SuperHack

home *** CD-ROM | disk | FTP | other *** search

/ SuperHack / SuperHack CD.bin / Hack / UTILS / GLOBALS.ZIP / GS.DOC < prev next >

Wrap

Text File | 1995-02-24 | 187KB | 4,044 lines

Global Security 16 A Data Security Program! TAN$TAAFL(TM) Software Company Version 3.10 ■■ 24 February 1995 A Shareware Distributed Program! CUSTOMER SERVICE Page 2 --------------------------------------------------------------- If you experience any problems with this program, please write to: MacGregor K. Phillips TAN$TAAFL(TM) Software Company Sto. Nino Palauig, Zambales 2211 Philippines (C) Copyright 1994, 1995 TAN$TAAFL(TM) Software Company All Rights Reserved Program and manual written by MacGregor K. Phillips Trademark Acknowledgements Epson is a registered trademark of Epson America, Inc. IBM and PS/2 are registered trademarks of International Business Machines Corporation Intel is a registered trademark of Intel Corporation Windows is a trademark of Microsoft Corporation WordPerfect is a registered trademark of WordPerfect Corporation PGP and "Pretty Good Privacy" are trademarks of Philip R. Zimmermann. ABOUT THE AUTHOR MacGregor K. Phillips was born in South Bend, Ind. USA in 1944. Retiring after 22 years of service in the US military he now does what he loves best, writing computer software. He lives with his wife and daughter in the Philippines. For D.P. and S.S. - Prediction Number 18 has come true. TABLE OF CONTENTS Page 3 --------------------------------------------------------------- Features.....................................................4 Association of Shareware Professionals.......................5 ASP Ombudsman................................................5 Available by the same Author/Pass it Along...................6 Licensing....................................................6 Preface......................................................7 Welcome to Global Security...................................8 Four Ways to Use Global Security.............................9 Computer Requirements........................................9 Installing Global Security..................................11 Executing Global Security...................................12 What You Need to Know to Use Global Security................14 Using Global Security.......................................24 Build A Prime Number File...............................25 Create A Default Parameter File.........................28 Scramble A Prime Number File............................29 Generate a Key File.....................................30 Pack/UnPack File(s).....................................32 Encipher/Decipher a File................................35 Transform File for E-Mail...............................39 Make a One Time Pad.....................................43 Wipe/Delete File(s).....................................45 Frequency Distribution Tests............................48 Tips on Using Global Security in the Real World.............52 Using a One Time Pad........................................55 Appendix A - Why Encipher Data..............................59 Appendix B - Why Global Security............................63 Appendix C - Startup/Termination Errors.....................68 Program Errors.................................69 Critical Errors................................74 Printer Errors.................................76 Appendix D - Program Limitations............................77 Appendix E - Terminology....................................78 Appendix F - PGP on PGP.....................................80 Index.......................................................81 FEATURES Page 4 --------------------------------------------------------------- The Global Security software contains many features. Here are just a few of them. Unbreakable, in theory and practice, encryption algorithms using the "One Time Pad System". (See Appendix B) Transform any file for transmission by E-Mail using the High RADIX 64 File Format. Create One Time Pads to use for secure hand written messages. File Selection Screen allows you to navigate through your drives, directories, and files with ease. Select multiple files for use with the pack/unpack and wipe/delete file routines. Sort files in ascending or descending order by name, date, extension, time, or size. Compress up to 2,048 files into one file for enciphering or storage on disk. Select up to 2,048 files to wipe or delete in one operation. Uses government procedures IAW DoD 5220.22-M to wipe files on your disk. Easy to understand Critical Error Reporting System, Printer Error Reporting System, and Extended Error Reporting System. Includes VGA brighten, dim, blank, and reset color routines, context sensitive Help, mouse support, and Hot Keys. Command Line Parameters to force a black and white screen, force a pause after each printed page, disable confirmation of all files before wiping or deleting, and disable the VGA color routines. Save screen images to GLOBAL.PRN file for printing at a later time. When you exit Global Security the buffers used to encipher and decipher data are wiped so sensitive data cannot be recovered from memory before another program is run. No limit on file sizes except the size of you disk drives. Test you own enciphered files to see how random they really are. ASSOCIATION OF SHAREWARE PROFESSIONALS Page 5 --------------------------------------------------------------- This software is produced by MacGregor K. Phillips who is a member of the Association of Shareware Professionals (ASP). ASP wants to make sure that the shareware principle works for you. If you are unable to resolve a shareware-related problem with an ASP member by contacting the member directly, ASP may be able to help. The ASP Ombudsman can help you resolve a dispute or problem with an ASP member, but does not provide technical support for members' products. Please write to the ASP Ombudsman at 545 Grover Road, Muskegon, MI 49442 or send a CompuServe message via CompuServe Mail to ASP Ombudsman 70007,3536." _______ ____|__ | (R) Global Security 16 --| | |------------------- is distributed as | ____|__ | Association of Shareware. This | | |_| Shareware allows you to try |__| o | Professionals it out for a -----| | |--------------------- reasonable period |___|___| MEMBER of time before you register it. Please refer to the TRIAL USE LICENSE section of the VENDINFO.DIZ File. If you continue to use Global Security regularly you are expected to register the program. You can use the instant order form in file ORDER.DOC. Just print it out on your printer, fill it out, and mail it. If you are not familiar with the Shareware concept please read the file SHR_WARE.DOC. The registration fee is $35.00, plus $10.00 shipping and handling. For complete details on registration see the ORDER.DOC file. Registration Incentives --------------------------------------------------------------- Receive the latest registered version of Global Security 16 and Global Security 32, which is optimized for 32 bit registers and is for 80386 and up computers. It runs one heck of lot faster than the 16 bit version of Global Security. New features in the registered versions currently include a Disk Security Section to wipe all unused areas on a disk, and an Options Menu which includes printer selection and startup commands, and options for the government wipe procedure. The registration reminder screen has also been removed. Plus receive two small utilities. One is NEWCLS.COM, a replacement for the DOS CLS command which allows you to set any valid combination of screen colors whenever you clear the screen. The second is GUARDIAN.SYS which guards your computer against any attack through DOS's backdoor. Once you have registered any version of Global Security you will be notified of any major upgrades by the TAN$TAAFL(TM) Software Company and the only cost to you for a new version will be the cost of a disk from the TAN$TAAFL(TM) Software Company and a small postage and handling fee. Page 6 --------------------------------------------------------------- Program support by mail will also be provided for 90 days after registration. I am currently living overseas in the Philippines and do not have access to a telephone, fax, or CompuServe. If it seems to take a long time for me to answer your letters please remember the slow pace of mail between foreign countries. If your registration form or letter gets returned because of a change of address please contact ASP for my current address. This will be greatly appreciated by all. All registrations will be acknowledged. Site Licenses are provided for companies, offices, workgroups, government agencies, etc. who need to register and use more than one copy of Global Security. See the "SITELICE.DOC" file for more information. AVAILABLE FROM TAN$TAAFL Software Company --------------------------------------------------------------- StopWatch. It has Up Timers, Down Timers, Lap Timers, Game Timers and Split Timers. Date, Calendar and Holiday information too. Three levels of precision. The highest depends on your computer. Time events with accuracy to millionths of a second on most computers above 16Mhz. 16 and 32 bit registered versions available. Includes Holiday Editor, Speed Calculations for Up and Lap Timers, and Printer Options menu. PASS IT ALONG --------------------------------------------------------------- BBS SYSOPs, Vendors, Computer Clubs, and Shareware Distributors please refer to the VENDINFO.DIZ File for information. Individuals who wish to distribute the "Global Security" package to friends or associates may do so in accordance with the restrictions outlined in the LICENSE section of the VENDINFO.DIZ File. All the files listed in the PACKING.LST section of the VENDINFO.DIZ File, plus the VENDINFO.DIZ file, must be included when distributing this program. If you archive the program for distribution through BBS's, please use the name GLBSEC31.EXE (or .ZIP, .LZH, .PAX, etc. as appropriate). LICENSING: Any company, corporation or government that wants to license the algorithms used by Global Security, to incorporate them into their own programs, please contact the TAN$TAAFL(TM) Software Company at the above address. The high speed of the algorithms make them ideal for use in online real time data transmissions that require the highest possible degree of security. DISTRIBUTORS WANTED --------------------------------------------------------------- Distributors wanted for the registered versions of all programs published by TAN$TAAFL(TM) Softeware Company. Must be able to accept credit cards. PREFACE Page 7 --------------------------------------------------------------- News Flash --------------------------------------------------------------- CLINTON'S WHITE HOUSE MAY BAN USE OF ALL ENCRYPTION DEVICES AND SOFTWARE THAT IS NOT CRACKABLE BY THE NATIONAL SECURITY AGENCY (NSA). REP. EDWARD J. MARKEY (D-MASS.) CHAIRMAN OF THE HOUSE TELECOMMUNICATIONS SUBCOMMITTEE, FEARS THE GOVERNMENT MAY EVENTUALLY BAN ENCRYPTION. "IN A DIGITALLY LINKED WORLD, WHERE ENCRYPTION IS THE KEY TO PRIVACY," HE SAID, "BANNING ENCRYPTION MAY BE LIKE BANNING PRIVACY." The above imformation is from the 30 May 1993 Business Section of the Washington Post in an article entitled "Chipping Away at Privacy? - Encryption Device Widens Debate Over Rights of U.S. to Eavesdrop". On 16 April 1993 the White House announced it was imposing a new scheme for encrypting voice and data communications. The system imploys a device called the "Clipper Chip" which leaves a deciphering key in the federal governments pocket. In other words, if you use this device the government can intercept your encrypted phone calls or computer data transmissions and decipher them at will. The government will stock up on phones and computers equipped with the "Clipper Chip" and if you do business with the government you will have to use the same devices. The government is also drafting laws to require telecommunications companies to grant law enforcement agencies special access to U.S. communications networks. The NSA is also promoting a chip called "Capstone" using a formula called "Skipjack" to encrypt data. Of course the NSA and the government retain master keys to these so they can decode any data transmitted by them. Anyone crazy enough to buy anything endorsed by the NSA deserves to have their secret data read by anyone in government. What it all boils down to is do you have the right to keep a phone call or computer transmission private? The government says no; I say yes. Global Security is designed to keep computer transmissions private. It is uncrackable by the NSA or any other agency in the world. Read the following documentation and you will understand why. For the latest developments in this area please read the article in the Wednesday, March 2, 1994 business section of The Washington Post titled "Chipping Away at a Fundamental Freedom? - Computer Firms, Rights Groups Clash With White House Over Encryption vs. Law Enforcement". Page 8 --------------------------------------------------------------- Welcome to Global Security --------------------------------------------------------------- Until now unbreakable encryption methods have been possessed by only a few government agencies, such as the National Security Agency and the Soviet KGB. With Global Security you now have that ability. Privacy maintained by mathematical law is now a reality. For detailed explanations of why you need to encrypt data and why Global Security is unbreakable, in theory and practice, please read Appendixes A and B. The weak link in all computer transmissions is from the moment the data enters the telephone system until it leaves the telephone system at the other end. Global Security is designed to eliminate that weak link. If you are an individual, a small business man, a doctor, a lawyer, a scientist, an inventor, a large corporation, or anyone with vital data to transmit across town, across the nation, or around the world this program is for you. Once you have enciphered your data with Global Security it is safe even from the prying eyes and super computers of the dreaded National Security Agency (NSA) of the United States Government. Feel free to transmit your enciphered data anywhere at anytime and know that if intercepted it cannot be deciphered. Any size file, any type file, no matter what program it was created with can be enciphered. Once transmitted it can be deciphered with ease at the other end. All supporting files required take only minutes to create with the 32 bit version of Global Security or hours with the 16 bit version. The 32 and 16 bit versions are identical except that the 32 bit version executes many times faster. Now includes separate data compression/decompression routines to compress up to 2,048 files into one file before enciphering, preparation of text or binary files for transmission by any Electronic Mail (E-Mail) Service, and separate wipe/delete file routines to remove or wipe sensitive files. For secure hand written correspondence between two people use the One Time Pads that can be created. Ideal for short, secure messages. THE BILL OF RIGHTS TO THE U.S. CONSTITUTION - Amendment IV: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized." Global Security secures these rights for computer data. Four Ways to Use Global Security Page 9 --------------------------------------------------------------- 1) Encipher a file, transmit it or mail it on disk, and decipher it on the other end. When this enciphering method is used the resulting file can only be transmitted as a binary file. Companies like CompuServe and most BBS's allow you to upload and download binary files. If the company you work for allows binary file transmission between its different offices you can use this method to transfer enciphered files back and forth. 