home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Night Owl 6
/
Night Owl's Shareware - PDSI-006 - Night Owl Corp (1990).iso
/
029a
/
fes412s.zip
/
MANUAL.TXT
< prev
next >
Wrap
Text File
|
1991-04-18
|
78KB
|
2,662 lines
FILE ENCRYPTION SYSTEM
A Powerful System to Protect Your Sensitive Data
Version 4.xS
(C) Copyright, Bennett Scott 1985-1991
PREFACE
The File Encryption System is a simple but powerful
tool for keeping your sensitive data safe and secure. It
does this by encrypting (scrambling) the data in a file
based on a password that you choose. The encryption is
performed automatically as you run your application
programs. The File Encryption System allows the user to
select different levels of data security (1 - 2). (Note: a
more powerful version is available with your registration,
with 5 levels of encryption, with level 5 meeting the U.S.
National Institute of Standards and Technology (NIST),
formerly the National Bureau of Standards, Data Encryption
Standard (DES). See documentation on the distribution disk
for more details.) The encryption algorithm thoroughly
randomizes the data and is virtually impossible to decrypt
without the password. The File Encryption System is a shell
program which allows you to run word-processing,
spreadsheet, database or any other programs that use files
for data storage. This capability can be very useful if you
have proprietary information such as business plans or
financial data that you do not want anyone to be able to
access.
This manual describes how to use the File Encryption
System.
Chapter 1 is an introduction to file security and how
it is approached. Some fundamental theory is presented to
give you a basic feel for how this system works and how you
can use it.
Chapter 2 describes the utility programs included in
the File Encryption System software.
Chapter 3 describes how to install the software on your
computer.
Chapter 4 describes how to use the software.
Chapter 5 illustrates examples using different word-
processing, spreadsheet, and data base programs.
Chapter 6 describes some limitations of the File
Encryption System.
1
Chapter 7 describes how to use the LOGIO file I/O
logging program to analyze your application programs so that
you can properly set up the File Encryption System.
Appendix A contains explanations of error messages that
you may encounter when using the File Encryption System.
Appendix B contains information for configuring the
File Encryption System for some of the widely used
application programs in use today.
Appendix C contains a list of application programs that
must be configured to use algorithm modification 1.
Appendix D contains a hexadecimal to decimal conversion
table.
Before continuing with this manual, you should be
familiar with the DOS operating system. You need to know
how data is organized into files, and how programs can use
these files. You will need to know what program files and
what data files your programs use when you are ready to set
up your secure system. The File Encryption System provides a
utility program for analyzing what files are used by your
applications programs if you need it. This is explained
later.
2
INTRODUCTION
The File Encryption System is a file encryption program
meant to protect your sensitive data. The File Encryption
System includes a shell program that runs under PC/MSDOS 2.1
(and later versions) that is loaded into memory by the user
when running normal application programs. Once in memory,
the program remains active until the user exits the program
and returns to DOS. This way, the File Encryption System is
always ready to protect your files, no matter which program
you are running. It will work with spread-sheets such as
Multiplan(c), Microsoft EXCEL(c), and Lotus 1-2-3(c). It
will work with word processing programs such as Microsoft
Word(c), Word Perfect(c), and Multimate(c). In fact, it
will work with just about any program that uses files for
data storage.
In addition to the shell program, utility programs are
included to encrypt the data in a file, to decrypt the data
in a file, generate a configuration file (to configure the
File Encryption System) and a file logging program to log
file access I/O (so you can tell what files are used by your
program).
3
HARDWARE REQUIREMENTS:
To run the File Encryption System you need
- An IBM PC, XT, 286/386, PS/2 or compatible PC
- At least 256K of RAM
- MS/PC DOS 2.1 or higher
NETWORKS:
The File Encryption System is compatible with standard
local area networks (LANs) networks, such as Novell or 3COM,
since a file on a network file server looks like any other
file to the program.
4
THE FILE ENCRYPTION SYSTEM AND DOS
The shell program (SECURE.EXE) works by sitting between
the operating system (MSDOS) and your software (application)
program, e.g., Lotus 1-2-3, dBase III, etc. It continually
watches for when your software program asks the operating
system to either get data from a file or to put data into a
file. Then, SECURE steps in, intercepts the data, and
changes it by encryption (scrambling) or decryption
(unscrambling) before sending the data on its way again.
For example, if your program wants to put the line:
THIS IS A LINE OF DATA.
into a data file, the security system intercepts this
data and may change it to something like:
Q%26,Kap+!Q,ORYkd74$#$=
before actually putting it in the file. When the
program wants to read this line from the file, the security
system again steps in and changes what looks like "garbage"
back to the original data.
Of course, the "garbage" data can be changed back to
the good data only if the program uses the same password to
decrypt (unscramble) the data that it used to encrypt the
data. If you write a file with a password, and then remove
the password, anyone else who looks at the file will see
nothing but garbage.
SECURE will work with almost any program that runs
under MS/PC DOS (we have yet to find one that does not
work). Whenever you give the security system a password, all
data going to or coming from files will be encrypted or
decrypted. This is an advantage in that NO data need ever
be put on a floppy disk or hard drive without being
protected.
But if all files are encrypted and decrypted as long as
a password is in effect, what happens if the software
program needs to read in data from some other file, such as
text in a HELP file, or another part of the program itself?
If the security system changes this data, it might be
disastrous. This problem is solved by being able to tell
the program which files are or are not encrypted. This is
done by specifying filename extensions (such as .EXE for
programs, or .HLP for help files) when the security system
is configured. This will be covered in more detail later,
5
but it is important for you to know which files your
programs will need to use without altering the data in them,
on which files you want encrypted.
6
DATA SECURITY
The purpose of any data encryption system is to provide
data security. But the responsibility of data security is
not a one-way street. You need to take an active role in
determining what needs to be secured, how it needs to be
secured, and keeping it secured. This section will help you
make those decisions.
