The first thing that is noticed when you start reading the text files (.TXT) with Turbo Encrypto (TE) is that the writer has several of his facts wrong. Not unusual in itself, but it shows that the author doesn't know anything about the history of cryptography. In order to write secure encryption algorithms, you should know how all the old methods work and almost as important how to break them. The misspelled words don't help the credibility of the author either.
The author claims TE is state of the art, that the elementary ciphers dating back to almost 500BC are still secure and that modern ciphers are commonly weak. Typical tactics of the proverbial snake oil salesman. The truth is that none of the methods implemented in the shareware time limited version of TE are what anyone with experience would call secure. As you will see, TE is anything but secure.
What I did was I encrypted the README.TXT file that comes with TE using the various encryption methods in the shareware version and in some cases different keys. Then I simply used the Win95 DOS mode Edit program to view the encrypted files. For those that don't know, you can use the Edit program with Win95 to at least look at and in some cases modify binary files. In any case, it was enough to see the patterns and find decryption keys. I have part of an afternoon in breaking the encryption methods and writing the programs to break the encryption methods. This really isn't a lot of time since I had to test the programs and verify the operation of them in addition to writing them. What I'm trying to say is that I spent much more time writing programs than breaking the algorithms.
We'll start out with the good old Caesar cipher. The cipher is named for none other than Julius Caesar who used the method right around 3 BC though it may have been invented earlier. The cipher is simply an offset from the plaintext letter. A pure Caesar cipher was limited to the standard alphabet and used an offset of three such that "A" becomes the letter "D". You can go to most public libraries and learn enough about cryptography to break this cipher on your own. This is one of the easiest forms of encryption to break. The Caesar cipher and many of it's variants have been used as puzzle ciphers for many years. Your own newspaper may publish a cryptogram along with the usual crossword puzzle and maybe a Jumble.
The program TE1.EXE looks at a TE Caesar cipher encrypted file and then decrypts the file. It only requires a file name as input. It doesn't check to see if it is an actual Caesar cipher so it will fail on files that were encrypted by another method. It can also fail if the program doesn't have enough text to gather the data needed to find the key.
The second cipher in TE's list is the Skytale. This is a transposition style cipher based on a rod wound with a strip of paper. The message is written on the strip along the rod and when unwound, the text becomes scrambled. To decipher the text, the receiver must have an identical sized rod to wind the message strip on. Encryption and decryption is nearly automatic. This cipher is also the subject of children's books and puzzles that can be found in a variety of places similar to the Caesar cipher above. A trip to the library will yield methods of breaking this encryption also.
I didn't write a program to automatically crack this cipher. The automatic decryption of this cipher without the key would require large dictionary files and a scrambled word solver to find the correct transposition value. A semi-automatic method requires that the user understands the method of encryption and the methods for breaking the encryption. Unfortunately humans have a great advantage over machines when solving encryption puzzles because we humans can see patterns much easier than a computer. I would encourage anyone who wants to test their skills in cryptanalysis of elementary ciphers to try this one using a pencil and paper.
The third method shown in the shareware version is the logic method. It sounds fancy doesn't it? If you read the TE files you would be led to believe that it was the best encryption out there. I hope it isn't much of a surprise by now, but it is no better than the Caesar cipher above. In fact, it is a variant of the Caesar cipher that uses an exclusive-or (XOR) operation instead of the offset value. The use of XOR instead of an offset doesn't help strengthen the cipher at all. In fact, the exact same method used to break the offset version is used to break the XOR version. The only real difference is that it works with XOR instead of an offset operation.
This brings us to the next program I wrote. The TE3.EXE program breaks a text file encrypted with the logic method and then writes the file out decrypted. It uses the exact same program to find the key as the Caesar cipher cracker above Should the program fail, it probably didn't have enough text to analize or it simply wasn't normal text in the first place. Even if the program fails, a human attacker can make a trip to the library and learn enough about cryptanalysis to break the cipher. Once again, humans can see patterns where simple computer programs will fail.
The last method used in TE is worse than the above methods. I didn't identify the encryption used by this method. It only seems to be partially encrypted and in an odd compressed manner. If you examine an E-mail cipher encrypted file you will find pieces of words such that it is almost readable. If you can compare the encrypted file with the unencrypted file, you will see the matches. It is enough to say that it is possible to crack the encryption though maybe not automatically. Since I only spent a few hours examining the encryption methods and writing the cracking programs, I didn't write a cracking program for this one. I didn't feel it was worth the extra effort and that the above analysis is more than enough reason to avoid the algorithm.
The documentation included with TE promises four more methods of encryption. There is nothing shown in the documentation or anything else related to the program that would imply that the additional encryption methods included with the full version will be any better. Since it is claimed that the above methods are state of the art, then I doubt the author of the program understands what real encryption is. The program has no redeeming qualities except that it appears to be a learning experiment for the author. My advice to the author would be that his time would be better spent learning more about modern security and encryption before writing and selling encryption programs.
If you look at the program itself (graphic is below), the first thing that you'll notice is the nice password window with your password in nice large letters so that anyone across the room can see what your password is (password shown is "Big Money"). The next thing you'll notice is that it is a crude text editor without a lot of features. Compare it with WordPad that is part of Windows 95. If you are a programmer, you'll notice that it is a basic single document interface (SDI) that many of the current compilers will generate for you. It is hard to believe that the TE programmer has the knowledge needed to create a secure product in a Windows environment. It was probably a nice learning project for the programmer who put it together though.
Is it worth the $49 to register it? Save your money and get one of the real encryption programs. Is it a useful program when the major software companies and several other specialty software vendors have much better available? I would suggest other alternatives long before I would recommend TE. The truth is that most any teenager can break the encryption used in the shareware version of TE with a little research. Does TE have any good points? Yes, it manages to work as a very simple text editor.
If you read the SPECIAL.TXT file, it lists additional fees to add other encryption algorithms. The additional consulting fees are enormous considering the skill level of the programmer. Everyone needing better encryption would be better off paying the $150 or less for a regular commercial encryption product and trust the vendor. Those needing better security can probably afford to hire their own programmers and security professionals. It is possible to put together a basic dialog box application for much less than the $500 minimum fee and the security features would be better and nearly as easy to use. I see no reason for the $5000 maximum fee. You can have real security at a much better price and of higher quality from a program other than Turbo Encrypto.

Copyright 20 March, 1998 Randall T. Williams
Now that you've read Randall's analysis -- I hope you enjoyed it -- you can download the Teanl.zip, which contains not only this document in Word 6.0 format, but also two executables, and their associated source code in C. The ZIP file is no longer password protected.
--Joe