2) Pack, encipher, and then Transform a file for E-Mail transmission; then extract and reconstruct it at the other end. E-Mail is now available to almost everyone who has a computer. Individuals, companies, corpora- tions, government agencies, etc. all use E-Mail to send messages, data, and files across town or around the world. Works on the Internet too. 3) Encipher files for storage on your hard disk and WIPE the original file and all backup copies. This way no one will be able to access the sensitive data in the files except you. Not even your boss if you want to keep secrets from him. If, at a later date, you cannot for any reason decipher the files the data in them will be lost. 4) Use the One Time Pads for short messages with anyone that does not have a computer. The messages can be sent by mail, telegram, messenger, or delivered by phone conversation. Accuracy and attention to detail are the key to using the One Time Pads effectively. Any messages that are intercepted are safe from being deciphered by anyone that does not have a copy of the One Time Pad used to encipher it. Computer Requirements --------------------------------------------------------------- GS16.EXE - 16 Bit Version - 8086/88 and up computer. GS32.EXE - 32 Bit Version - 80386 and up computer. (Available as Registered Version Only) Both Versions --------------------------------------------------------------- DOS 3.0 and up. Video Adapter CGA, EGA, VGA, MDA, HGC (MCGA and PGA may work) Disk Drives One hard and floppy disk recommended. Will work with one floppy disk drive, but with severe limitations. Page 10 --------------------------------------------------------------- Printer Any printer that can accept CR, LF, and FF control characters. If your printer accepts the IBM line drawing characters they will print out correctly. Laser Printers All printouts from this program are designed for printers with fan fold paper and may not print correctly on laser printers. If you still wish to try it on a laser printer make sure it is setup for IBM or EPSON emulation mode. Mouse (optional) Any Microsoft or compatable mouse. INSTALLING GLOBAL SECURITY Page 11 --------------------------------------------------------------- It is assumed that you are familiar with the operation of your computer and content of your DOS manuals. If not, now is the time to become familiar with your computer and DOS manuals before you begin installing and using Global Security. The installation procedure for Global Security is very simple. You will need at least 456K of free disk space to store all of the programs and documentation files. Use the INSTALL.EXE file to install the Global Security files on any disk drive. At the DOS prompt type INSTALL followed by a carriage return if you are logged onto the drive and directory that INSTALL.EXE is in. Or if you are on the C: drive and INSTALL.EXE is on the A: drive type A:\INSTALL followed by a carriage return. You do not have to be logged onto the drive and directory that INSTALL.EXE is in. INSTALL.EXE will take over and guide you through the installation process. INSTALL.EXE checks itself and all of the programs in the Global Security Package, except VENDINFO.DIZ, for signs of alteration, tampering, or infection by a computer virus. INSTALL.EXE allows you to select the files you wish to install. It does not require you to install all the files and then delete the ones you do not want. INSTALL.EXE has very sophisticated error detection routines that will tell you if anything goes wrong during the installation process. While each file is being transferred the data is verified by reading it back and comparing it against the original data. During the actual transfer process if any error is detected you will be informed and installation will be stopped. This will mean that you have a problem with the source or destination disk that has to be taken care of before you can continue the installation process. EXECUTING GLOBAL SECURITY Page 12 --------------------------------------------------------------- Global Security may be executed from either a floppy or hard disk drive. To minimize loading time it is recommended that Global Security be run from a hard disk drive. Global Security may be executed from a CD-ROM Disk but you cannot create the GLOBAL.PRN File that saves screen images on a CD-ROM Disk. If you desire to execute Global Security from any directory, the directory name that Global Security resides in must be placed in the "PATH=" environment variable. Check your DOS manual for more details. If the Directory is not in the "PATH=" environment variable you will first have to log on to the required directory with the following DOS Command: "CD GLOBAL" assuming that "GLOBAL" is the directory name you have the EXE file in. Command Line Parameters ----------------------------------------------------------- There are six command line parameters that can be entered when you execute Global Security. They may be entered in any order or combination, and in upper or lower case letters. 1). /B - Forces a black and white display when Global Security is executed. If you have a black and white or monochrome monitor attached to a color adapter and the screen colors do not appear right use this command line parameter. 2). /P - forces a pause after printing each page. Use this switch if your printer does not use fan fold paper or have a paper tray. Has no effect when using the Print Screen Key. 3). /T - Forces Global Security to use DOS Functions to get the date and time instead of the Real Time Clock. No effect on 8086/88 computers. 4). /V - Disables the VGA brighten, dim, blank, and reset color routines. The code that performs these functions may not be compatable with some multitasking software. 5). /C - As a default setting, confirmation is asked for each file that you wipe or delete. The /C command line parameter disables this. As a result confirmation will only be asked on files with one or more of the Read-Only, Hidden, or System attributes set. Page 13 -------------------------------------------------------------- 6). /I - As a default Global Security does a CRC_32 check on its EXE file everytime it is run. If everything checks out O.K. the program continues to run. If the CRC_32 value stored in the EXE file does not match the one just calculated Global Security will inform you that it may be infected by a virus and then perform a controlled exit. Since this feature may be incompatable with some virus checking programs that append check data to the end of an EXE file you can turn this self-checking off with the /I command line parameter. From the DOS Prompt type in GS16 followed by the desired command line parameters and press the Enter Key. Global Security will load and be ready to run. Examples ----------------------------------------------------------- GS16 - Loads program with default settings. GS16 /P - Forces a pause after printing each page. GS16 /B /V - Forces a black and white display and turns off the VGA routines. GS16 /c /t /p - Turns off confirmation for all files, forces DOS time and date functions, and pause after printing each page. WHAT YOU NEED TO KNOW TO USE GLOBAL SECURITY Page 14 --------------------------------------------------------------- Before doing anything with Global Security there are many things about the program you need to know. Windows 3.0 Compatability ----------------------------------------------------------- Global Security runs full screen, in a window or in the background. If you run Global Security under Windows it is recommended that you run it full screen or in the back- ground. When running in a window the mouse is not available for use and some of the colors are not displayed correctly. If you have a mouse the Mouse Pad will be displayed but you will not be able to use it. Execution time within windows is slowed down by a small percentage. Windows 3.x, Windows NT, OS/2 2.x, etc. ----------------------------------------------------------- Global Security has not been tested under these software environments. If there are any problems try using command line parameters /V and /T. If Global Security still does not work correctly please inform TAN$TAAFL(TM) Software Company so fixes can be made. Functions of the "F" Keys ----------------------------------------------------------- F1 Key - may be used at any time to pop up the current Quick Help Reference System screen. For VGA Only - (F2 - F5 Keys) F2 Key - brightens the color intensity level. F3_key - dims the color intensity level. F4 Key - resets color intensity levels to their original settings. F5 Key - blanks the screen. Sets all color intensity levels to 0. F6 Key - appends the current screen image to the end of a disk file called GLOBAL.PRN. If is does not exist it will be created. The only screen images you cannot save to disk are the Critical Error Reporting System Screen and any screen image while viewing an Enciphered File. This file is created in the Global Security directory and is compatable with any text editor that can read ASCII files. Page 15 --------------------------------------------------------------- F7 Key - is used to print the GLOBAL.PRN disk file. When all the screen images have been success- fully printed the file will be deleted. The F7 Key will only function from one of the main menus. While you are creating files or enciphering a file, etc, the F7 Key is disabled. F9 Key - cycles through five different mouse cursors. F10 Key - used to toggle between the computers default cursor and a full size block cursor. For those hard to see cursors on laptops or within Windows. Other Keys ----------------------------------------------------------- ESC Key - always backs you out of the program the way you came in, all the way to DOS. Can be used at any time except when a Critical Error Reporting System screen or Printer Error Reporting System screen is active. Print Screen Key - allows you to print the current screen at any time while the program is running. Two screens can be printed per page of paper. After two screens have been printed the paper will have advanced so the next two screens will appear on the next page. There is room at the top to use a two hole punch and save the screen shots in a folder. Ctrl C and Ctrl Break Keys - are trapped by the program and have no function. The Pause Key - will pause the program. To start it up again press any other key. The Mouse ----------------------------------------------------------- A menu item or command bar is selected by using the left mouse button. Selection is made on the release of the left button and not the press of the left button. Right Mouse Button - Toggles between hiding and showing the mouse pointer on screen. The Mouse Pad is a replica of a numeric keypad and is only displayed if your system has a mouse installed. Clicking on a number enters that number into the computer the same as using the keyboard. The Chime Page 16 ----------------------------------------------------------- A chime will sound at the top of the hour, when an invalid key is pressed during keyboard entry, and when other procedures are completed. When any file has been saved to disk or a procedure has been completed and no action is taken a chime will sound 5 times at 2 minute intervals to remind you that your computer is sitting idle. If no action is taken within this time the chime will stop. It will assume you are on an extended coffee break. HOT Keys ----------------------------------------------------------- Most menu items and Command Bars have a Hot Key that may be pressed to select the indicated menu item or Command Bar. For monochrome or black and white monitors the Hot Key is the first letter of the menu item or Command Bar. Command Bars that indicate a keyboard key such as Home, End, PgUp, etc. do not have a Hot Key. For computers with a Mouse clicking on any menu item or Command Bar mimics the behavior of the indicated Hot Key or keyboard key. Command Bars ----------------------------------------------------------- Command Bars such as Help, Quit, Escape to Quit, etc. are shadowed bars that appear throughout the program. They indicate the available commands for use. They may be selected by their Hot Keys or by clicking on them with the left mouse button. When the mouse pointer is on a Command Bar and you press the left mouse button the shadow will change from black to grey. When you release the left mouse button it will change back to black and the command will be carried out. If you move the mouse pointer off of the Command Bar before releasing the left mouse button the shadow will change back to black but the command will not be executed. Command Bars such as Up, Down, Left, Right, PgUp, PgDn, etc. indicate the keyboard keys that may be used. The mouse may also be used on these Command Bars. Clicking the left mouse button on one of these Command Bars performs the same function as using the keyboard key. Pressing and holding the left mouse button on one of these Command Bars is the same as pressing and holding the keyboard key down. Repeated commands are issued but not as fast as from the keyboard. Menus Page 17 ----------------------------------------------------------- Menus indicate the major functions the program performs. They may be selected by using the indicated Hot Key or by clicking on them with the left mouse button. When you click the left mouse button on a menu the menu item will be highlighted and when you release the left mouse button the menu item will be selected. If you move the mouse pointer off the menu item