The File Encryption System was designed to make it as
easy as possible to use. Once the program has been properly
installed, all you need to do is enter your DOS commands
like always, but in addition, you will be prompted for a
password.
The basis of any security system is PASSWORDS. A file
is encrypted based on a password. Different files can have
different passwords, or all files used by a particular
program can have the same password. You can change
passwords by decrypting the file with the old password, and
encrypting it with a new one. The password is not saved in
any way with the file. If you forget your password, you
will have lost your data. The File Encryption System is the
electronic equivalent of a paper shredder. Loss of your
password will prevent your own access to your data.
Passwords can be any printable character (any character on
the keyboard) up to sixteen characters in length. To the
File Encryption System, upper and lower case letters are not
the same -- "PASSWORD" is not the same as "password". Also,
embedded spaces are considered part of the password ("pass
word" is not the same as " password "). Choose your
password(s) with care; it is not a good idea to choose a
password that is too "easy" to remember, such as your name -
- such passwords are also too easy to guess by other people.
Of course, you should protect your password(s); if everyone
knows what it is, your data is not secure.
The File Encryption System has two (2) levels of
encryption. The level of encryption is determined by the
configuration file. The level you should use depends upon
how "secure" your data needs to be. Level 1 is known as a
"polyalphabetic cipher". It merely substitutes characters
for other characters, based on the password. While not the
ultimate in security, it is good enough for many
applications. The advantage of this level is that it does
not add any time to get data from your files. A level 1
encrypted file could be broken by an expert in cryptography,
but you need not worry about this unless your business deals
in highly sensitive data. Level 2 is based on the Data
Encryption Standard (DES) approved by the NIST. This is an
extremely complex algorithm adapted as a standard way to
encrypt data. It is considered by many to be unbreakable.
7
The disadvantage to this is that it takes a long time when
done in software. Level 2 is actually a compromise. It
uses the same algorithm as the DES algorithm, but instead of
16 iterations of encryption (as required by the standard),
level 2 performs 1 iteration. The version sent to you with
your registration will support 5 levels, with the 5th level
being the DES algorithm in its entirety.
Level 2 is the default value suggested for use with the
File Encryption System. If you are using a slow PC (a 4.8
MHz 8088), you may want to go to level 1.
8
COMPONENTS OF THE DATA ENCRYPTION SYSTEM
There are five files associated with the data
encryption system. They are SECURE.EXE, ENCRYPT.EXE,
DECRYPT.EXE, EDITCFG.EXE and LOGIO.EXE. Another file,
SECURE.CFG contains configuration information used by
SECURE.EXE. Once the system is set up, only SECURE.EXE and
one or more configuration files (default = SECURE.CFG) are
required.
SECURE.EXE is a program file which acts as a command
shell. It allows you to give normal DOS commands, just as
if you were giving them to DOS itself. You will also give a
password. This program will take your password, enable the
encryption system, and will then start your requested
program running. Thereafter, all data read from files or
written to files will be protected by encryption. When
your program terminates, the shell program will start to run
again. It will turn off the encryption system, and will
then ask for the next command, and password.
The file SECURE.CFG is a configuration file which tells
SECURE.EXE how to encrypt data. This file contains
information regarding the level of encryption, whether the
desired files are to be included or excluded, the file
extensions (e.g., .WK1, .PRN, etc.), valid passwords, and
other options. Although there is a SECURE.CFG file
supplied, it can be changed by using EDITCFG.EXE. You may
also create your own configuration files using EDITCFG. It
should also be noted that multiple configuration files can
be used. SECURE.EXE uses SECURE.CFG as a default if no
other configuration file is entered when SECURE.EXE is
executed, but you may name your configuration file whatever
you like. You can have as many configuration files as you
need, each having whatever name you desire.
The files ENCRYPT.EXE and DECRYPT.EXE are standalone
command files (programs) which will encrypt and decrypt a
data file. These programs can be called from DOS, from the
SECURE.EXE program, or any other way you would normally call
a program.
EDITCFG.EXE is a configuration editor utility that is
used to generate or edit the configuration file(s) used by
SECURE.EXE. The program displays screens that the user
completes in order to configure the program.
9
LOGIO.EXE is file I/O logging utility used to display
what files are being used by a program. By running LOGIO,
the user can determine the extensions of the files being
used by your application program. The results from running
this program can be used to determine the extensions that
must be specified in the configuration file(s).
10
INSTALLING THE FILE ENCRYPTION SYSTEM
This section is designed to assist you in installing
the File Encryption System on your system.
To install the File Encryption System on a hard disk:
We recommend that you copy the File Encryption System
to its own directory. Use the DOS "mkdir" command to create
the directory FES. (You may use any name you like.) At the
DOS prompt type:
mkdir c:\fes
and press ENTER. Throughout this procedure, substitute
the letter of the drive you want the File Encryption System
installed on, if appropriate. If you've named your File
Encryption System directory something other than FES,
substitute that as well.
Place the File Encryption System distribution diskette
into your "A" drive and enter:
copy a:*.* c:\fes
You will now need to modify the "path=" statement in
your autoexec.bat file so that DOS knows where to find the
File Encryption System program files. Append:
c:\fes;
to the end of your "path=" statement. You must then
reboot the computer for this change to be in effect.
To install the File Encryption System on a floppy disk:
Assuming you have two floppy diskette drives, begin by
placing the your DOS diskette in drive A, then enter:
diskcopy a: b:
11
DOS will respond with the message:
Insert SOURCE diskette in drive A:
Insert TARGET diskette in drive B:
Press any key to continue
Remove the DOS diskette from drive A and replace it
with the original File Encryption System distribution
diskette. Then put a new diskette or one containing data
you know longer need or want in drive B and press any key to
start the copy process.
After you have made a master diskette, store the
distribution diskette in a safe place, where it will be
available if the master diskette ever becomes damaged.
