NOTE: we recently updated the keys generated in R12 and later ... To reveal the key, please run: "mppdyna pgpkey" or "smpdyna pgpkey". For example, this is the command line for MPP R13.0.0: ls-dyna_mpp_s_R13_0_0_x64_centos610_ifort190_avx2_intelmpi-2018 pgpkey It prints out complete instructions with the correct key info in it for that executable. Older executables will use the key ID from the FAQ, but any R12 or later will have different key IDs. (New executables can use the old keys if they already have them, but only print out the new keys for them to import). Ref: Ticket#2022020410000045 _________________________________________________________________ These instructions will work only if you're running R7.1.1 or later. If you need to use encrypted files using earlier versions of LS-DYNA, dating possibly back to as far as R3 and certainly as far back as R5, please contact support@lstc.com for the file "Instructions_encryption_for_R6". _________________________________________________________________ Briefly, here is the sequence of commands to encrypt an include file using the 2048 bit key: pgpkey (this creates a public key) gpg --import lstc_pgpkey.asc (this imports that public key) gpg -e -a --rfc2440 --textmode --cipher-algo AES --compress-algo 0 -r 0x65AEC0AE part500.inc (this encrypts the file called part500.inc) The first two steps above are a one-time thing. ___________________________________________________________________________________________ The encryption keys used inside LS-DYNA were changed 4/1/14. The new executables will still read inputs that were encrypted with the old encryption key, but users should start using the new encryption keys instead. Two new keys were generated, a "normal" 1024 bit key which really should be sufficient for everyone, and a "long" 2048 bit key. The advantage of the 2048 bit key is that anything encrypted with it is going to be safe against brute force encryption much longer as technology progresses (well past our lifetimes, I'm sure). The down side is that each encrypted block is going to produce an extra runtime delay while it is decrypted. Version R7.1.1 and higher of LS-DYNA supports both the 1024 bit key and the 2048 bit key Below is an updated set of instructions, which include the new keys. The keys can also be generated by running LS-DYNA with "pgpkey" on the execution line. _____________________________________________________________________________ LSTC provides no expressed or implied warranty regarding the encryption used in LS-DYNA, its security, correctness, or fitness for any specific purpose. While encryption may provide some level of security, the user is responsible for safeguarding their data. To encrypt data for use in LS-DYNA: First, you will need a working copy of GPG, a freely available public key encryption program. If you are running on a Linux machine, it is probably already installed. If you need a copy, you can get one from www.gnupg.org Next, you will need to import a copy of the LSTC public key, which you can do by cutting and pasting the key block below to a file, then importing it. (If using GPG from the command line, try "gpg --import " where "" is the name of the file where you saved the keyblock) Include