before you release the left mouse button the menu item will be unhighlighted and not selected. File Selection Screen ----------------------------------------------------------- The File Selection Screen is central to all parts of Global Security. Every time you need to create or select a file to use the File Selection Screen comes into play. The File Selection Screen is in three parts: The Drive Panel, the Directory Panel, and the File Panel. There is a row of Command Bars below the panels and an Instruction Line below the Command Bars. The following are examples of the different sections of the File Selection Screen taken from screen shots on my computer. (They look better in full color.) The Drive Panel ------------------------------------------------------- ╔═════════════════════════════════════════════ ║ Global Security ■ 32 V3.00 ║ TOP SECRET UMBRA/HANDLE VIA CO ╠═════════════════════════════════════════════ ║ A: ▄ B: ▄ C: ▄ D: ▄ ║ ▀▀▀▀ ▀▀▀▀ ▀▀▀▀ ▀▀▀▀ ╟────────────────────────────────────────┬──── The Directory Panel ------------------------------------------------------- ╟──────────────────────── ║ │ ├─HOMEBASE ║ │ ├─MAJESTIC ║ │ ├─SRC16 ║ │ └─SRC32 ║ ├─VIRUS ║ │ ├─FLU_SHOT ║ │ └─SCAN ║ ├─WEP ║ └─WINDOWS ║ ├─ICON ║ ├─MICROAPP ║ └─SYSTEM The File Panel Page 18 ------------------------------------------------------- ┬────────────────────────────────── │ CLK32SRC ZIP 04-19-94 10:34:06 A │ CRC32 ASM 04-21-94 16:06:56 A │ DEFAULT ASM 08-17-94 10:26:54 A │ ENC_DEC ASM 08-17-94 10:27:30 A │ ERROR ASM 08-13-94 15:33:20 A │ E_MAIL ASM 08-17-94 10:28:10 A │ GS INC 08-07-94 10:42:10 A │ GS32 MAK 08-17-94 10:22:52 A │ GS32 STS 08-17-94 10:33:38 A │ GS32SRC ZIP 08-17-94 10:33:58 A │ H_D_T ASM 08-17-94 10:28:32 A │ IO_PROC ASM 08-13-94 10:34:36 A Command Bars ------------------------------------------------------- ╟────────────────────────────────────────┴ ║ Up ▄ Down ▄ PgUp ▄ PgDn ▄ Home ║ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀ ║ Mark ▄ UnMk ▄ AltM ▄ AltU ▄ ┌───── ║ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ │ Sele ╚═══════════════════════════════════╧═════ Instruction Panel ------------------------------------------------------- ──────┴─────────────────────────────────────╢ Home ▄ End ▄ ──┘ ▄ Quit ▄ Sort ▄ ║ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ║ ┌──────────────────────────────────────────╢ │ Select file(s) to Pack. ║ ═╧══════════════════════════════════════════╝ Use the TAB Key to move from one panel to the next or click the left mouse button anywhere within a panel to select that panel. As a panel becomes selected, or active, the drive boxes or lettering in a directory or file panel changes from light white to bright white. The lettering in the drive boxes or the highlighted selection bar in the directory and file panels changes from blue to red. This way if there is only one directory and one file you can tell which panel is active by the color of the lettering in the highlighted selection bar. Page 19 --------------------------------------------------------------- The Drive Panel: The drive panel lists all disk drives available to the system. Make the drive panel active and highlight whichever drive you want by using the left and right arrow keys or clicking the left mouse button on the left and right arrow Command Bars below the panels. Then press the enter key or click the left mouse button on the " <──┘ " Command Bar to make that drive active. When the new drive becomes active the Directory and File Panels will be updated with information from the new drive. Substituted Drives: Substituted drives for directory names will produce an Extended Error Reporting System Screen which tells you to use drives that have not been substituted. If you try to execute Global Security from a substituted drive the program will display an Extended Error Reporting System Screen and then abort the program. This applies to Assigned Drives also. The Directory and File Panels: Select whichever one you want to be active and use the Up, Down, PgUp, PgDn, Home, or End keys to move through the different directories or files. Clicking the left mouse button on the appropriate Command Bar does the same. Pressing and holding down the keyboard key or left mouse button on a Command Bar will quickly move you in the desired direction within the active panel. You can also use the Ctrl Key plus the first letter of a directory or file name as a Hot Key to quickly move to a known directory or file. Once you have the correct drive, directory, and file highlighed use the enter key or click the left mouse button on the " <──┘ " Command Bar to send the drive, directory, and file name back to the calling program as a fully formated ASCIIZ file specification. New to Global Security V3.00 is the addition of the Mark, UnMk, AltM, and AltU Command Bars which allow you to mark, unmark, mark all, or unmark all files for selection. These Command Bars only appear when you use the Pack/UnPack Files or the Wipe/Delete Files routines. They allow the selection of multiple files for processing by these routines. If no files are marked the file under the highlighted selection bar is marked and returned for processing. Below the first line of Command Bars is a place for a full line or half a line of instructions telling you what type of file(s) to select depending on what function the program is performing. New also is the replacement of the Help Command Bar with the Sort Command Bar. (The Help Screen can still be accessed with the F1 Key.) The Sort Command Bar is only active when the File Panel is active. It allows you to sort files in ascending or descending order by file name, file extension, date, time, or size. Page 20 --------------------------------------------------------------- ┌────────────────────────┐ │ File Sort Criteria │ Use the indicated Hot │ │ Keys or the mouse to │ Sort Files By: │ select the way you want │ [ ] Name │ to sort the files. The │ [√] Extension │ File Sort Criteria Screen │ [ ] Date │ will stay displayed until │ [ ] Time │ you get them sorted the │ [ ] File Size │ way you want and then │ │ select the Quit Command │ Sort Order: │ to return you to the File │ [√] (A..B..C...Z) │ Selection Screen. Each │ [ ] (Z..Y..X...A) │ time you sort the files │ │ the results are displayed │ Sort ▄ Quit ▄ │ in the File Panel. │ ▀▀▀▀▀▀ ▀▀▀▀▀▀ │ └────────────────────────┘ The Critical Error Reporting System ----------------------------------------------------------- The Critical Error Reporting System reports on all critical errors generated by DOS. When a critical error is encountered a dialog box will appear with the critical error information displayed. Below is an example for trying to create a file on a write protected disk. Disk Drive: A: Disk Operation: Write Disk Area Affected: Directory Error Code: 00H Error Message: Disk Write Protected Below this information will be displayed four Command Bars: Retry, Cancel, Abort, Help. If you can correct the criticial error select Retry and DOS will try to perform the operation again. In the above example remove the write protection from the disk and select Retry to allow DOS to perform the disk operation again. If you cannot or do not want to correct the error select Cancel. DOS will cancel the operation and the program will return you to an appropriate menu in the program. If the error is severe enough select Abort and the program will try to perform a controlled exit and return the computer to a stable condition. 99.999% of the time the program will be able to do so. If for some reason the computer has locked up your only recourse is to reset or reboot the computer. Page 21 --------------------------------------------------------------- If you have a hard or floppy disk that is constantly giving you critical error messages other than Disk Write Protected or Drive Not Ready you can pretty much tell which area of the disk is going bad and take steps to preserve the data on the disk. The Print Screen Key functions within the Critical Error Reporting System, but the F6 and F7 Keys do not because disk access is not allowed during critical error processing. The Extended Error Reporting System ----------------------------------------------------------- The Extended Error Reporting System is used to report DOS errors and program errors. It incorporates all known DOS errors plus errors that pertain to the program. Since the inclusion of the File Selection Screen in the program it is hard to generate a DOS error because you cannot enter a bad path or file name. I have included program errors in this reporting system to present a common format for reporting errors. In the example below the error is generated because you have tried to finish a Prime Number File that is already complete. ┌───────────────────────────────────────────────────────── │ Extended Error Reporting System │ │ DOS/BIOS Function: 3FH - Read File │ File Name: TEST.PRM │ Error Locus: Block Device │ Error Class: Complete │ Error Message: File is Already Complete │ Recommended Action: Enter Correct Data │ │ │ Ok ▄ Help ▄ │ ▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀ └───────────────────────────────────────────────────────── There are two Command Bars displayed that you can use at this point. One is "Ok" and the other is "Help". Help calls up the Quick Help Reference Screen and Ok returns you to an appropriate menu in the program. All program generated errors are listed and explained in the Errors Appendix of the documentation. To get a listing of all DOS errors you will have to purchase a book on DOS. At the present time there are close to 100 different errors that can be reported by DOS. Most are self-explanatory. The Printer Error Reporting System Page 22 ----------------------------------------------------------- The Printer Error Reporting System will report on any errors encountered while printing. See the Errors Appendix for complete details on all printer errors. The following screen was generated because the printer was not turned on. ┌──────────────────────────────────────┐ │ Printer Error Reporting System │ │ │ │ Printer [LPT1] Status │ │ │ │ NOT SELECTED │ │ │ │ │ │ Retry ▄ Cancel ▄ Help ▄ │ │ ▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀ │ └──────────────────────────────────────┘ At this point you could turn the printer on and select Retry. Or you could select cancel and be returned to an appropriate menu in the program. Using a Printer ----------------------------------------------------------- All printing is designed for printers using fanfold paper. They may or may not print correctly on printers that print on only a single sheet at a time or have paper trays that feed single sheets of paper. Printer Setup: All printers should be setup for 80 columns by 66 rows. Use the font of your choice. All laser printers will have to be set for IBM or EPSON emulation mode prior to printing with the program. Commom Setup Problems: 1. Printer prints double spaces between lines: printer is setup for an automatic line feed after a cariage return. Consult your printer manual on how to turn this off. 2. Printer does not print the extended ASCIIZ character set. Consult your printer manual on how to turn this feature on. Page Pause: If you use the command line switch /P to pause printing after each page a dialog box will pop up at the end of each page that says "Printing Paused". When you have the next page ready to go click the left mouse button on Continue or press the "C" Hot Key. The Mouse Pad Page 23 ----------------------------------------------------------- ┌─┤ Mouse Pad ├─┐ The Mouse Pad allows easy entry of │ │ numbers with the mouse for those lazy │ 7 ▄ 8 ▄ 9 ▄ │ people who do not use a keyboard when │ ▀▀▀ ▀▀▀ ▀▀▀ │ they do not have to. Use the Mouse │ 4 ▄ 5 ▄ 6 ▄ │ Pad the same as you would a keyboard │ ▀▀▀ ▀▀▀ ▀▀▀ │ numeric pad. When you press the left │ 1 ▄ 2 ▄ 3 ▄ │ mouse button on a number the shadow │ ▀▀▀ ▀▀▀ ▀▀▀ │ changes from black to grey and when │ 0 ▄ ─ ▄ │ you release the left mouse button on a │ ▀▀▀▀▀ ▀▀▀▀▀ │ number the shadow changes back to │ Esc ▄ ─┘ ▄ │ black and the number is entered the │ ▀▀▀▀▀ ▀▀▀▀▀ │ same as it would be from the keyboard. └────────────────┘ The " ─ " pad is for backspacing, erasing the last digit entered. The " Esc " pad needs no explanation. The " ─┘ " pad is the enter key. Differences Between 16 and 32 Bit Versions ----------------------------------------------------------- All program features are supported in both versions of Global Security. The only difference between the two programs besides the different Intel microprocessors they run on is speed of execution. The 32 bit version has been optimized to use 32 bit registers for all math computations. Because of this it runs considerably faster than the 16 bit version. To build a file of 3,067 prime numbers takes less than 20 minutes using GS32.EXE on a 80386DX 20 Mhz computer. Using GS16.EXE on the same computer it takes anywhere from 2 to 4 hours. This is a simple demonstration of the power of a 32 bit over a 16 bit computer. USING GLOBAL SECURITY Page 24 --------------------------------------------------------------- When you first start Global Security the main menu at the top of the screen looks like this. ╔════════════════════════════════════════════════════════════════════ ║ Global Security ■ 32 V3.00 WEDNESDAY 17 AUG 1994 ■ ║ TOP SECRET UMBRA/HANDLE VIA COMINT CHANNELS ONLY ╠════════════════════════════════════════════════════════════════════ ║ Functions About Help Quit ╠═════════════════════════════════════╦═╦════════════════════════════ Selecting About displays a window with information about the program and the Author. Selecting Help displays the current Quick Help Reference System screen. Selecting Quit exits to DOS. This is the only one that does. Selecting Functions displays the following screen. ══════════════════════════════════ These are the main Functions About functions of Global ═════════════════════════════════╦ Security. Before ┌────────────────────────────────┐ you can Encipher │ Build a Prime Number File │ or Decipher files, │ Create a Default File │ Transform E-Mail │ Scramble a Prime Number File │ Files, or Make One │ Generate a Key File │ Time Pads you first │ Pack/UnPack File(s) │ have to Build a Prime │ Encipher/Decipher Files │ Number File, Create │ Transform File for E-Mail │ a Default File, │ Make a One Time Pad │ Scramble a Prime │ Wipe/Delete File(s) │ Number File, and │ Frequency Distribution Tests │ Generate a Key File. ├────────────────────────────────┤ These files are used │ Quit │ by the pseudo random └────────────────────────────────┘ number generators in the enciphering and deciphering process. The Pack/UnPack File(s) and Wipe/Delete