12
USING THE FILE ENCRYPTION SYSTEM
This section is designed to guide you through setting
up and running a secure system.
Once you have installed the File Encryption System, a
number of decisions must be made before running the SECURE
program:
- encryption by inclusion or exclusion,
- level of encryption (1 - 2),
- encryption modification,
- file extensions to be included or excluded,
- definition of a menu screen,
- running single or multiple application
programs from a single configuration file
These questions must be answered in order to properly
set up the configuration file. The utility program
EDITCFG.EXE will allow you to generate a customized
configuration file for your own secure system.
The first step is determining whether you want to set
up your system to encrypt by inclusion (+) or exclusion (-).
With the inclusion method, all files having the specified
extensions are encrypted. Using the exclusion method, all
files except those with extensions specified are encrypted.
If you are using the inclusion method, you will specify
the extensions of all the data files used by the application
programs (e.g., .wk1, .wks, .dat, .doc, .dbf, .txt). If you
use the exclusion method, you will specify the extensions
that the application programs use internally, such as device
driver, dictionary, font, configuration and overlay files
(e.g., .dvc, .dic, .fnt, .cnf, .ovl). If the data file has
no extension specified, you indicate the file by using a
period (.) without any extension. Since there is no
difference, you may specify either upper or lower case
letters (e.g., .WK1 or .wk1). You may also use the question
mark (?) as a wildcard character (e.g., .WK? for .WK1 and
.WKS). The commonly used extensions .EXE, .COM, .SYS, .BAT
and .HLP are automatically excluded.
Determining whether to encrypt by using the inclusion
or exclusion method depends on how you wish to configure
your secure system and how your program stores its data in
files. Note that either method can be used for any
13
application program; it's just that one method may be more
convenient than another. If you are running a single
application program from a configuration file or there are a
limited number of data files to be encrypted or the
application program assigns the file extension, you may want
to use the inclusion method. If you are running multiple
application programs from a single configuration file or if
a large number of data files are to be encrypted or the user
can assign the file extensions, you may want to use the
exclusion method.
For example, if you are using Lotus 123 (c), all your
worksheets will be stored in a xxxxxxxx.WK1 file (123
release 2). It is very easy to use encryption by inclusion
since you only need to specify the one extension: .WK1.
However, if you are using Microsoft Word (c) as your word
processor, even though Word uses .DOC as a default for its
data files, you may be using quite a few different
extensions for all your Word documents. In this case, you
might want to specify encryption by exclusion, and specify
all the program files that Word uses.
Identifying the file extensions to be specified in the
configuration file requires you to determine which files are
data files and which files are program files. Generally,
the application software documentation will describe which
file extensions are data and which are programs. If this
cannot be determined from the documentation, a utility
program LOGIO.EXE is included. This program will log all
file access I/O. From this report, you should be able to
identify the proper extensions to specify in the
configuration file. Even if the documentation specifies
what files are used, you should run LOGIO to verify those
files; many programs use temporary files that are not
documented. If these temporary files contain data, you may
want to have these files encrypted as the program runs. If
you do not, even though the files will be erased when the
program is through with them, those files can be restored by
several available utilities, and the data can be retrieved.
More on how to use LOGIO is explained in Chapter 7.
The second step is selecting the encryption level (1-
2). Level 2 is the default level. As discussed previously,
the encryption level is determined by how secure you want
your data. It should be noted that the higher the
encryption level, the more time involved in reading and
writing the data to the disk.
Although the File Encryption System was designed to be
transparent to most programs, some programs may not work
properly, due to the method the encryption algorithms
encrypt the data files. Some programs require that the
exact number of bytes be written in the data file.
Therefore, it may be necessary to modify the encryption
14
algorithm to work with those programs. This is accomplished
by specifying a one (1) instead of the default zero (0).
Most programs work fine with the modification parameter set
to 0. Some will not work at all, unless you set this
parameter to 1. A list of the known programs that require
this parameter be set to 1 is listed in Appendix C. Most
programs will also work fine with this parameter set to 1.
The only difference is that when the algorithm modification
parameter is set to 1, up to the last 7 characters in the
file will not be encrypted. It is rare that any sensitive
data will be contained in the last 7 bytes, or that the last
7 bytes will make any sense by themselves, but why take a
chance? We recommend that you start with the modification
parameter set to 0. If you have a program listed in Appendix
C, or your program does not work, set the modification
parameter to 1. Note that there is no in between: your
program will either totally work with the parameter set to
0, or it will not be able to read and write data files at
all.
If desired, you may define a menu that will be
displayed when the SECURE program is executed. You may put
anything you like in this menu to make your application easy
to use.
15
SETTING UP YOUR SECURE SYSTEM
To set up your secure system you must first generate a
configuration file with the desired features by running
EDITCFG.EXE. Sample configuration files are included for
your examination.
USING EDITCFG.EXE
The utility program EDITCFG.EXE allows you to generate
a customized configuration file for your own secure system.
To execute EDITCFG, at the DOS prompt type EDITCFG or
EDITCFG <filename>.
C:\SECURE>EDITCFG , or
C:\SECURE>EDITCFG DEMO1
The default filename used by SECURE is SECURE.CFG (this
default is used by SECURE, not by EDITCFG). If you don't
enter a filename, you will be prompted to enter the name of
a configuration file. You can select any name you want for
the configuration file. You may enter a full pathname (the
disk drive, directory, and filename) on the command line or
in response to the prompt. During the following discussion,
references will be made to screens that appear when setting
up a configuration file. These are for example only; you
may configure your configuration files for whatever purpose
you might like.
Once you have selected a name for the configuration
file, the utility will search all directories in the path
for the named file. If the file is not found you will be
asked if you want to create the file.
