Nautilus voice encryption (fwd)

Michael Sattler (msattler@jungle.com)
Wed, 10 May 1995 11:20:43 -0700


Announcing Nautilus 0.9.0 (Beta Test)
=====================================

WHAT IS NAUTILUS?
- -----------------

Nautilus is a program that lets you have encrypted voice telephone
conversations with your friends without needing any special equipment.
All you need is a standard personal computer (386/25 or faster PC with
Soundblaster compatible sound board, or Sun Sparcstation) and a high
speed modem. Its speech quality is reasonably good at 14.4kbps and
acceptable at 9600 bps. It currently won't work at any slower
modem speeds.

Nautilus is the first program of this type that we know of to be
distributed for free with source code. A few similar commercial
programs have been distributed without source, so that their security
cannot be independently examined.

HOW DOES IT WORK?
- -----------------

Nautilus uses your computer's audio hardware to digitize and play back
your speech using a homebrew speech compression routine included with
the program. It encrypts the compressed speech using your choice of
the Blowfish, Triple DES, or IDEA block ciphers, and transmits the
encrypted packets over your modem to your friend's computer. At the
other end, the process is reversed. The program is half-duplex; just
hit a key to switch between talking and listening.

Nautilus's encryption key is generated from a shared secret passphrase
that you and your friend choose together ahead of time, perhaps via
email using PGP, RIPEM, or a similar program. Nautilus itself does not
currently incorporate any form of public key cryptography.

Further details are in the release notes included with the program.

FTP SITES
- ---------

Nautilus is available in three different formats:

nautilus-0.9.0.tar.gz - full source code
naut090.zip - MSDOS executable and associated documentation
naut090s.zip - full source code

It is available at the following FTP sites:

ftp://ripem.msu.edu/pub/crypt/other/
This is an export controlled ftp site: read /pub/crypt/GETTING_ACCESS
for information on access.

ftp://ftp.csn.org:/mpj/I_will_not_export/crypto_???????/
This is an export controlled ftp site: read /mpj/README for
information on access.

INTERNATIONAL USE
- -----------------

Sorry, but under current US law, Nautilus is legal for domestic use in
the US only. We don't like this law but have to abide by it while it
is in effect. Nautilus is distributed through export-restricted FTP
sites for this reason. Please do not export it.

IMPORTANT
- ---------

This is a BETA TEST VERSION of a BRAND NEW CRYPTOGRAPHY PROGRAM.
Although we've done our best to choose secure ciphers and protocols for
Nautilus, its design details have not yet been reviewed by anyone
except the authors, and it's VERY EASY to make mistakes in such
programs that mess up the security. We advise against putting too much
faith in the security of the program until it has undergone a lot more
reviewing and debugging. We encourage cryptographers and users alike
to examine and test the program thoroughly, and *please* let us know if
you find anything wrong. We hope to release an updated version within
about one month fixing any serious bugs found in the current version,
though probably not having many new features. Finally, although we'll
try to fix any bugs reported to us, WE CANNOT BE RESPONSIBLE FOR ANY
ERRORS.

CONTACTING THE DEVELOPERS
- -------------------------

Nautilus was written by Bill Dorsey, Pat Mullarky, and Paul Rubin.
To contact the developers, please send email to nautilus@lila.com.

This announcement, and the source and executable distribution files,
are all signed with the following PGP public key. Please use it to
check the authenticity of the files and of any fixes we may post. You
can also use it to send us encrypted email if you want. We will try
to keep such email confidential, but cannot guarantee it.