File(s) Functions are stand alone functions. File Group ----------------------------------------------------------- Now is a good time to introduce the concept of a File Group. You must create four different types of files before you can encipher or decipher files, and make One Time Pads. The files are a Prime Number File with an extension of 'PRM', a Default Parameter File with an extension of 'DFT', a Scrambled Prime Number File with an extension of 'SCM', and a Key File with an Extension Page 25 --------------------------------------------------------------- of 'KEY'. A File Group would consist of 4 files with the same name and the file extensions mentioned above (e.g. YELLOW.PRM, YELLOW.DFT, YELLOW.SCM, and YELLOW.KEY). When you encipher or decipher files, and make One Time Pads you will be asked to select a KEY File which will require a corresponding DFT File, and SCM File. You could use the names of the people you frequently exchange messages with. This way when you need to send an enciphered message to TOM select TOM.KEY from the File Selection Screen. Build A Prime Number File ----------------------------------------------------------- When you select Build a Prime Number File from the Functions Menu the screen will change and the following menu will be displayed: TOP SECRET UMBRA/HANDLE VIA COMINT CHANNELS ONLY ═════════════════════════════════════════════════════════════════ Prime Number Files Build Finish View Help Quit ──────────────────────────────┬─┬──────────────────────────────── Selecting Build ------------------------------------------------------- ┌────────────────────┐ When you select Build the File │ Enter File Name: │ Selection Screen will appear │ │ and you will be instructed to │ ALPHA ▄ │ enter an eight character name │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ for a Prime Number File. The │ │ file extension of "PRM" will be │ Escape to Quit ▄ │ added by the program. Once the │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ name is entered you will be └────────────────────┘ instructed to select a drive and directory to place the file in. Next you will be asked to enter a Search Factor and a Starting Number for the prime number search. ┌──────────────────────────────────────────────────┐ │ Prime Number Search Paramenters │ │ │ │ Enter a Search Factor for the prime number │ │ search between 2 and 100,000. It must be an │ │ even number that ends with 0, 2, 4, 6, or 8. │ │ │ │ │ │ Enter Search Factor ── 42,968 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ │ │ │ └──────────────────────────────────────────────────┘ Page 26 --------------------------------------------------------------- ┌──────────────────────────────────────────────────┐ │ Prime Number Search Paramenters │ │ │ │ Enter a Starting Number for the prime number │ │ search between 100,000,001 and 4,294,967,295. │ │ It must be an odd number that ends with 1, 3, │ │ 5, 7, or 9. │ │ │ │ Enter Starting Number ── 1,466,308,911 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ │ │ │ └──────────────────────────────────────────────────┘ Tests will be performed on these numbers to make sure they are within the proper ranges and odd or even as required. Another test is performed to make sure that the Search Factor and Starting Number are not evenly divisible by a common number. If they are you will be informed by the Extended Error Reporting System and you will be asked to enter another Starting Number. The Search Factor determines which numbers after the Starting Number will be tested for being prime. If the Search Factor is 15 every 15th number will be tested. If it is 102 every 102nd number would be tested. If the test number exceeds 4,294,967,295 the test number will wrap around to a number above 100,000,001. Once all tests are satisfactorily completed the program will commence finding 3,067 prime numbers. Running stats are displayed while the program is testing and finding prime numbers. The number found, the current test number, and the last five prime numbers found are displayed and updated as each test number is found to be prime or not. In the Timer Box an elapsed timer informs you of how much time it is taking. In the Status Box the percent completed is displayed as a numeric percent and as a bar graph. In the Command Box you have the option of selecting Yes or No to saving a partially completed Prime Number File. If you select No the file will not be saved and it will be deleted from the disk. If you select Yes all the prime numbers found and all the data needed to restart and finish the file will be saved to disk. Once the program has found all 3,067 prime numbers they will be saved to disk, a dialog box will pop up to inform you that the file has been saved and a chime will sound. Selecting Finish Page 27 ----------------------------------------------------------- When you select Finish the File Selection Screen will appear and you will be asked to select the "PRM" File you wish to finish. The file will be read and the search for prime numbers will commence where it left off when the partially completed file was saved to disk. If the file you select is already complete the Extended Error Reporting System will inform you and you will be asked to select another file or Quit. Selecting View ----------------------------------------------------------- When you select View the File Selection Screen will appear and you will be asked to select the "PRM" File you wish to view. When the file contents are displayed use the PgUp, PgDn, Home, or End Keys to page back and forth through the file or use the Mouse on the PgUp, PgDn, Home, and End Command Bars to page back and forth through the file. This applies to "SCM", "KEY", "ENC", and "EEM" files too. Selecting Help ----------------------------------------------------------- When you select Help the current Quick Help Reference System Screen will pop up. This applies to all menus with Help in them. Selecting Quit ----------------------------------------------------------- Select Quit to return to the Function Menu. This applies to all program segments in the Function Menu. Create A Default Parameter File Page 28 ----------------------------------------------------------- When you select Create a Default Parameter File the screen will change and the following menu will be displayed: TOP SECRET UMBRA/HANDLE VIA COMINT CHANNELS ONLY ══════════════════════════════════════════════════════════════ Default Parameter Files Create View Help Quit ──────────────────────────────┬─┬───────────────────────────── Selecting Create ----------------------------------------------------------- When you select Create the File Selection Screen will appear and you will be asked to select a "PRM" File to create a "DFT" File for. If you have to change drives and/or directories to find where the "PRM" Files are do so. When you make your selection the new "DFT" File will be given the same name as the "PRM" File with a file extension of "DFT". If the file already exists the Extended Error Reporting System will inform you and you will be returned to the File Selection Screen to make another selection or Quit. You will then be asked to enter 7 numbers between 1 and 2,048. Duplicate numbers are not allowed. These 7 numbers specify where the 7 password characters used to encipher and decipher a file are placed in the header added to any file that is enciphered. Use the keyboard or the Mouse Pad if you have a mouse to enter the numbers. Next you will be asked to enter a Random Factor Array Shift between 16 and 24 used by the pseudo random number generators. Once this is entered the numbers will be saved to the specified file on disk. Selecting View ----------------------------------------------------------- When you select view the File Selection Screen will appear and you will be asked to select the "DFT" File you want to view. If you have to change drives and/or directories to find the desired "DFT" File do so. Scramble A Prime Number File Page 29 ----------------------------------------------------------- When you select Scramble A Prime Number File the screen will change and the following menu will appear: TOP SECRET UMBRA/HANDLE VIA COMINT CHANNELS ONLY ══════════════════════════════════════════════════════════ Scramble Prime Number Files Scramble Rescramble View Help ───────────────────────────────┬─┬──────────────────────── Selecting Scramble ----------------------------------------------------------- Selecting Scramble is for scrambling an original "PRM" File. You can only do this one time. The File Selection Screen will appear and you will be asked to select the "PRM" File you wish to scramble. The associated "DFT" File must be present also. If you have to change drives and/or directories to find the desired "PRM" File do so. If the selected "PRM" File has already been scrambled the Extended Error Reporting System will inform you and return you to the File Selection Screen to select another "PRM" File or Quit. You will then be asked to enter 5 seed numbers to scramble the "PRM" File 5 times. The first time through the "PRM" File acts as the base file for scrambling. The 2nd time through the new scrambled file acts as the base file and this file is scrambled into a new file. Each time through the new scrambled file acts as the next base file. Once it is scrambled 5 times the file is saved to disk with the same name as the "PRM" File but a file extension of "SCM". The "PRM" File remains on disk unchanged. Selecting Rescramble ----------------------------------------------------------- Rescramble is for scrambling a "SCM" File. You can and should do this as many times as possible. The more times you scramble and rescramble a "SCM" File the harder it will be for anyone to duplicate your efforts. Select the "SCM" File to rescramble from the File Selection Screen. The associated "DFT" File must be present also. If you have to change drives and/or directories to find the desired "SCM" File do so. You will then be asked to enter 5 seed numbers. Once the "SCM" File has been scrambled 5 times the new "SCM" File will replace the old "SCM" File on disk. Selecting View ----------------------------------------------------------- When you select view the File Selection Screen will appear and you will be asked to select the "SCM" File you want to view. If you have to change drives and/or directories to find the desired "SCM" File do so. Generate A Key file Page 30 ----------------------------------------------------------- When you select Generate a Key File the screen will change and the following menu will be displayed: TOP SECRET UMBRA/HANDLE VIA COMINT CHANNELS ONLY ══════════════════════════════════════════════════════════════ Key Files Generate Scramble View Help Quit ──────────────────────────────┬─┬───────────────────────────── Selecting Generate ----------------------------------------------------------- Selecting Generate allows you to create a "KEY" File. The File Selection Screen will appear and you will be asked to select a "SCM" File to generate a "KEY" File for. The associated "DFT" File must be present also. If you have to change drives and/or directories to find the desired "SCM" File do so. If a "KEY" File already exists for the "SCM" File the Extended Error Reporting System will inform you and you will be returned to the File Selection Screen to select another or Quit. You will then be asked to enter a seed number in the range between 100,000,001 and 4,294,967,295. Once the "KEY" File is generated it is saved to disk with the same name as the "SCM" File but a file extension of "KEY". This is the largest file created by Global Security. It is 172,800 bytes long and holds 43,200 randomly generated numbers between 100,000,001 and 4,294,967,295. Selecting Scramble ----------------------------------------------------------- Selecting Scramble allows you to scramble a "KEY" File. Select the "KEY" File you wish to scramble from the File Selection Screen. The associated "SCM" and "DFT" Files must be present also. If you have to change drives and/or directories to find the desired "KEY" File do so. Then enter the seed number and the file will be scrambled. The new scrambled "KEY" File will replace the old "KEY" File on disk. This should be done as often as possible. Selecting View ----------------------------------------------------------- Select the KEY File you wish to view from the File Selection Screen. Page 31 --------------------------------------------------------------- Now you have a complete File Group. A PRM, SCM, DFT, and a KEY File. The person you will be exchanging enciphered messages with will need a copy of these files. The only other requirement is a Password List (optional). If you want to use a different password for each message, or each day, or each week, or each month is up to you. A list will have to be maintained, and it must be kept in a safe secure place along with the Group Files. If you do not use a password the program will select a default password. Anyone trying to put the message through the program with a different set of Group Files will always get invalid password when he tries to decipher it. SPECIAL NOTE ----------------------------------------------------------- "Any repetition of any kind in the keys of cryptograms under analysis imperils them and perhaps dooms them to solution. It does not matter whether the repetitions lie within a single message or among several, arise from the interaction of repeating primary keys or from the simple repeating of a single long key. Repetitions in the key cannot be permitted." "The Codebreakers" page 398 by David Kahn. A set of Group Files contains only 43,200 sets of keys. If one set of Group Files were to be used to encipher and transmit hundreds or thousands of files/messages there is a chance that one or more would be enciphered by the same set of keys. These messages enciphered with the same set of keys would then be open to analysis and possible deciphering. A set of Group Files should therefore be used to transmit only 10 to 25 files/messages and then they should be changed. Pack/UnPack File(s) Page 32 ----------------------------------------------------------- New to Global Security V3.00 is the separate Pack/UnPack File(s) Function. When selected the following menu will be displayed: TOP SECRET UMBRA/HANDLE VIA COMINT CHANNELS ONLY ═════════════════════════════════════════════════════════════ Pack/UnPack Files Pack UnPack Help Quit ─────────────────────────────┬─┬───────────────────────────── Selecting Pack ----------------------------------------------------------- ┬───────────────────────────────── When you select Pack │ CRC32 ASM 04-21-94 16:06:56 A the File Selection │DEFAULT ASM 08-17-94 10:26:54 A Screen will appear │ENC_DEC ASM 08-17-94 10:27:30 A and you can select │ERROR ASM 08-13-94 15:33:20 A the file(s) to Pack │E_MAIL ASM 08-17-94 10:28:10 A into one file. You │H_D_T ASM 08-17-94 10:28:32 A may use the Mark │ IO_PROC ASM 08-13-94 10:34:36 A Hot Key, the + Key, or the mouse in the Mark Command Bar to select files to pack. The UnMark Hot Key, the - Key, or the mouse in the UnMark Command Bar may be use to unmark a selection. The Alt Key with the "M" Key will mark all the files, and the Alt Key with the "U" Key will unmark all the files. Prior to selecting the files to pack you can sort the files in any order to make selection easier. Once the files are selected you have to enter a file name for the packed files. A file extension of "PKD" will be added by Global Security. Then select the drive and directory for the packed file. While the files are being packed the following will be displayed: ┌────────────────────────────────────────────────────────────┐ │ Pack File(s) │ │ │ │ Creating : EXPD32.PKD ▄ ┌─┤ Packing........ ├─┐ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ 4 E_MAIL.ASM │ │ │ File(s) to Pack: 5 ▄ │ 3 ERROR.ASM │ │ │ ▀▀▀▀▀▀▀ │ 2 ENC_DEC.ASM │ │ │ Size of File(s): 283,815 ▄ │ 1 DEFAULT.ASM │ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ │ │ ┌────────┤ STATUS ├────────┐ └─────────────────────┘ │ │ │ 40% Complete │ │ │ │ 63% Compression │ │ │ │ 28,800 Codes Used │ 00:00:14 ▄ │ │ │ 70,901 Bytes Saved │ ▀▀▀▀▀▀▀▀▀▀ │ │ └────────────────────────────┘ Quit ▄ │ │ ▀▀▀▀▀▀▀▀▀▀ │ └────────────────────────────────────────────────────────────┘ Page 33 --------------------------------------------------------------- Once all the files are packed the following will be displayed: ┌────────────────────────────────────────┐ │ Procedure Complete │ │ Packed File Status │ │ │ │ EXPD32.PKD ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ % Compression Bytes Saved │ │ 64% ▄ 179,794 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ Original Size Packed Size │ │ 283,815 ▄ 104,021 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ Ok ▄ │ │ ▀▀▀▀▀▀▀▀▀▀ │ └────────────────────────────────────────┘ LIMPEL-ZIV-WELCH Algorithm ----------------------------------------------------------- The data compression/decompression routines used by Global Security are highly modified Lempel-Ziv-Welch algorithms. They use a 9 to 14 bit code which is reset to the lowest code size as each 16,384 element code table is filled. I have achieved data compression rates as high as 68% on some text files. The data compression rates achieved on your files will depend on the type of files and their content. A CRC_32, 32 bit Cyclic Redundancy Check, value is computed for each file that is compressed or stored in the packed file. When the file is decompressed or extracted the value is computed again and compared against the one stored in the file header. If a file cannot be compressed to a smaller size it will be stored in the packed file in its original form. Selecting UnPack Page 34 ----------------------------------------------------------- When you select UnPack the File Selection Screen will be displayed and you can select the file to unpack. Then select the drive and directory to place the unpacked files into. While the files are being unpacked, or extracted, the following will be displayed: ┌────────────────────────────────────────────────────────────┐ │ UnPack A File │ │ │ │ UnPacking: EXPD32.PKD ▄ ┌─┤ UnPacking...... ├─┐ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ 4 E_MAIL.001 │ │ │ File(s) to UnPack: 5 ▄ │ 3 ERROR.001 √ │ │ │ ▀▀▀▀▀▀▀ │ 2 ENC_DEC.001 √ │ │ │ Size of File(s): 283,815 ▄ │ 1 DEFAULT.001 √ │ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ │ │ ┌────────┤ STATUS ├────────┐ └─────────────────────┘ │ │ │ 44% Complete. │ │ │ │ 32,600 Codes Used │ │ │ │ 45,765 In Count │ 00:00:06 ▄ │ │ │ 120,757 Out Count │ ▀▀▀▀▀▀▀▀▀▀ │ │ └────────────────────────────┘ Quit ▄ │ │ ▀▀▀▀▀▀▀▀▀▀ │ └────────────────────────────────────────────────────────────┘ The "√" after each file name after it has been decompressed or extracted means that the files CRC_32 Data Integrity Check is O.K. ┌──────────────────────────┐ │ Procedure Complete │ │ File(s) UnPacked │ After all the files have │ │ been decompressed or │ 5 ▄ │ extracted this will be │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ displayed. It informs │ FILE CRC_32 DATA │ you of the final status │ INTEGRITY CHECKS │ of the CRC_32 Data │ [ 5] O.K. │ Integrity Checks on the │ [ ] Failed! │ files. │ │ │ Ok ▄ │ │ ▀▀▀▀▀▀▀▀▀▀ │ └──────────────────────────┘ Encipher/Decipher a File Page 35 ----------------------------------------------------------- When you select Encipher/Decipher a File the following menu will be displayed: ══════════════════════════════════════════════════════════════ Encipher/Decipher a File Encipher View Decipher Help Quit ──────────────────────────────┬─┬───────────────────────────── Selecting Encipher ----------------------------------------------------------- When you select Encipher the File Selection Screen will appear and you will be asked to select the file you wish to encipher. If you have to change drives and/or directories to find the desired file do so. You will then be asked to select a destination drive and directory to place the enciphered file into. If the file is already enciphered the Extended Error Reporting System will inform you and return you to the File Selection Screen to select another file or Quit. Next you will be asked to select a KEY File to use to encipher the file. The associated SCM and DFT files must be present also. If you have to change drives and/or directories to find the desired KEY File do so. After you have selected the KEY File to use you will be asked to enter up to a 7 character password. ┌──────────────────────────────────────────────────┐ │ Encipher/Decipher a File │ │ │ │ Enter a 7 character Password to use to │ │ Encipher your file. It can be any character │ │ you can enter from the keyboard including │ │ those entered with the CTRL or ALT Keys. │ │ │ │ Enter Password ── 1234567 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀ │ │ Escape to Quit ▄ Insert ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀ │ └──────────────────────────────────────────────────┘ SPECIAL NOTE ----------------------------------------------------------- "Any repetition of any kind in the keys of cryptograms under analysis imperils them and perhaps dooms them to solution. It does not matter whether the repetitions lie within a single message or among several, arise from the interaction of repeating primary keys or from the simple repeating of a single long key. Repetitions in the key cannot be permitted." "The Codebreakers" page 398 by David Kahn. A set of Group Files contains only 43,200 sets of keys. If one set of Group Files were to be used to encipher and transmit hundreds or thousands of files/messages there is a chance that one or more would be enciphered by the same set of keys. These messages enciphered with the same set of keys would then be open to analysis and possible deciphering. A set of Group Files should therefore be used to transmit only 10 to 25 files/messages and then they should be changed. Page 36 ------------------------------------------------------------------- Next you will be asked to enter any Special Instructions for whoever will decipher the file. These instructions will be displayed before the file is deciphered. The Special Instruction section may also be used to pass authentication phrases so the person receiving the file knows it is genuine and not sent under duress. The absence or presence of a word or phrase can indicate if the enciphered file is genuine or not. ┌──────────────────────────────────────────────────────── │ Encipher a File │ │ Enter Special Instructions to follow when deciphering t │ If there are None press the Enter Key to continue. │ │ Pass this deciphered file on to Jim in accounting. │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ Escape to Quit ▄ Insert ▄ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀ └──────────────────────────────────────────────────────── While the file is being enciphered the follow will be displayed: ┌────────────────────────────────────────────────────────────┐ │ Encipher/Decipher a File │ │ │ │ Enciphering File: EXPD32.PKD ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ Enciphered File will be called: EXPD32.ENC ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ ┌─────────────────────────────────┐ │ │ │ File Group Used ─»» ALPHA │ │ │ │ Password Used ───»» 1234567 │ │ │ │ Date Used ───────»» 08-17-94 │ 00:00:02 ▄ │ │ │ Time Used ───────»» 11:08:16 │ ▀▀▀▀▀▀▀▀▀▀ │ │ └─────────────────────────────────┘ Quit ▄ │ │ ▀▀▀▀▀▀▀▀▀▀ │ └────────────────────────────────────────────────────────────┘ A CRC_32, 32 bit Cyclic Redundancy Check, value is computed for the enciphered file. When the file is deciphered the value is computed again and compared against the one stored in the file header. Selecting View ----------------------------------------------------------- If you wish to see what an enciphered file looks like select view. The File Selection Screen will appear and ask you to select the "ENC" File you wish to view. If you have to change drives and/or directories to find the desired file do so. The file will then appear and you can page through it the same way as viewing any of the other files. The largest "ENC" File you can view is 5,952,000 bytes long. You can encipher and decipher files of any length allowed by DOS so do not worry about this limitation. The Print Screen Key and the F6 Key are disabled while viewing an enciphered file. Selecting Decipher Page 37 ----------------------------------------------------------- When you select decipher the File Selection Screen will appear and you will be asked to select the File you wish to decipher. If you have to change drives and/or directories to find the desired file do so. You will then be asked to select the destination drive and path to place the deciphered file into. The file to decipher will then be opened, the name of the "KEY" File and the Date/Time Stamp of the original file will be read from the file header, and then the file will be closed. If any Special Instructions are stored in the file header they will be displayed at this time. You will be given the option of continuing or quiting the deciphering process. You will then be asked to select the "KEY" File whose name is shown that is required to decipher the file. If you have to change drives and/or directories to find the designated "KEY" File do so. The associated "SCM" and "DFT" Files must be present also. These files will be opened and read into memory. You will then be asked to enter the password required to decipher the file. It must be exactly the same as the one used to encipher the file or you will constantly get invalid password reported by the Extended Error Reporting System. If you make a mistake in entering the password you will have as many tries as you like to get it correct. Once the password checks out the file will be deciphered and saved to disk with the same name as the original file. The file will be the same size as the original with the same DOS Date/Time Stamp, attributes, and the same name. If a file with the same name already exists in the directory the file will be given an extension of "001", "002", etc., all the way up to "999" if required. As the file is being deciphered the following will be displayed: ┌────────────────────────────────────────────────────────────┐ │ Encipher/Decipher a File │ │ │ │ Deciphering File: EXPD32.ENC ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ Deciphered File will be called: EXPD32.PKD ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ ┌─────────────────────────────────┐ │ │ │ File Group Used ─»» DON_GREG │ │ │ │ Password Used ───»» 1234567 │ │ │ │ Date Used ───────»» 08-17-94 │ 00:00:03 ▄ │ │ │ Time Used ───────»» 11:08:16 │ ▀▀▀▀▀▀▀▀▀▀ │ │ └─────────────────────────────────┘ Quit ▄ │ │ ▀▀▀▀▀▀▀▀▀▀ │ └────────────────────────────────────────────────────────────┘ Page 38 --------------------------------------------------------------- The following will be displayed once the file is deciphered: ┌────────────────────────────┐ │ Procedure Complete │ You will be informed │ File on Disk │ if the CRC_32 Data │ │ Integrity Check is Ok │ EXPD32.PKD ▄ │ or if it failed. You │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ will also be informed │ CRC_32 INTEGRITY CHECK │ if the file needs to │ [√] O.K. [ ] FAILED! │ be decompressed and │ │ by whom. This is not │ Decompression Required By: │ an all inclusive list. │ [ ] N/A │ If the file needs to │ [√] Global Security │ be decompressed with │ [ ] PKUNZIP │ a different program │ [ ] LHA │ this information can │ │ be passed in the │ Ok ▄ │ Special Instructions. │ ▀▀▀▀▀▀▀▀▀▀ │ └────────────────────────────┘ Transform File for E-Mail Page 39 ----------------------------------------------------------- When you select Transform File for E-Mail the screen will change and display the following menu: ═══════════════════════════════════════════════════════════════ Transform File for E-Mail Transform Extract Reconstruct Help Quit ───────────────────────────────┬─┬───────────────────────────── What is Electronic Mail (E-Mail)? ----------------------------------------------------------- Most E-Mail Services like MCI only accept character codes 32 to 127, the carriage return, line feed, and tab codes. All other character codes, like the line drawing codes above 127, are ignored. For this reason a file to be transmitted by an E-Mail Service must be handled differently. Global Security will transform any text or binary file for transmission by any E-Mail Service. Once received it will extract and reconstruct it. The transformation process uses the High RADIX 64 file format. This format takes three bytes of data, 24 bits, and converts it into 4 bytes of data six bits at a time. Each 6 bits is converted to a +, a /, a number between 0 and 9, or a capital or small letter between A and Z. This range of characters should be acceptable by any E-Mail service in the world, including a MIME mail system because there will be no conflict over the use of the '=' character which is not used by the High RADIX 64 file format. A carriage return and line feed characters are inserted after every 64 bytes of data. This results in a file that is approximately 33 to 36 percent larger than the original. Because of this it is always best to compress the file before it is enciphered and then transformed for transmission by E-Mail. Most people download their E-Mail only once or twice a day