16
For editing purposes the following keys can be used
whenever data is to be entered:
KEY FUNCTION
TAB, ENTER, DOWN ARROW Next field
SHIFT TAB, UP ARROW Previous field
LEFT ARROW Move left one character
RIGHT ARROW Move right one character
<SPACE>
<BACKSPACE>
<INS> Insert
<DEL> Delete single character
<CTRL><J> Delete to end of field
<CTRL><LEFT><ARROW> Move to beginning of field
<CTRL><RIGHT><ARROW> Move to end of field
When using EDITCFG the function keys are predefined and
allow you to go from one screen to another. The function
key definitions are shown below.
FUNCTION KEY FUNCTION
F1 File Extensions
F3 Menu Screen
F10 Save file
ESC Abort
17
After starting the EDITCFG program, and specifying the
configuration file to edit, the Edit File Extension screen
will be displayed. On this screen, you select the
encryption method, level, modification, and file extensions.
In the file extension portion, the field must begin with a
period (.). To specify files without any extensions, use
just a period in the field. An example configuration file
is shown below.
Edit File Extensions
Encryption by inclusion (+) or exclusion (-) : <+>
Encryption level (1 - 4) : <2> Encryption modification (0
- 1) : <0>
File Extensions:
<.WK?> <.PRN> <.DAT> <.TXT> <.DOC> < > < > < > <
> < >
F1-File exts F3-Menu F10-Save
Edit Configuration Utility - VX.XXX (C) Copyright
Bennett Scott, 1991
As you can see in this example, the configuration file
will encrypt the files having the specified extensions with
an encryption level of 2. File extensions .WK1 and .WKS
will both be encrypted since the wildcard (?) was used.
18
Pressing F3 displays the Edit Menu screen. This screen
allows the you to generate a customized menu that appears on
the screen when SECURE is executed. You can also use the
extended character set by typing <ALT> <x> <y> <z> where xyz
is the decimal equivalent of the character to be displayed
(to do this, hold down the ALT key and type the numbers on
the keypad). You can use this feature to draw boxes and
lines on the menu screen. An example of a menu is shown
below.
Edit Menu
------------------------------------------------------------
--------------------
SECURE MENU
Select one of the following
commands
DATA - Spreadsheet Program
WORD - Word Processor
COMM - Communication Program
FILE - Database Program
EXIT - Return to DOS
------------------------------------------------------------
--------------------
F1-File exts F2-Function keys F3-Menu F4-Passwords F5-
Program F10-Save Edit
Configuration Utility - VX.XXX (C) Copyright
Bennett Scott, 1991
Pressing F10 saves the configuration file. You can
return to any of the other screens by pressing the
respective function key. Pressing the ESC key aborts the
configuration program without saving the file.
19
USING ENCRYPT.EXE
Now that you have setup the configuration file, you may
still need to encrypt already existing data files in order
to begin using the File Encryption System. The File
Encryption System utility program, ENCRYPT.EXE will encrypt
a file given a file pathname, password, encryption level and
algorithm modification. The program is started by entering
"ENCRYPT" at the DOS prompt. The following screen will be
displayed, prompting you for the required information.
Enter data and press F1 to start encryption
Current Directory = <current path>
Pathspec = >
<
Password = > < Encryption Level = >2<
Modification = >0<
File Encryption Utility - VX.XXX (C) Copyright
Bennett Scott, 1991
Enter the filename you want to encrypt. You may give
both a disk and directory name in addition to the filename.
The question mark (?) and asterisk (*) may be used as
wildcard characters in the filename. If the file cannot be
found, you will get an error message. Enter a password, up
to 16 characters and an encryption level (1 - 2); level 2 is
the default. If necessary to modify the encryption
algorithm, change Modification from 0 to 1. The password
you select will be required when you run SECURE. Any
password may be used here, regardless of whether or not
passwords have been preassigned in a configuration file.
20
The encryption level that you select must be the same as
entered in the configuration file. Pressing F1 starts the
encryption process. The file is then read, encrypted, and
written back to disk. The encrypted file is written directly
over the original file, so no trace of the unencrypted
original is left. After the encryption is done, the program
terminates. If wildcards are used, the encryption procedure
is repeated until all files are encrypted.
When encrypting files, you must be careful and not
encrypt an already encrypted file. The encryption utility
does not know or care if a file is already encrypted; it
will encrypt the file twice. The file can still be
restored, it is just a matter of using the decrypt utility
(twice, in the reverse order that the encrypt utility was
used). You should also be careful to not interrupt the
encrypt utility while it is running. As a fail-safe
feature, ENCRYPT first writes encrypted data to a temporary
file and then writes the encrypted file over your original
file. If the program is interrupted while it is running, the
original unencrypted file will still be present, as well as
the temporary file which is encrypted.
Pressing the ESC key before pressing the F1 key will
abort the Encryption program.
21
USING DECRYPT
The File Encryption System utility program, DECRYPT.EXE
will decrypt a file given a file pathname, password, and an
encryption level. The program operates similarly to the
encrypt utility, except that the file(s) are decrypted
instead of encrypted. The program is started by entering
"DECRYPT" at the DOS prompt. You can use DECRYPT to change
the password or encryption level of a file by first running
DECRYPT using the old information and then running ENCRYPT
with new information. You can use the ESC key to abort the
decryption utility. The following screen will be displayed,
prompting you for the required information.
Enter data and press F1 to start decryption
Current Directory = <current path>
Pathspec = >
<
Password = > < Encryption Level = >2<
Modification = >0<
File Encryption Utility - VX.XXX (C) Copyright
Bennett Scott, 1991
22
USING THE SECURE PROGRAM
Now that you have created a configuration file and
encrypted the necessary data files, you are ready to start
the The File Encryption System main program (SECURE.EXE).
At the DOS prompt enter the command "SECURE", followed by
the configuration filename. If you do not enter any
arguments, SECURE will search for the default configuration
file, SECURE.CFG, in the current directory, then in all
directories specified by the PATH. An error message will
appear on the screen if the configuration file can not be
found. What you see on the screen depends on how you set up
your configuration file.
