes that do not have any security implications.
  • Version 1.7.0.8 contains a few extra changes that do not have any security implications. E. g. an easteregg has been removed.
  • In version 1.7.0.9 some sporadicly occurring bugs have been fixed. This bugs do not have any security implications. For example, in version 1.7.0.8 in rare cases occurred a message "Division durch Null" or "Division by Zero".
  • In Version 1.7.0.9, the printing of keys did not work. This error has been fixed in version 1.7.0.10.
  • To use the Chiasmus help pages under Windows 7 or Windows 8, the user must install the program WinHlp32.exe, which is available free of charge from the Microsoft Download Center (For Windows 10, the program WinHlp32.exe is not yet available).

Should you discover a programming error, please document it in as much detail as possible and send your report to

Bundesamt für Sicherheit in der Informationstechnik
"Chiasmus für Windows"
PO Box 20 03 63
D-53133 Bonn
Germany
or else to
Chiasmus@bsi.bund.de

When reporting errors, please state the exact version of the software that you are using (e.g. Windows 1.1.0.7). The Windows version details can be obtained by clicking with the right mouse button on the file Chiasmus.exe, selecting "Properties" and then clicking the "Version" tab. The Linux version number will be displayed if you run the program with the option "-h".

Update to Windows Version 1.7.0.10 (15. December 2014)

Important note:
You can only download Version 1.7.0.10 if you are already a registered Chiasmus user. Otherwise you can only obtain Chiasmus for Windows as described above.

To install Version 1.7.0.10, you should proceed as follows.

  1. Start the download.
    Install_1710.zip (zip, 939KB, File does not meet accessibility standards) (zipped, encrypted and self-extracting compressed file)
  2. Unzip file Install_1710.xia, which is contained within Install_1710.zip.
    NB: To unzip the file you will need a decompression program such as Winzip, which can be obtained as a test version from http://www.winzip.de The reason why file Install_1710.xia is included in the zip file Install_1710.zip is not actually to compress it, but to prevent Install_1710.xia being erroneously interpreted by some browsers as a text file and hence modified in some way.
  3. Start your old version of Chiasmus for Windows on your computer.
  4. Using Chiasmus für Windows, decrypt Install_1710.xia into Install_1710.exe. Enter the key "BSI" (without the quotation marks) on the keyboard. For this purpose, use the "All characters" character set. The checksum should be MXTt+B.

    Important!: Encryption at this point is used not to preserve the confidentiality of the program so much as to ensure that the update can only be used by already registered Chiasmus users. Under normal circumstances you should use more complicated keys, and never disclose any keys on the internet!
  5. Now exit Chiasmus for Windows on your computer. To do this, close down all open windows in Chiasmus for Windows.
  6. Start the program Install_1710.exe by double clicking on it.
  7. Enter the name of the folder in which your Chiasmus installation is located. If necessary, click on the "?" button to search for the folder on your hard disk.

    Chiasmus-Installation

  8. Now click "OK". The files Chiasmus.exe, Chiasmus.hlp and Chiasmus.ico will now be saved to your Chiasmus folder. The old files will be overwritten. You can continue to use your old set-up file, YourName.xiu.
  9. If you have a version with Administrator privileges, you can now also download an updated version of the Admin.hlp file. Unless you have Administrator privileges, this file will not be of any use to you. Unzip and decrypt the file Admin.zip into Admin.hlp, as described in paragraph 2 and paragraph 4 above, and save this to your Chiasmus folder.
    Download Admin.zip (zip, 255KB, File does not meet accessibility standards) (zipped and encrypted file)
  10. The installation is now complete. You can start up Chiasmus for Windows in the usual way.

Notice for older Chiasmus versions

With completion of the current Chiasmus Windows version 1.7, for older versions 1.0 to 1.6 the support will be discontinued and the approval will be withdrawn back on 30.06.2008.

Contact

Bundesamt für Sicherheit in der Informationstechnik
Department Z 3/Sales
PO Box 20 03 63
D-53133 Bonn
Germany

Contact person for

Important Notice

The BSI will not be held liable for any damage resulting from use of the program.

Last updated: 15. December 2014

Chiasmus für Windows/Linux

Deutsche Version