and it gets placed into one file. Because it is possible to have more than one High RADIX 64 message in this file Global Security scans the file and will find and extract each message in the file and place it into a seperate file in the selected directory. As you can see, with the addition of routines for E-Mail, Global Security is a much more powerful program than before. Most large businesses, corporations, governments, etc. use E-Mail every day to transmit messages across town or around the world. Now the messages can be transmitted without fear of anyone being able to decipher and read them. If the home office in Washington D.C. needs a legal brief from a branch office in Japan within the next few hours the only way to get it there that fast may be by E-Mail. If the brief will have a major impact on Wall Street if intercepted by the wrong people, it must be enciphered before it is transmitted. Global Security is the only program available that can do the job and not even the National Security Agency (NSA) of the United States Government will be able to decipher the message. Selecting Transform Page 40 ----------------------------------------------------------- When transform is selected you will be asked to select the file to transform from the File Selection Screen, and the destination drive and directory to place the transformed file into. Once the selection is made the following screen will pop up and you can select to break up the file into smaller files or retain its original size. ┌───────────────────────────────────────┐ Many E-Mail │ Transform File for E-Mail │ services, like │ │ the Internet, │ TREE.ASM = 132,957 Bytes ▄ │ only accept │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ files that are │ Break File into Files of: │ under a certain │ [√] Original Size │ length. Global │ [ ] 10 KB │ Security lets │ [ ] 20 KB │ you break up a │ [ ] 30 KB │ large file into │ [ ] 40 KB │ many smaller │ [ ] 50 KB │ ones that are │ [ ] 60 KB │ acceptable to │ │ the E-Mail │ ──┘ ▄ Quit ▄ │ service you are │ ▀▀▀▀▀▀ ▀▀▀▀▀▀ │ using. If you └───────────────────────────────────────┘ select Original Size the file will not be broken up into smaller ones. If you select 20 KB the file will be broken up into files that are 20 KB (plus CR, LF's added) long. The size of the last file will vary. Each file will be given a file extension of 001, 002, etc., up to 999. All the information needed to reconstruct these files back into the original file is passed in the header for the Reconstruct routine. The file is then transformed into one or many files in the High RADIX 64 file format and placed in the selected directory. It is now ready for transmission by any E-Mail service in the world. Selecting Extract ----------------------------------------------------------- When you download your E-Mail for the day you may have one or more messages in the High RADIX 64 format in the E-Mail file. Extract will extract each message and place it in a file of its own. Any header or trailer added by the E-Mail service will be discarded. If the E-Mail file is all one message you still have to use the Extract routine to remove any headers and trailers added by the E-Mail service. The Reconstruct routine expects a file's High RADIX 64 format ID to be at the beginning of the file it will reconstruct. All information between the High RADIX 64 format ID and the High RADIX 64 end ID is placed in the file. Select the file to extract messages from from the File Selection Screen. Then select the drive and directory to place them into. Page 41 ----------------------------------------------------------- ┌──────────────────────────────────┐ A screen will pop up │ Separate High RADIX 64 File(s) │ displaying the status │ │ of the files as they │ From: BONUS.EEE ▄ │ are being extracted. │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ A "√" is placed after │ ┌─┤ Extracted..... ├─┐ │ each file as its │ │ 3 TREE.003 √│ │ extraction is complete. │ │ 2 TREE.002 √│ │ If a file is encountered │ │ 1 TREE.001 √│ │ that does not have │ │ │ │ an end ID you will │ │ │ │ get a message informing │ └────────────────────┘ │ you that end of file │ │ was reached before │ │ end of extraction. │ Ok ▄ │ The procedure will │ ▀▀▀▀▀▀▀▀▀▀ │ then be cancelled. └──────────────────────────────────┘ Selecting Reconstruct ----------------------------------------------------------- First select the drive and directory to place the reconstructed file into. Then select the file or files to reconstruct. If you have three or four files that need to be reconstructed into one file they all have to be selected. If you select too many or not enough you will be informed and asked to select the proper number of files again. The file extensions should be numbered 001, 002, etc. If you used the extraction routine after you received the file via E-Mail this will be the case since the extraction routine gets the correct file name and extension out of the header. ┌────────────────────────────┐ As each file is being │ File Reconstruction Data │ processed its data is being │ │ checked for integrity. A │ FILE CRC_32 DATA │ CRC 32 value is calculated │ INTEGRITY CHECKS │ for the file and checked │ [ 4] O.K. │ against the one stored in │ [ ] Failed! │ the header. When the file, │ Decryption Required? │ or files, are reconstructed │ [√] Yes [ ] No │ a dialog box will pop up │ Decomp. Required by: │ to give you the results of │ [√] N/A │ the file reconstruction. │ [ ] Global Security │ The number of files that │ [ ] PKUNZIP │ passed or failed their │ [ ] LHA │ integrity checks will be │ │ displayed. You will be │ Ok ▄ │ informed if the file needs │ ▀▀▀▀▀▀▀▀▀▀ │ to be deciphered or not. └────────────────────────────┘ If not, you will be informed if the file needs to be decompressed by Global Security or one of the popular data compression programs. Page 42 ----------------------------------------------------------- If a file is transmitted by E-Mail to different countries and through many different E-Mail systems or gateways there is a chance that because of different formats the data may get changed along the way. Using the High RADIX 64 file format helps to prevent these errors. Since the file consists only of the most common ASCII characters, carriage returns, and line feeds it should make it through most E-Mail Systems without being changed. The characters that are most likely to be changed are the carriage returns and line feeds at the end of each line. This is because some systems use only carriage returns to end a line and throw out the line feed or vise versa. Global Security takes this into account during the extraction and reconstruction routines. The extraction routine depends on the start and end ID strings. Any data between the two is considered part of the message. The reconstruction routine discards all carriage returns, lines feeds, and data that is not a valid High RADIX 64 character. It relies on information in the header for the number of bytes to process during reconstruction. The only time an error will occur is if one or more bytes of good data are removed, added or changed in the file between the start and end ID's. Make a One Time Pad Page 43 ----------------------------------------------------------- When you select Make a One time Pad the screen will change and the following menu will be displayed: ═══════════════════════════════════════════════════════════════ Make a One Time Pad Make Instructions Help Quit ───────────────────────────────┬─┬───────────────────────────── What is a One Time Pad ----------------------------------------------------------- A One Time Pad allows you to encipher and decipher written correspondence between two people. It is a pad with randomly generated letters (and the '-' for word spacing) in the top row. On the next row down write out the message you wish to encipher or decipher. Then using the Vigenere Tableau and the provided instructions encipher or decipher the message and place the enciphered or deciphered text on the bottom line. If you were enciphering a message transfer the enciphered text to a Message Pad for mailing or delivering. This is ideal for short messages. Once you reach a large volume of messages a computer is more appropriate. Great fun for kids to use too. See examples starting on Page 55. Selecting Make ----------------------------------------------------------- When you select make the File Selection Screen will appear and you will be asked to select a "SCM" File to use to make a One Time Pad. The associated "DFT" File must be present also. You will then be asked to enter a seed number between 100,000,001 and 4,294,967,295 and a 7 character Pad ID. ┌──────────────────────────────────────────────────┐ │ Make a One Time Pad │ │ │ │ Enter a 7 character Pad Identification String. │ │ It can be any ALPHA character that you can │ │ enter from the keyboard between character codes │ │ 32 (space) and 126. │ │ │ │ Enter Pad ID String ── 1-1A-1B ▄ │ │ ▀▀▀▀▀▀▀▀▀ │ │ Escape to Quit ▄ Insert ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀ │ └──────────────────────────────────────────────────┘ Page 44 --------------------------------------------------------------- The Pad ID lets you tell one pad from another. If you exchange encrypted messages with two or more people you can use names to distinguish which pad to use with each person. Once these are entered the One Time Pad and a Message Pad will be sent to the printer. Each One Time Pad is 7 pages long (14 half pages) as is each Message Pad. Two copies of each are printed. You have the option of quiting before the printing is finished. ┌──────────────────────────────────┐ │ Printing Of │ │ │ │ ONE TIME PAD │ │ MESSAGE PAD │ │ │ │ In Progress │ │ │ │ Quit ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀ │ └──────────────────────────────────┘ Selecting Instructions ----------------------------------------------------------- This prints out the Vigenere Tableau and the Instructions for using the One Time Pads. You can select anywhere from 1 to 99 copies. Once printed they can be laminated for easier use. Wipe/Delete Files Page 45 ----------------------------------------------------------- When you select Wipe/Delete Files the following menu will be displayed: ═════════════════════════════════════════════════════════════ Wipe/Delete File(s) Wipe Delete Help Quit ─────────────────────────────┬─┬───────────────────────────── Selecting Wipe ----------------------------------------------------------- When you select the wipe file function the File Selection Screen will appear and you can select the files you desire to wipe. ┬───────────────────────────────── │DEFAULT 001 08-17-94 10:26:54 A The files marked │ENC_DEC 001 08-17-94 10:27:30 A to be wiped will │ERROR 001 08-13-94 15:33:20 A have an arrow to │EXPD32 001 08-17-94 11:08:16 A the left of the │E_MAIL 001 08-17-94 10:28:10 A file name. Select │H_D_T 001 08-17-94 10:28:32 A as many files as │EXPD32 002 08-17-94 11:08:16 A you want. When you │ CRC32 ASM 04-21-94 16:06:56 A return the following screen will appear and you will have the option to proceed or quit. ┌────────────────────────────────────────────────────────────┐ │ Wipe/Delete File(s) │ │ │ │ File(s) to WIPE: 3 ▄ ┌─┤ WIPING......... ├─┐ │ │ ▀▀▀▀▀▀▀ │ │ │ │ Size of File(s): 429,284 ▄ │ │ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ │ │ │ │ │ │ │ │ │ │ ┌────────────────────────────┐ └─────────────────────┘ │ │ │ A Govt. WIPE on selected │ │ │ │ files is being performed. │ │ │ │ After a file is WIPED its │ Proceed ▄ │ │ │ data CANNOT be recovered. │ ▀▀▀▀▀▀▀▀▀▀ │ │ └────────────────────────────┘ Quit ▄ │ │ ▀▀▀▀▀▀▀▀▀▀ │ └────────────────────────────────────────────────────────────┘ Page 46 --------------------------------------------------------------- ┌───────────────────────────────┐ │ File Attributes Set │ As a default setting │ │ confirmation is asked │ File Name: EXPD32.PKD ▄│ on every file before │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀│ it is wiped. If you │ [ ] Read Only │ used the /C command │ [ ] Hidden │ line parameter when │ [ ] System │ you started Global │ │ Security confirmation │ Wipe this File? │ will only be asked on │ │ files with any of the │ Yes ▄ No ▄ Quit ▄ │ Read-Only, Hidden, or │ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ │ System attributes set. └───────────────────────────────┘ As each file is wiped its name will appear in the Wiping Box and when the wiping process is complete a "√" will appear after its name. When all the files have been wiped the following will be displayed: ┌────────────────────────────────────────────────────────────┐ │ Wipe/Delete File(s) │ │ │ │ File(s) to WIPE: 3 ▄ ┌─┤ WIPING......... ├─┐ │ │ ▀▀▀▀▀▀▀ │ 3 EXPD32.PKD √ │ │ │ Size of File(s): 429,284 ▄ │ 2 EXPD32.ENC √ │ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ 1 EXPD32.EEM √ │ │ │ │ │ │ │ │ │ │ │ ┌────────────────────────────┐ └─────────────────────┘ │ │ │ A Govt. WIPE on selected │ │ │ │ files is being performed. │ │ │ │ After a file is WIPED its │ 3 Files WIPED!! ▄ │ │ │ data CANNOT be recovered. │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ └────────────────────────────┘ Ok ▄ │ │ ▀▀▀▀▀▀▀▀▀▀ │ └────────────────────────────────────────────────────────────┘ Government Wipe Procedure ----------------------------------------------------------- All files are wiped IAW the Department of Defense procedure DoD 5220.22-M. This is their procedure for wiping highly classified files so they cannot be read or recovered by anyone. The procedure goes like this: First overwrite the file with all 1 bits, then all 0 bits. Repeat this three times. Then overwrite the file a final time with any character - I use character code 240 which is ≡. Then read the file to verify that the last write was successful. When this is completed the file has been overwritten a total of 7 times and the last write is verified to make sure it was successful. Any data you had in this file can never be recovered! Selecting Delete Page 47 ----------------------------------------------------------- The procedures for deleting files is the same as for wiping them. The only difference is that a deleted file can be recovered in some circumstances. A deleted file may be recovered by many of the popular file undelete utilities if it has not been overwritten by any other file. This is why if you realize that you deleted a file that you wanted to keep, immediately exit Global Security and use your undelete utility to recover the file. Frequency Distribution Tests Page 48 --------------------------------------------------------------- How do I know that the encryption program I want to use is any good or not? With all of the computer encryption programs being sold today there is no way to tell if they deliver on what they claim. With Global Security you can test the encrypted files yourself to see how good the program really is. But first, what are the requirements for a good field encryption program. There are six of them: 1. - The system should be, if not theoretically unbreakable, unbreakable in practice. (Global Security uses the One Time Pad System that is unbreakable in both theory and practice.) 