Enter at the DOS prompt:
> SECURE , or
> SECURE <configuration file>
23
RUNNING SECURE
When you execute the SECURE program, you will see the
menu that you defined in your configuration file. Shown
below is the menu screen that would appear if the
configuration file used in a previous example was used.
SECURE MENU
Select one of the following
commands
DATA - Spreadsheet Program
WORD - Word Processor
COMM - Communication Program
FILE - Database Program
EXIT - Return to DOS
Directory = >
Command >
Password > <
Lines 4 through 20 on the display is the menu defined
in the configuration file. This file is read once when the
program starts to execute, then the file is not needed
again. As discussed in the previous section, you may put
anything you like in this file to make your application easy
to use. This file needs to be in the default directory or
in the PATH when SECURE.EXE begins to execute. You will
receive an error message if SECURE can not find the
configuration file.
Line 22, (Directory =) displays the current (or
default) disk and directory.
24
Lines 23 and 24 contain the prompts for the command,
and the password. The command can be any DOS command you
normally use. The program will take the command and will
try to execute it in one of two ways. It will first look
for a .COM or .EXE file which corresponds to your command.
You can also give a disk and directory name as part of your
command (such as B:\UTILITY\CHKDSK), however you must
realize that a large number of programs require
supplementary files which all must be in the default
directory or path. (This is the same restriction on
PC/MSDOS itself, so you should be familiar with this.) If
the file cannot be found as a .COM or a .EXE file, then a
copy of COMMAND.COM is loaded to execute your command.
COMMAND.COM is the MSDOS command interpreter. This must also
be done to execute internal commands (such CHKDSK and TYPE)
and batch files. If another copy of COMMAND.COM needs to be
loaded, you will have reduced the amount of memory available
to your program by the size of COMMAND.COM.
If you give the command COMMAND, a copy of COMMAND.COM
will be loaded and control will be transferred to it. This
is similar to loading any other program file. If the file
COMMAND.COM is not in the default directory or path on the
default disk, you may give both a disk and directory in
front of the command (such as C:\SYSTEM\COMMAND). You can
leave the command interpreter and return to the SECURE
program with the command "EXIT".
The password can be any printable character (any
character on the keyboard) up to 16 characters long. Keep
in mind that all characters in a password are part of that
password. For example the password "PASSWORD" is not the
same as the password "PASS WORD", which has an embedded
space. It is also not the same as "password"; upper and
lower case characters are different. If you do not enter
anything (by simply pressing the RETURN key), the encryption
system will not be turned on. This allows you to perform
the internal and external DOS commands or execute any
program which does not require encryption. If your
configuration file was created with passwords assigned, you
must enter the correct password at this prompt (or no
password). An invalid password will give you an error
message.
After your command finishes processing, control will be
returned to the SECURE.EXE program. You will get the
message:
Command terminated - Press any key to continue
At this point, press any key to return to the menu.
25
The encryption system is automatically turned off when
you return to the SECURE.EXE program.
You may be wondering what will happen if you do not
turn on the encryption driver (by not entering a password),
or turn it on with the wrong password. When the program
tries to read data from an encrypted file, it will read
meaningless data. Many programs, especially spreadsheet
programs and some word processors, can recognize that the
data does not make sense and will give you an appropriate
message. Other programs, like a text editor, won't care -
one character is as good as another to them. In this case
you may see gibberish on the screen. Other programs, like
some older word processors, may not be able to detect
meaningless data, but will try to use it and "crash" the
system. In this case you may have to reboot your system.
It will not harm the files themselves.
While SECURE is active and expecting you to enter a
program and password, the UP and DOWN arrow keys allow you
to recall previously executed commands (up to 16). If you
decide not to perform a particular command after having
entered it at the command prompt you can use the HOME key to
wipe out the entry. Pressing the ESC key or typing EXIT at
the command prompt will terminate SECURE, returning you to
whatever application was executing prior to running SECURE.
26
LIMITATIONS OF THE FILE ENCRYPTION SYSTEM
Although the File Encryption System was designed to be
transparent to most programs, some programs may not work
with the security system. This section details those areas
that may cause problems.
The encryption algorithms used by the security system
require that data be written in blocks of 8 bytes. A
program can write any number of bytes it wants, and the
security system will handle the task of converting the data
to 8 byte blocks. Most programs will not care that the file
size of their file is 800 bytes instead of the 797 bytes
that they actually wrote. However, there may be some
programs that do not like it, and will not work properly.
If the File Encryption System is off, 797 bytes written will
yield a 797 byte file. It is only when the data is being
encrypted (a password is specified) that the data will be
written in 8 byte blocks. To allow the File Encryption
System to work with these programs, during the set up of the
configuration file, you can modify the encryption algorithm
by selecting one (1). If there are less than 8 bytes
remaining to be encrypted, those bytes will not be
encrypted. A list of known programs that must use this
modification are listed in Appendix C.
If a program opens a file for write access only, this
is intercepted by the security system and changes to
read/write access. This is necessary if the program wants
to write 1 byte in the middle of the file. The security
system must read an 8 byte block, decrypt it, write the
data, and encrypt the block before putting it back in the
file. This should cause no problems.
There is a limit of 40 files with exclusion extensions
that can be open at any one time with the handle method of
file I/O. This should be more that enough for most
applications. If this upper limit is reached, the
application task may return an error saying that too many
files are open. Note that the default number of files that
can be open under MSDOS with the handle method is only 8, so
unless there is a FILES= command in the CONFIG.SYS file that
specifies more than 40 files, there is no chance of this
even being a problem.
The security system works by intercepting the MSDOS
function call interrupt (INT 21H). If a program changes this
27
vector without putting it back to its original value, the
security system may be disabled.