the "-----BEGIN" and "-----END" lines in the file! -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.19 (GNU/Linux) mQGiBFM61ScRBACgqz7q7kytYuuRpa+1DTD9J3Kn8s3kMHO7zPtLu8bsb1L1I4UQ CC6HRL2fMVRtBQZuy445eqsot5npcnzpQ6rcvsQZTVCqXH/gx5O5xs6/W8ktaJXn hBrxGabk6IzlOXYvmQ2+jOATfQs29pt4+e/+oXFI9EfKBHao2dEgtOWS6wCg+9gi 9azFZOUIHV0EJDPFQJZrRFUD/11AG23e7964MN0HTWAWCIvPs8johwB7NOF6UjRR xuqD/ZqiQ1hhmQzJR89Weg0TeFFCVP+yK2tgPOgsXry/r7WF/RnO9S/7yvtTWHr8 QPVxCur7vcKX/Lis6ByiyyDvihavBB6RgMYl5HkrEstTY/j3O09woxtQ4Pae5yZ2 woj0BACI87Lk6aO/9wAVXBDYyufqX9bea/lbMEuQZ7qzBO7xjSwchYeoLUbCK5sh iGI+nT3+liqUZW8+KXd/6I+xsN+YXuS9olmeN5L391VF7ZnWcsOKLbr3tnA3TKJb Q/txpFhI/2CM2u0VU6w6DAAGlxic5Gf1Cdc8/mA5KaNEuq24PrRDTGl2ZXJtb3Jl IFNvZnR3YXJlIFRlY2hub2xvZ3kgQ29ycG9yYXRpb24gKExTVEMpIDxzdXBwb3J0 QGxzdGMuY29tPohVBBMRAgAVAhsDAh4BAheABQJTOtVDAgsHAhYAAAoJECATgx5l rsCu0P4An2f9h8YuWfW+mNY1gm29nIs+kbeZAJ44HMvNgfOVtqUxUCyTlCLjwR6O CbkBDQRTOtUnEAQA4Q4D0F6l77N0e6XCIH49b7MHFyjkq3OdgHE4vylubEAXVeeX FD4Vrojn3t/I1QqAUG4ipZZAlLVrSYruzQLYaLhjYP124Py/b6vRo0FcyVsLbazj BxnGs+fFTrYspLaWfBK2dIrQ9ze9QSLhNous36W3em+fhx8hzGgcUUZRQOcAAwUD /RkrdN+Mbim6H6MNnEKhoXlpogzriCUB+hpxfQSP+go6+Np2RGkQfTEu+W51vrFA cW36cncp3OLpsvKzaQgTTT1rqb11Hoe/YpH3T9ngz4NX7a4OSDhHDKC1Q1BuzTEJ 3A3RXeAgRaMV8+hFm91g2KWZuMeqd+nSo2sb5EvpFhW9iEkEGBECAAkFAlM61ScC GwwACgkQIBODHmWuwK7BaQCfUovuhS6oXuh+1sSqkGCxzHEGER8AniHYve/Kn6CL SoAeXMxSC7F44Ood =R0pG -----END PGP PUBLIC KEY BLOCK----- Now you are ready to encrypt data for LS-DYNA. Create a file (herein called "input") that contains the block of keyword input that you want to encrypt. Then encrypt it with the following command line: gpg -e -a --rfc2440 --textmode --cipher-algo AES \ --compress-algo 0 -r 0x65AEC0AE input Note: If you are using an older version of gpg, before 2.0, the "--rfc2440" flag might not be recognized. If you have problems, try substituting "--openpgp" instead. This will create a file "input.asc" which can be inserted into the dyna input file, or included via *INCLUDE. The above PGP key is a 1024 bit Elgamal key. Here is the optional 2048 bit Elgamal key: -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v2.0.19 (GNU/Linux) mQMuBFM55y8RCACloOCLGOpfDgWJz75dF2K0MAP6T6ckM41s9lOASvLGK80tnJIl pzaaX0Ty0/N1U2d4vD04xQi6tjFJk5ggLx6Bp2EyOhpCmZ0Rfz6Qss6vFHfpso9+ QV/lVoAggquTtmnd5lXD0id7L8MGy5bXO8CyLC1mZxnN/HCAolVxEntBIdk0dj0k 1SQxbCyUKW42cArr4if3k1dOxc8hu23xMDykJQHvJnv5ycxFdJrQWyGsoPNEAsBR aea4HaTbrTeNUXw594ZAck8yiMz48DuoQ834NTaJzg99Bk3UjdWX1DXUAf3viq5r u/VngaNStQl8Y6b+3GZAE5Zs1viqjufUFIqHAQCzETBjSxjHcF8ewygBYvDc9UFu meWV7PpJo6ea1hBdewgAhXG3FqDtWIsSdrV763ENRjjfCs4PMlu56i3uOL/E+AYV hZjBM7Cq9GnpqZNOA7Xu0f4bhn4lH0m+abXvPf6NbF1y0B0bzpl4OC0nKnnwk70f k5Zo+HI1ERQcrbNjxYoQcIc6gQIeUDX8NbNpNcN6gnCfYkGDNdVDL911KnPPO2/8 +2RTdPrzplDvfYl17AYmy57/rQs+gRpKP/P5DkMEMlkFAjvaIlble9bt2+CiHJMX l72u8oStrOZSIh935WnSVfVxqGHdG/ogp0E4tDiHoRxO33YzNd0Qqh/aoGLw8UHN yTaTEv6WAseqBEgn7cXpg1gIGNw5lmyK/xjJAlnUKgf/UPqiL99XF08X17Kii+6V IZ2shIAx+n9Lqxh1W5LlLmSPsnf5hm0xaJzjmAopMjj6EMKpsAYeLrM6efn0jJPI r7DYsrdch5SjNR5Pa6Nj9WQFYROg48vfzmTFTzokXqDI25ACtZG7712R9a+iWzCD cxGjRNzvKWPYzqjFDE5vbS0dhcQX8/su+DcpGPxkyLlu4hWU7nwCC+OxM5k/qZCs 8ZQojw5JmczSA7vfTexRoei+N2rH+eA8HPYE6lUYOmPNC+PJ+EwS2TPQVF6sD02v onEoxuwDyqQ+6Iq6wh2+7m9yauD7pPZUk2Kp9BdcnfA7bSm9Vpve6eQuPAUQFYem