Encryption Library

We offer a broad range of software products for use by the financial services industry for cryptographic protection of digital data. Specifically, the Lighthouse offering includes:

  • File Encryption and Decryption,
  • Electronic Codebook Encipher and Decipher,
  • Cipher Block Chaining support, and
  • Message Authentication.

These products are implementations of the Data Encryption Algorithm (DEA) presented in the Federal Information Processing Standard (FIPS) Publication 46, entitled "Data Encryption Standard", and known as DES. The algorithm is the same as that published by the American National Standards Institute (ANSI) in its ANSI X3.92-1981 specification. The software incorporates the modes of operation defined in ANSI X3.106-1983 (FIPS 81).

The software is available in several formats:

  • MVS Load Library
  • HP nonstop object library
  • Solaris Shared Object Library (ECB only)
  • PC 32-bit Dynamic Link Library.

The MVS module is produced using an IBM C compiler with LE390 support. The 32-bit PC DLL is developed using Borland C++ V5.02. The HP nonstop libraries are written in TAL and may be bound with main programs written in any HP nonstop supported source language.

ECB Library

This library is tailored for simple PIN encryption, containing two routines, ECBCIPHER and MSCIPHER. Both accept 64-bit plaintext and key values, yielding a 64-bit ciphertext result. The ECBCIPHER routine is a straight DES implementation. The MSCIPHER routine was developed by Lighthouse Systems in conjunction with Microsoft to accommodate a particular key transformation used by the Microsoft MONEY product for PIN encryption/decryption. This routine is used for exchanging PINs with the Checkfree home banking product. Along with the Lighthouse ECBLIB32, we provide a sample program source which invokes both routines and displays the enciphered results.

Checkfree Pin-encryption

When producing encrypted PINs for use with the Checkfree home banking product, Lighthouse uses the MSCipher function. Input values are understood to be ASCII-encoded characters. If your initial inputs are EBCDIC, convert both the plaintext key and PIN before encryption (EBCDIC to ASCII). The inputs should be left-justified in a null-padded (binary zero) 8 character (64-bit) field prior to the cipher call.