28
USING THE LOGIO UTILITY PROGRAM
It is not always a straight forward task to determine
what files an application program may be using. Program file
extensions (for encryption by exclusion) can usually be
determined by merely looking at the directory containing the
application program and noting all the extensions. Note
however, that even by doing this, you may have many files
extensions that you may want to exclude. But, it is not
always an easy job to determine what data files (for
encryption by inclusion) that an application program may be
using. For example, it may be readily apparent that your
word processing program appears to be using the extension
".DOC" as a default for all your text files, and you plan to
use only that extension. But the word processor may really
be writing to a file with a ".TMP" extension (for
"temporary"). After this file is written to disk, it is
renamed to ".DOC" after your original file has been renamed
to ".BAK" (for "backup"). If you configure SECURE to only
encrypt ".DOC" files, your file will end up unencrypted.
This is because the file is unencrypted when writing to the
".TMP" file, since you did not specify the extension ".TMP".
Renaming the file from "FILE.TMP" to "FILE.DOC" will not
affect the encryption, since renaming the file only changes
the name; the file has already been written under its old
name.
The LOGIO utility allows you to look at what files any
application may be using by logging all file access input
and output (reads and writes) to a file. By having this
information, you can tell what files are being used by your
program, so that you can correctly configure SECURE to
properly encrypt your data files.
You should always run LOGIO as one of the first steps
in setting up your configuration. Remember, even if you
think you know what files are being used by your
application, if your data files are not being encrypted
after running your application program from the SECURE
program, it may be caused by the application program using
temporary files for data storage. If this is the case,
running LOGIO will give you the information you need to
correctly configure SECURE.
29
In order to use LOGIO, enter LOGIO at the DOS prompt.
The following screen will be displayed.
Current Directory =
>
File I/O Logging Program - VX.XXX (C) Copyright
Bennett Scott, 1985-1991
This screen looks very much like the SECURE screen, and
in fact works much the same way. But instead of intercepting
all data being read and written to the data files, the
information that these data files are being used will be
logged to a log file.
The current directory will be shown after the equal (=)
sign. If you need to change to another directory in order
to run your application program, you can use the DOS change
directory (CD) command entered at the > prompt. The current
directory should now displayed after the = sign. You can
now enter the command to run your application program.
Upon running your application program, the LOGIO
program will store the names of the files that are being
used by your application. From this log file you will be
able to determine what files are being used by your
application program. You will see messages that indicate
when files are opened, created, renamed, and moved.
All files must be "opened" before an application
program may use it. Every file that the application program
uses must be opened, and as such, the file's name will be
printed. A file must be opened whether it exists or not;
30
files that are opened may be either program files or data
files.
A file that does not exist cannot be opened; it must be
"created". Usually an application program may try to open a
file, find that it is not there, and will then create the
file. The create operation not only creates the file, but
it also opens the file so that it can be used. When you see
an application program trying to open a file, then creating
it, you may have caught your application program using a
temporary file.
An application program, when through with a temporary
file, will usually "rename" (or "move" the file). Both
these operations are essentially the same: the name of the
file is changed. This is usually done when a temporary file
must be renamed to your data file.
All the messages logged by the LOGIO program are stored
in the file "$$$LOGIO.LOG". This file will be put in the
default directory selected when LOGIO is started. You may
use any normal way you have to look at this file (type,
print, edit, etc). You may also send the output directly to
your printer while the program is running by running LOGIO
with a "/P" parameter, ie, when starting the LOGIO program,
enter "LOGIO /P" at the DOS prompt.
The messages printed by LOGIO are as follows:
Opening file handle : Filename = EXAMPLE.TXT
Hex values of extension = [54][58][54]
This is a typical "opening file" message. The file
"EXAMPLE.TXT" is being opened by the application program.
The term "file handle" refers to the way that the
application program is controlling the file. A similar
message will say "Opening file FCB". This is an alternate
way of controlling files in MSDOS. As far as configuring
SECURE, both messages give you the same information.
In addition to the name on the first line of this
message, the second line repeats the extension in
hexadecimal notation. Some application programs may use
"nonstandard" characters in the extension name (such as the
smiling face or mathematical symbols). These are characters
that are supported by PCs, but are outside the normal ASCII
printable character set range. These will be properly
displayed on the first line of this message in the
$$$LOGIO.LOG file, but if your printer does not support the
full PC character set, and you print the log file, your
printer may not print these special characters. The
hexadecimal notation is also useful if you need to enter the
extension in the SECURE configuration file. To do so, first
31
convert each character of the extension in hexadecimal
notation to decimal notation by referring to appendix D.
You can then enter the nonstandard character on the
appropriate screen of the EDITCFG program by holding down
the ALT key and pressing the three keypad digits that
represent the character in decimal notation.
Creating file handle : Filename = EXAMPLE.TXT
Hex values of extension = [54][58][54]
This is a typical "creating file" message. The file
"EXAMPLE.TXT" is being created, and then opened by the
application program. The term "file handle" refers to the
way that the application program is controlling the file. A
similar message will say "Creating file FCB". This is an
alternate way of controlling files in MSDOS. As far as
configuring SECURE, both messages give you the same
information. This message also gives you the alternate
hexadecimal notation for the extension.
Moving file : EXAMPLE.TXT => EXAMPLE.BAK
Hex values of extension = [54][58][54] =>
[42][41][4B]
Renaming file : EXAMPLE.TXT => EXAMPLE.BAK
Hex values of extension = [54][58][54] =>
[42][41][4B]
These two messages show a file being renamed. Both
these messages show a file named "EXAMPLE.TXT" being renamed
to "EXAMPLE.BAK".