trRDTGl2ZXJtb3JlIFNvZnR3YXJlIFRlY2hub2xvZ3kgQ29ycG9yYXRpb24gKExT VEMpIDxzdXBwb3J0QGxzdGMuY29tPohtBBMRCAAVAhsDAh4BAheABQJTOedXAgsH AhYAAAoJEHfQoCtgwENaOiQBAIckdWTiP8uKwDLeK5+L0jJ7qwVYLoLf3RCBwgZd ZsbxAP4u5L73Q2K+iC/ICq+k5QubXR0yWjwmGhuk/wsBBt7+TbkCDQRTOecvEAgA ueZwK5BSGCAvSSXPSeNWXkZNGU1UJ8fDNWAUZy07bdQCUaJjhTooxHbtPlAu9ybK oIp9gXWJjMu0ZcyhNAWLYg0lC/eYULXO5J7NPVZB0lFyhasmLxiw3es+yP0LVVFI pnF5JppqzTSNc50RiCNBljO5uTmF9C0SAkLDbphWlPn3OWuOxkWLXRhnX9dO/L71 WsCO8VgqDvahmXbI5l/IXueCBlJ18I1LO91cGA6yTmwxd7qfVBmLiJI3pqhRnA6H rOaQ2nf4m/zyaPG8Q1rCGxSP0ctfwIt85Nghfw14NiIkLm6/CGLT5roW2bY3lPZN zX/sw2oLGTMjop91Cb3J9wADBQgAoJkhip55PEe6ykQdkvxjE/wUJVpIBuNRKTOF RMivPL5NcHhnBGtWywKpUlaQNaFOYUDFVEsrCqT9uVk6NwmWpqJyJoUxK5b2vbGF dOLgI+JDrUo8KZx+Hz1981VMD9v4zm0I7Rt4MMYaDhBMuJyNm831ruamAGM96RaF +6pMUS6Cb4wVGdz7912CzAgsNftNWpTCvTbj4+/eKynYcBfWVZp4xzS5cM6nTzNC GwIyUtzgvXtY2ByEPqeu2AdpIhU1CiXeLRdYlYiXadXzJfJGVi1irKoAb1uiLypJ sVXhgMlHKDQ81tEJiVJ5nawYT4e7mel+T74v3+BufysSFmKm1ohhBBgRCAAJBQJT OecvAhsMAAoJEHfQoCtgwENaVqQBAJpCFxs3P6wU+YE202jd4BzNXORIqJjYHbk+ 9kiD0cATAP97Th8x9NUhyBGUBH4UUXxz7ek8eG5wxWsC8UkROjjpgw== =xfll -----END PGP PUBLIC KEY BLOCK----- The 1024 bit key is considered sufficient for general use. The 2048 bit key will incur additional processing overhead during input processing which may be unacceptable. To use the 2048 bit key, use the same command as above, but replace "-r 0x65AEC0AE" with "-r 0x60C0435A" ________________________________________________________________________________________ A major enhancement to encryption is the ability to suppress all output for a subset of parts. By invoking input encryption and output supression together, it's possible to hide the geometry, material, etc. of specified parts from another analyst yet allow that analyst possession of the input so that he might modify or add to unencrypted portions of the model and run analyses. PSETID in *database_binary_d3plot identifies the part set containing the parts to be omitted from all output including d3plot. By including *database_binary_d3plot with a nonzero PSETID in an encrypted portion of the input, a safeguard in invoked that prevents PSETID from being reset elsewhere in the input. An example in which one part (part 500) is so hidden is provided in http://ftp.lstc.com/anonymous/outgoing/support/FAQ/encrypt.tar.gz _____________________________________________________________________________ NOECHO option in *PARAMETER and *PARAMETER_EXPRESSION allow the user to not echo parameter data in d3hsp. ______________________________________________________________________________ NOTE to Windows Users: Here is the brief description for Windows Encryption... Cut and paste LSTC public key, save it as lstcpgp.txt install Gpg4win open A Dos prompt cd the folder where the file need encrypt for LS-DYNA Type "C:\Program Files (x86)\GNU\GnuPG\gpg2.exe" --import d:\lstc_public_key\lstcpgp.txt to import the LSTC public key. Then type... "C:\Program Files (x86)\GNU\GnuPG\gpg2.exe" -e -a --rfc2440 --textmode --cipher-algo AES --compress-algo 0 -r 0x65AEC0AE input ...to encrypt file input. This will create a file "input.asc" which can be inserted into the dyna input file, or included via the *INCLUDE command. Guanhua Ticket#2016062910000011