2. - Compromise of the system (the program) should not inconvenience anyone. (Since the program is freely sold to anyone this is not an issue. Only the key (Group Files) must be kept secret.) 3. - The key should be rememberable without notes and should be easily changeable. (The keys used by Global Security are in the Group Files which can be changed in under 30 minutes on a 80386 or above.) 4. - The cryptograms should be transmissible by telegraph. (In this day and age by computer using binary file or E-Mail transmission.) 5. - The apparatus or documents should be portable and operable by a single person. 6. - The system should be easy, neither requiring knowledge of a long list of rules nor involving mental strain. The above six requirements were published by Auguste Kerckhoffs in 1883 in "La Cryptographie militaire" and still hold true today. It has been said that any modern cryptographer would be very happy if any cipher fulfilled all six. You are looking at one happy cryptographer. Global Security fulfills all the requirements listed above. Now that I have made the claim how can you prove that I am right or wrong? There are statistical tests that can be done on a file to see if it is enciphered in a random manner or not. Two tests and a frequency distribution table built up for an enciphered file can be conducted by Global Security. These tests can be performed only on enciphered files from Global Security. In order to conduct tests on enciphered files from other programs you would have to know the file format used. There are a few terms that have to be defined first. The first is "Kappa sub r" (r for random) which for the 26 letter english alphabet is .0385. What this value says is that there is a 3.85 percent chance of drawing any two letters that are the same out of two urns which contain the 26 letter alphabet. The second value is "kappa sub p" (for plaintext) which is equal to .0667 for english. If you have two urns that each contain 100 letters in the proportion in which they are used in normal test there is a 6.67 percent chance of drawing any two letters that are the same. The Kappa sub r value of .0385 for the 26 letter alphabet is equal to 1/26. If you take the 30 letter Russian Cyrillic alphabet the Kappa sub r value is .0333 or 1/30. For the 256 characters used by a computer the Kappa sub r value is .00390625 or 1/256. This value plays a central role in the Phi Test and Chi Test used in Global Security. Page 49 --------------------------------------------------------------- When Frequency Distribution Tests is selected the following screen will appear: ═══════════════════════════════════════════════════════════════ Frequency Distribution Tests Phi Test Chi Test Help Quit ───────────────────────────────┬─┬───────────────────────────── Selecting the Phi Test --------------------------------------------------------------- First select the file to do a Phi Test and Frequency Distribution Count on from the File Selection Screen. Once all the calculations have been made on the file the results will be displayed as shown below. The Phi Test can determine whether a given frequency count reflects a monalphabetic or a polyalphabetic encipherment. A frequency table for a monalphabetic enciphered file will reflect the same distrubtion table as text in normal use. A frequency table for a polyalphabetic enciphered file will just reflect random text. To use it you first multiply the total number of characters in a file by the total number minus one. If the total characters is 17,539 then multiply 17,539 by 17,538. Then multiply this product by the Kappa sub r value of .00390625. The result will be the polyalphabetic expected Phi. I do not have a Kappa sub p value for the 256 character set on a computer. I suspect that it would be fairly close to the Kappa sub p value for the 26 letter alphabet since most of the time you would be enciphering english text. For the purposes of this test this value is not needed. Next you take the frequency count of each character and multiply it by its frequency count minus one. If the frequency count for the character A is 461 then you multiply 461 by 460. When this is done for all 256 characters add all these 256 products together to get one final value. This is the ovserved Phi value. The following values are from a text file enciphered by the author. ┌────────────────────────────────────────────────────────────────────────┐ │ Frequency Distribution Tests │ │ │ │ File Name: STWATCH.ENC ▄ Phi Data Size: 125,020 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ Dec Hex Char Count Percent Dec Hex Char Count Percent │ │ │ │ Expected Phi Value (Kappa Sub r): 61,054,200 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ Observed Phi Value: 61,042,706 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ Frequency Table Statistics │ │ │ │ Mean Value: 488 ▄ Variance (s²): 443 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ ▄ ▄ PgUp ▄ PgDn ▄ Home ▄ End ▄ Help ▄ Quit ▄ │ │ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ │ └────────────────────────────────────────────────────────────────────────┘ Page 50 --------------------------------------------------------------- As you can see the observed Phi value is very close to the expected Phi value Kappa Sub r. This means that the frequency count for all 256 characters is based on a polyalphabetic encipherment. In other words, the frequency distribution for all 256 characters is completely random in nature. If it had been a monalphabetic encipherment, the frequency distribution would have been more in line with an expected Phi value Kappa Sub p which would have been a value approximately 16 times larger than 61,054,200. The Mean Value for the frequency distribution and the Variance (s²) is also given. If you take the square root of the Variance you will have the standard deviation. If these two values are close it means that the frequency distribution for all 256 characters in even, or random, in nature. Use the indicated Command Bars or keyboard keys to page through the Frequency Distribution table. It looks like the following: ┌────────────────────────────────────────────────────────────────────────┐ │ Frequency Distribution Tests │ │ │ │ File Name: STWATCH.ENC ▄ Phi Data Size: 125,020 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ Dec Hex Char Count Percent Dec Hex Char Count Percent │ │ 48 30 0 436 .3487 56 38 8 466 .3727 │ │ 49 31 1 477 .3815 57 39 9 497 .3975 │ │ 50 32 2 478 .3823 58 3A : 446 .3567 │ │ 51 33 3 512 .4095 59 3B ; 480 .3839 │ │ 52 34 4 466 .3727 60 3C < 473 .3783 │ │ 53 35 5 498 .3983 61 3D = 485 .3879 │ │ 54 36 6 502 .4015 62 3E > 467 .3735 │ │ 55 37 7 447 .3575 63 3F ? 512 .4095 │ │ │ │ ▄ ▄ PgUp ▄ PgDn ▄ Home ▄ End ▄ Help ▄ Quit ▄ │ │ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ ▀▀▀▀▀▀ │ └────────────────────────────────────────────────────────────────────────┘ The Chi Test --------------------------------------------------------------- The Chi Test is used to compare two Frequency Distribution Tables to see if they have been enciphered with the same key. First select the first enciphered file from the File Selection Screen and then the second one. The Chi Test works like this. Multiply the number of characters in the first file by the number in the second, and then by the Kappa Sub r value. This is the expected Chi Value. Then take the first value in the first distribution table and multiply it by the first value in the second distribution table. Do this for all 256 characters in the distribution table. Then add all 256 products into one large value. This is the observed Chi value. If the two are close to one another is means that they have been enciphered using the same key. Since a pseudo random key as long as the original message is used, this means that the keys for any two messages enciphered by Global Security are the same in nature, ie. two long strings of different pseudo random characters. In order to reproduce this long string of pseudo random characters and decipher the file you need an exact copy of the Group Files used to encipher the file. Page 51 --------------------------------------------------------------- The following screen will appear showing the expected Chi value Kappa Sub r and the observed Chi value when the calculations are done. As you can see the expected Chi value Kappa Sub r and the observed Chi value are very close. This means that two long strings of pseudo random characters, each as long as the file it enciphered, was used as the key. When this test is used on two files enciphered using the One Time Pad System it can only mean that the two keys used are the same type and are not actually the same key. ┌────────────────────────────────────────────────────────────────────────┐ │ Frequency Distribution Tests │ │ │ │ File Name: STWATCH.ENC ▄ Chi Data Size: 125,020 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ File Name: WIN386.ENC ▄ Chi Data Size: 518,776 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ │ │ │ │ Expected Chi Value (Kappa Sub r): 253,349,123 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ Observed Chi Value: 253,332,073 ▄ │ │ ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀ │ │ │ │ │ │ Ok ▄ │ │ ▀▀▀▀▀▀▀▀▀▀ │ └────────────────────────────────────────────────────────────────────────┘ An in depth explanation of both of these tests is presented on pages 377 to 382 in "The Codebreakers" by David Kahn and published by The Macmillan Company. If you want to write a program to perform your own tests on files enciphered with Global Security here is the format of an enciphered file. BYTES MEANING --------------------------------------------------------------- 1 - 30 Global Security ENC File ID. Do not include this in computations. 31 - 2,078 Enciphered password. Include this in the computations. 2,079 - 2,205 127 byte header. Do not include this in computations 2,206 - ? Enciphered data. Include it in the computations. The formulas for the Mean Value and Variance are taken from page 597 of "The VNR Concise Encyclopedia of Mathematics". _ 1 n 1 n _ Mean Value (x) = ─ Σ xi Variance (s²) = ─── Σ (xi - x)² n i=1 n-1 i=1 TIPS ON USING GLOBAL SECURITY IN THE REAL WORLD Page 52 --------------------------------------------------------------- Setting up the Group File and Passwords ----------------------------------------------------------- If two people across town or in different countries want to exchange enciphered files, or enciphered E-Mail messages, with Global Security, they will need to have the same set of "DFT", "SCM", and "KEY" files (Group Files). These files have to be exactly the same or else you will never be able to decipher any files. If you are the one creating these files you will need to get them to the other person by the safest means possible. The safest way is for you to deliver them yourself. The next safest way would be a private or public courier service. The least safest way would be to use the mail service of any country. The mail service of any country is owned by the government. The have the ability to open any and all mail, regular or registered, at any time, and you will never know for sure if they have opened yours or not. Only you can decide what method is safe enough for you. Next you have to decide where to keep these files. If you work in an office where other people have access to the computer you work on do not keep them on your hard disk. If you do anyone will be able to copy them when you are not around. Keep them on a floppy disk that you carry back and forth from home to the office. This decision is also up to you. Just remember, if anyone is able to copy the files someone probably will. How often should you change these files? The best answer is as often as possible or practical. If you suspect that someone may have copied them you need to change them right away. Other that that you should have an irregular schedule for issuing a new set of Group Files. A list of passwords you will use must be set up also. This list must be kept as safe as the Group Files. You could have a password that changes with every message, or every day, or every week, or every month, etc. How you set up the passwords is up to you. SPECIAL NOTE ----------------------------------------------------------- "Any repetition of any kind in the keys of cryptograms under analysis imperils them and perhaps dooms them to solution. It does not matter whether the repetitions lie within a single message or among several, arise from the interaction of repeating primary keys or from the simple repeating of a single long key. Repetitions in the key cannot be permitted." "The Codebreakers" page 398 by David Kahn. A set of Group Files contains only 43,200 sets of keys. If one set of Group Files were to be used to encipher and transmit hundreds or thousands of files/messages there is a chance that one or more would be enciphered by the same set of keys. These messages enciphered with the same set of keys would then be open to analysis and possible deciphering. A set of Group Files should therefore be used to transmit only 10 to 25 files/messages and then they should be changed. Page 53 ----------------------------------------------------------- Global Security is uncrackable even by the National Security Agency (NSA), but only if your Group Files and Password List are kept safe. If they are stolen without your knowledge your enciphered files or E-Mail messages can be intercepted and deciphered. Global Security will do its job if you do yours. Who is looking at your Computer Data and E-Mail Messages? ----------------------------------------------------------- You must always think that someone has intercepted your enciphered files or E-Mail messages but as long as they do not have your Group Files and password list they will never be able to decipher them. The people most likely to intercept them are the NSA and the FBI. I quote from the 2 March 1994 article in the business section of The Washington Post mentioned earlier: "The FBI and NSA have long enjoyed broad legal and technological powers to snoop-to capture virtually any conversation or data transmission over phone lines, by cellular or cordless phone and with a variety of exotic methods." Because of the