All these messages can now be put together into a
sample LOGIO session. In this case, we will edit a file
"EXAMPLE.TXT" using our text editor "EDIT". We have started
the session by entering:
EDIT EXAMPLE.TXT
at the LOGIO command prompt. The logging session may
look like follows:
Opening file handle : Filename = EDIT.CFG
Hex values of extension = [43][46][47]
Opening file handle : Filename = EXAMPLE.TXT
Hex values of extension = [54][58][54]
Opening file handle : Filename = EXAMPLE.TMP
Hex values of extension = [54][4D][50]
Creating file handle : Filename = EXAMPLE.TMP
Hex values of extension = [54][4D][50]
Moving file : EXAMPLE.TXT => EXAMPLE.BAK
32
Hex values of extension = [54][58][54] =>
[42][41][4B]
Moving file : EXAMPLE.TMP => EXAMPLE.TXT
Hex values of extension = [54][4D][50] =>
[54][58][54]
In this example, the first open is a file named
"EDIT.CFG". This is a configuration file that the editor
uses, and is part of the application program. The next file
that is opened is "EXAMPLE.TXT". This is our data file that
we want to edit. The next two logged messages show that a
file named "EXAMPLE.TMP" was opened, then created. Our
editor is using a temporary file with the ".TMP" extension.
Since the temporary file is not there, it cannot be opened,
and must be created. The last two messages show the files
being renamed to complete the edit operation. Our original
file was renamed "EXAMPLE.BAK"; it is now a backup file.
The temporary file was renamed "EXAMPLE.TXT", which is our
newly edited file.
If we want to configure SECURE for encryption by
exclusion, we would have to specify the ".CFG" extension;
our editor uses a file with this extension. If we want to
configure SECURE for encryption by inclusion, we would
specify the extensions ".TMP", ".BAK", and ".TXT". The
editor is going to use the ".TMP" and ".BAK" extensions for
a temporary file and a backup file. We want the temporary
file to be encrypted so that the temporary file cannot be
"undeleted" from the disk. We want the backup file to be
encrypted so that we can edit it later. Note that the
backup file will be encrypted, since it is really only being
renamed; but we want to be able to edit the backup file. We
specify the ".TXT" extension since that is going to be the
extension on all our encrypted data files; we could specify
as many extensions that we want for data files.
33
APPENDIX A
MESSAGES in ENCRYPT/DECRYPT
Encrypting file <pathname>
The named file is currently being encrypted.
Decrypting file <pathname>
The named file is currently being decrypted.
*** No Files Found ***
No files matching the pathname specification could be
found for encryption or decryption.
*** Error opening file <pathname> ***
An error was encountered when trying to access the
named file. This error should not occur unless there
is a file subsystem (disk) problem.
*** Error opening working file <pathname> ***
An error was encountered when trying to access the
named file. This could be caused by the disk being
write protected or the disk (or directory) being full.
*** Error writing working file <pathname> ***
An error was encountered when trying to write to the
named file. This could be caused by the disk being
write protected or the disk being full.
*** Error reading file <pathname> ***
An error was encountered when trying to access the
named file. This error should not occur unless there
is a file subsystem (disk) problem.
34
*** Error reopening file <pathname> ***
An error was encountered when trying to access the
named file. This error should not occur unless there
is a file subsystem (disk) problem.
*** Error reopening working file <pathname> ***
An error was encountered when trying to access the
named file. This error should not occur unless there
is a file subsystem (disk) problem.
*** Error reading working file <pathname> ***
An error was encountered when trying to access the
named file. This error should not occur unless there
is a file subsystem (disk) problem.
*** Error writing encrypted file <pathname> ***
An error was encountered when trying to write to the
named file. This could be caused by the disk being
write protected, your original file being write
protected, or the disk being full.
*** Error writing decrypted file <pathname> ***
An error was encountered when trying to write to the
named file. This could be caused by the disk being
write protected, your original file being write
protected, or the disk being full.
35
MESSAGES IN SECURE
*** Configuration file not found ***
The specified configuration file could not be found in
either the current directory, or in any of the
directories specified by the PATH. If no configuration
file was specified, SECURE.CFG could not be found.
Command terminated - Press any key to continue.
SECURE has successfully completed execution of the
command given on the SECURE menu screen. Press any key
to return to the SECURE menu screen.
Command not able to execute - Press any key to continue.
SECURE was not able to find the specified program file
to execute, so it tried to load a copy of the MSDOS
command interpreter. SECURE could not find the command
interpreter.
*** Too many extensions in configuration file ***
This error indicates a corrupted configuration file.
The configuration file must be regenerated (from
scratch).
*** Too many characters in menu text ***
This error indicates a corrupted configuration file.
The configuration file must be regenerated (from
scratch).
36
MESSAGES IN EDITCFG
*** Configuration file <pathname> not found ***
EDITCFG cannot find the configuration file named in
either the default directory or in any directories
specified in the PATH. EDITCFG will ask if you want to
create this file.
*** Saving Configuration File
The new parameters are being saved to the configuration
file.
*** Too many extensions in configuration file ***
This error indicates a corrupted configuration file.
The configuration file must be regenerated (from
scratch).
*** Too many characters in menu text ***
This error indicates a corrupted configuration file.
The configuration file must be regenerated (from
scratch).
37
MESSAGES IN LOGIO
Command terminated - Press any key to continue.
LOGIO has successfully completed execution of the
command given on the LOGIO menu screen. Press any key
to return to the LOGIO menu screen.
Command not able to execute - Press any key to continue.
LOGIO was not able to find the specified program file
to execute, so it tried to load a copy of the MSDOS
command interpreter. LOGIO could not find the command
interpreter.
Opening file handle : Filename = <pathname>
The named file is being opened for access using the
MSDOS file handle access method.
Opening file FCB : Filename = <filename>
The named file is being opened for access using the
MSDOS file control block access method.
Creating file handle : Filename = <pathname>
The named file is being created and opened for access
using the MSDOS file handle access method.
Creating file FCB : Filename = <filename>
The named file is being created and opened for access
using the MSDOS file control block access method.
Moving file : <old pathname> => <new pathname>
The named file is being renamed to the new name using
the MSDOS file handle access method. (Note: the file
is really not being "moved" on disk. That is only the
MSDOS terminology. But it may be "moved" to a new
directory on the same disk.)
Renaming file : <old filename> => <new filename>
The named file is being renamed to the new name using
the MSDOS file control block access method.
38
APPENDIX B
The following information may be used to set up the
file extensions in the configuration file. The following
information list filename extensions used by many popular
software packages. Both data files as well as program files
are included to allow you to configure your system for
either the inclusion or exclusion method of encryption. To
use the inclusion method of encryption, select the plus (+)
and in the extension fields enter the extensions shown for
your particular package (the data files). If you want to
use the exclusion method of encryption, select the minus (-)
and in the extension fields enter the extensions shown for
your particular package (the program files).
If you have selected to use the inclusion method, and
are running more than one application program from a single
configuration file, all extensions for each program must be
from the inclusion list. The opposite is true if you are
using the exclusion method. You cannot mix extensions from
the inclusion list with the exclusion list.
SECURE.EXE automatically excludes the commonly used
file extensions, .BAT, .COM, .EXE, .HLP, and .SYS. It is
not necessary to enter these extensions when configuring
your system.
Many programs (especially text editors and word
processors) let you use any extension you desire. This will
affect encryption by inclusion, since you must specify all
extensions of your data files. This will be indicated in the
following tables with the entry ".xxx". This entry indicates
that you must specify all extensions that you intend to use
with your application.
39
SPREADSHEETS
LOTUS 123 (Release 1 and 2)
INCLUSION - .WK?, .PRN
EXCLUSION - .CMP, .CNF, .DLB, .DRV, .DVC, .DYN,
.FNT, .FON, .LBR, .SET, .SCR, .XLT
MICROSOFT MULTIPLAN (Version 1 and 2)
INCLUSION - .xxx
EXCLUSION - .LOD, .COD, .DAT, .INI
WORD PROCESSORS
MICROSOFT WORD
INCLUSION - .DOC, .xxx
EXCLUSION - .GLY, .INI, .LEX, .PRD, .STY, .SYN, .VID
WORDPERFECT
INCLUSION - .DOC, .xxx
EXCLUSION - .SET, .FRS, .LRS, .PRS, .WPK, .STY, .MRS
.DRS, .FIL, .LEX, .THS, .CRS
DATABASE MANAGEMENT
dBASE III
INCLUSION - .BAK, .DBF, .DBT, .NDX, .TBK
EXCLUSION - .DB, .CAT, .FRM, .FMT, .MSG, .LBL, .MEM,
.OVL, .PRG, .QRY, .SCR, .TXT, .VUE
40
APPENDIX C
The following programs must be used with algorithm
modification 1:
Wordperfect
41
APPENDIX D
HEXADECIMAL TO DECIMAL CONVERSION
HEX DEC HEX DEC HEX DEC HEX DEC HEX DEC HEX DEC
00 000 2D 045 5A 090 87 135 B4 180 E1 225
01 001 2E 046 5B 091 88 136 B5 181 E2 226
02 002 2F 047 5C 092 89 137 B6 182 E3 227
03 003 30 048 5D 093 8A 138 B7 183 E4 228
04 004 31 049 5E 094 8B 139 B8 184 E5 229
05 005 32 050 5F 095 8C 140 B9 185 E6 230
06 006 33 051 60 096 8D 141 BA 186 E7 231
07 007 34 052 61 097 8E 142 BB 187 E8 232
08 008 35 053 62 098 8F 143 BC 188 E9 233
09 009 36 054 63 099 90 144 BD 189 EA 234
0A 010 37 055 64 100 91 145 BE 190 EB 235
0B 011 38 056 65 101 92 146 BF 191 EC 236
0C 012 39 057 66 102 93 147 C0 192 ED 237
0D 013 3A 058 67 103 94 148 C1 193 EE 238
0E 014 3B 059 68 104 95 149 C2 194 EF 239
0F 015 3C 060 69 105 96 150 C3 195 F0 240
10 016 3D 061 6A 106 97 151 C4 196 F1 241
11 017 3E 062 6B 107 98 152 C5 197 F2 242
12 018 3F 063 6C 108 99 153 C6 198 F3 243
13 019 40 064 6D 109 9A 154 C7 199 F4 244
14 020 41 065 6E 110 9B 155 C8 200 F5 245
15 021 42 066 6F 111 9C 156 C9 201 F6 246
16 022 43 067 70 112 9D 157 CA 202 F7 247
17 023 44 068 71 113 9E 158 CB 203 F8 248
18 024 45 069 72 114 9F 159 CC 204 F9 249
19 025 46 070 73 115 A0 160 CD 205 FA 250
1A 026 47 071 74 116 A1 161 CE 206 FB 251
1B 027 48 072 75 117 A2 162 CF 207 FC 252
1C 028 49 073 76 118 A3 163 D0 208 FD 253
1D 029 4A 074 77 119 A4 164 D1 209 FE 254
1E 030 4B 075 78 120 A5 165 D2 210 FF 255
1F 031 4C 076 79 121 A6 166 D3 211
20 032 4D 077 7A 122 A7 167 D4 212
21 033 4E 078 7B 123 A8 168 D5 213
22 034 4F 079 7C 124 A9 169 D6 214
23 035 50 080 7D 125 AA 170 D7 215
24 036 51 081 7E 126 AB 171 D8 216
25 037 52 082 7F 127 AC 172 D9 217
26 038 53 083 80 128 AD 173 DA 218
27 039 54 084 81 129 AE 174 DB 219
28 040 55 085 82 130 AF 175 DC 220
29 041 56 086 83 131 B0 176 DD 221
2A 042 57 087 84 132 B1 177 DE 222
2B 043 58 088 85 133 B2 178 DF 223
2C 044 59 089 86 134 B3 179 E0 224
42