nature of E-Mail Systems your data can very easily be intercepted and read at numerous points along the way. An E-Mail message sent from the Middle East to the head office in Los Angles, Calif. may go through several interconnected E-Mail Systems before it gets to the person it was meant for. Many of these E-Mail Systems overseas are owned and operated by different governments. You can be sure that any interesting messages wind up on the desks of numerous government agencies or intelligence services. This is why you need Global Security. It can encipher an E-Mail message so that not even the National Security Agency (NSA) can decipher the it. After you have written a very sensitive report you delete all backup copies and WIPE the original file after it is enciphered. Two days later data from this sensitive report appears in all the major newspapers. Where did the data come from? It came from the backup copy you deleted but did not wipe. Someone came in at night and looked at all the deleted files on your hard disk to see if there was anything of value he/she could use. A file that has been deleted by DOS only has its directory and FAT entries deleted. The data from the file is still on disk and can be recovered. Transmitting Enciphered Files ----------------------------------------------------------- Once you have a file enciphered you have to transmit it to another computer to get it delivered to the right person. This could be to another PC in the next state, the mainframe computer in the home office, or an E-Mail Service such as MCI. Page 54 --------------------------------------------------------------- The communications programs used will depend on the circumstances. The choice will be up to you. All communications programs used must be able to transmit files without any errors and without adding any extra bytes into the file between the File ID String and the end of the file. Characters or lines added to the beginning or end of the file are OK. A file enciphered and transformed for E-Mail is a text file. It has only printable ASCII characters, the carriage return, and line feed characters in the file. When you transmit a file by E-Mail, the E-Mail Service adds a header to the file. This usually contains a From and To line and may contain other information depending on the E-Mail Service you are using. The E-Mail Service then places this into the "mailbox" of the person you have sent it to along with all of his/her other mail from other sources. As long as the E-Mail Service did not alter any bytes between the High RADIX 64 file format ID and the end ID you will have no trouble reconstructing it when you download your mail. SPECIAL NOTE: Since there is no Global Security program to decipher an enciphered file that has been transmitted to a mainframe computer you will have to download the file from the mainframe to a PC before it can be deciphered. SPECIAL NOTE: If the enciphered file has been transmitted to an Apple Macintosh computer you will also have to download the file to a PC before it can be deciphered. This has to do with the way the Macintosh computer stores data as well as the fact that there is no version of Global Security for the Macintosh. Long and Short Term Storage of Enciphered Files ----------------------------------------------------------- For short term storage of enciphered files where they may be used on a daily, weekly, or monthly basis storage on floppy or hards disks should not pose any problems. Just remember that floppy and hard disks do fail from time to time so keep BACKUP copies of all your enciphered and Group Files. For long term storage or archiving of enciphered files where they may not be used for 6 months to many years a nonvolatile storage media such as optical disks which have a shelf life of up to 30 years should be used. It would be best to put the enciphered files on one optical disk and the Group Files required to decipher them on a different one, and keep them in separate places. Keep the passwords in a safe secure place where they can be retrieved even after a number of years. USING A ONE TIME PAD Page 55 --------------------------------------------------------------- The following examples will show you how to use a One Time Pad to encipher and decipher messages. A copy of the same instructions and Vigenere Tableau printed by the program is shown below so you can use it while doing the examples. A B C D E F G H I J K L M N O P Q R S T U V W X Y Z - ┌─────┬─────┬─────┬─────┬─────┬─────┬─────┬─────┬─────┐ A │A B C│D E F│G H I│J K L│M N O│P Q R│S T U│V W X│Y Z -│ B │B C D│E F G│H I J│K L M│N O P│Q R S│T U V│W X Y│Z - A│ C │C D E│F G H│I J K│L M N│O P Q│R S T│U V W│X Y Z│- A B│ ├─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┤ D │D E F│G H I│J K L│M N O│P Q R│S T U│V W X│Y Z -│A B C│ E │E F G│H I J│K L M│N O P│Q R S│T U V│W X Y│Z - A│B C D│ F │F G H│I J K│L M N│O P Q│R S T│U V W│X Y Z│- A B│C D E│ ├─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┤ G │G H I│J K L│M N O│P Q R│S T U│V W X│Y Z -│A B C│D E F│ H │H I J│K L M│N O P│Q R S│T U V│W X Y│Z - A│B C D│E F G│ I │I J K│L M N│O P Q│R S T│U V W│X Y Z│- A B│C D E│F G H│ ├─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┤ J │J K L│M N O│P Q R│S T U│V W X│Y Z -│A B C│D E F│G H I│ K │K L M│N O P│Q R S│T U V│W X Y│Z - A│B C D│E F G│H I J│ L │L M N│O P Q│R S T│U V W│X Y Z│- A B│C D E│F G H│I J K│ ├─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┤ M │M N O│P Q R│S T U│V W X│Y Z -│A B C│D E F│G H I│J K L│ N │N O P│Q R S│T U V│W X Y│Z - A│B C D│E F G│H I J│K L M│ O │O P Q│R S T│U V W│X Y Z│- A B│C D E│F G H│I J K│L M N│ ├─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┤ P │P Q R│S T U│V W X│Y Z -│A B C│D E F│G H I│J K L│M N O│ Q │Q R S│T U V│W X Y│Z - A│B C D│E F G│H I J│K L M│N O P│ R │R S T│U V W│X Y Z│- A B│C D E│F G H│I J K│L M N│O P Q│ ├─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┤ S │S T U│V W X│Y Z -│A B C│D E F│G H I│J K L│M N O│P Q R│ T │T U V│W X Y│Z - A│B C D│E F G│H I J│K L M│N O P│Q R S│ U │U V W│X Y Z│- A B│C D E│F G H│I J K│L M N│O P Q│R S T│ ├─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┤ V │V W X│Y Z -│A B C│D E F│G H I│J K L│M N O│P Q R│S T U│ W │W X Y│Z - A│B C D│E F G│H I J│K L M│N O P│Q R S│T U V│ X │X Y Z│- A B│C D E│F G H│I J K│L M N│O P Q│R S T│U V W│ ├─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┼─────┤ Y │Y Z -│A B C│D E F│G H I│J K L│M N O│P Q R│S T U│V W X│ Z │Z - A│B C D│E F G│H I J│K L M│N O P│Q R S│T U V│W X Y│ - │- A B│C D E│F G H│I J K│L M N│O P Q│R S T│U V W│X Y Z│ └─────┴─────┴─────┴─────┴─────┴─────┴─────┴─────┴─────┘ To Encipher: Write in the plaintext message in the correct place on the One Time Pad. Find the plaintext letter in the top alphabet and the key letter in the side alphabet. Then trace down from the top and in from the side. The ciphertext letter stands at the intersection of the column and the row (i.e. plaintext "M" and key letter "W" equals ciphertext letter "H"). Place the ciphertext letter in the correct place on the One Time Pad. Page 56 --------------------------------------------------------------- To Decipher: Write in the ciphertext message in the correct place on the One Time Pad. Find the key letter in the side alphabet. Follow that row in until you find the ciphertext letter. Follow that column up to the plaintext alphabet at the top. This is your plaintext letter (i.e. key letter "S" and cipher- text letter "Z" equals plaintext letter "H"). Place the plaintext letter in the correct place on the One Time Pad. Below is what a section of a One Time Pad will look like. Your pseudo random KEY letters are in the top line. KEY: V W G K P W Z G Z B V P V G G J N J J E A H B E H PLAIN: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ CIPHER: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ If you want to encipher the phrase " ALL LAWYERS ARE CROOKS" place this text in the plaintext line as shown below. KEY: V W G K P W Z G Z B V P V G G J N J J E A H B E H PLAIN: A L L - L A W Y E R S - A R E - C R O O K S _ _ _ CIPHER: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Use the "-" as a word spacer. It will make it easier on the person who is going to decipher the message to seperate the words. Next follow the instructions and fill in the ciphertext line according to the instructions. To encipher the first plaintext letter find the letter "A" in the alphabet on the top of Vigenere Tableau and find the first key letter "V" in the alphabet on the left side of Vigenere Tableau. Trace down from the top and in from the side. At the intersection of the column and row you have the ciphertext letter. In this case it is "V". Place the ciphertext letter "V" below the plain text letter "A". KEY: V W G K P W Z G Z B V P V G G J N J J E A H B E H PLAIN: A L L - L A W Y E R S - A R E - C R O O K S _ _ _ CIPHER: V _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Page 57 --------------------------------------------------------------- Now do the same for the rest of the message. The enciphered message should now look like the example below. KEY: V W G K P W Z G Z B V P V G G J N J J E A H B E H PLAIN: A L L - L A W Y E R S - A R E - C R O O K S _ _ _ CIPHER: V G R J - W U D C S M O V X K I P - X S K Z _ _ _ Now it is best to transfer the ciphertext to the message pad, or any plain piece of paper, for sending the enciphered message. To decipher just copy the ciphertext message to the correct One Time Pad. It must be on the same page and starting at the same place as the original message in order to decipher it. Otherwise you will just get a garbled message that no one can understand. This is why you should use a Message Pad because it tells the person receiving the message what pad to use and what page and place on that page to start to decipher the message. When you receive an enciphered message transfer it to the correct place on the One Time Pad as shown below. Following the instructions find the Key letter in the side alphabet. Trace that in along the row until you find the ciphertext letter. Go up the column to the top alphabet to find the plaintext letter. In this case the Key letter "V" and the ciphertext letter "V" give you a plaintext letter of "A". KEY: V W G K P W Z G Z B V P V G G J N J J E A H B E H PLAIN: A _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ CIPHER: V G R J - W U D C S M O V X K I P - X S K Z _ _ _ When you decipher the rest of the message you will get the following: KEY: V W G K P W Z G Z B V P V G G J N J J E A H B E H PLAIN: A L L - L A W Y E R S - A R E - C R O O K S _ _ _ CIPHER: V G R J - W U D C S M O V X K I P - X S K Z _ _ _ Take the dashes out and it will be very easy to read "ALL LAWYERS ARE CROOKS". As you can see it is very easy to encipher and decipher messages using the One Time Pad. Just make sure you are accurate and you will have no problems. It does take a little bit of work and that is why the One Time Pad is best used for short messages and low volume situations. Page 58 --------------------------------------------------------------- Five letter groups are used by the One Time Pad to break up any indication of how long individual words are. The ciphertext should be sent as five letter groups also. Appendix A Page 59 --------------------------------------------------------------- WHY ENCIPHER DATA --------------------------------------------------------------- Before you can understand the need for such a program as Global Security you have to understand the power of the United States Government to intercept and listen to any phone conversation in the world that uses satelite or microwave transmission facilities. This power resides in the government agency know as the "National Security Agency" (NSA). On 24 October 1952 President Harry S. Truman signed a presidential memorandum that established the National Security Agency. This memorandum is still one of the most closely guarded secrets of the U.S. Government. Since that day the growth of the NSA has been exponential. With super computers, super secret satelites, and top secret installations around the world it has the ability to listen in on, and record, electronic transmissions of any type anywhere in the world. Most of the information I am about to give you comes from a book titled "The Puzzle Palace" by James Bamford, published by Penguin Books in 1983. It is worth reading. The Communications Satelite Corporation (COMSAT) has four main satelite earth stations located in the U.S. for transmitting phone conversations, computer data, and television signals anywhere in the world. Close by each satelite earth station the NSA has built a secret installation which could be used to intercept any incoming or outgoing transmissions, record it, and send it to its headquarters for processing by its super computers. There are many who believe that the NSA also taps into the domestic microwave system to intercept, record, and process domestic phone conversations and computer data. There is a facility located a few hundred yards behind the NSA main Operations Building at Fort Meade, Maryland which is a very broadband microwave RCV, receive only station, which is tied into the local telephone company circuits, which are inter- connected with the nationwide microwave telephone system. Is NSA actually listening in on domestic long distance phone lines? No one really knows for sure, but if they want to they certainly have the capability to do it in a big way. Are they listening in on international transmissions? Of course they are, that is one of their primary missions. Computer transmitted data is especially open to interception, recording, and processing. Just record it and run it through another computer. Instant data to look at. There is a way to make it harder on the NSA to look at your computer data. Encipher it before transmitting it, then decipher it at the other end. This has its pitfalls too. Most commercial code systems utilize methods that have been cracked or are suspect because the U.S. Government is suspected of having their hands in the cookie jar so to speak. Read John C. Dvorak's "Inside Tract" in the March 17, 1992 issue of PC Magazine. He says that the WordPerfect security system was effortless to crack. He also reports a "back door" was discovered in an encryption system (using the El Gamal encryption algorithm) about to be approved by the U.S. Governments National Institute of Standards and Appendix A Page 60 --------------------------------------------------------------- Technologies. He reports that "onlookers" accused the NSA of being behind the "back door" because they really do not want anyone to have a code that cannot be broken, by them. If you look at the history of DES (Data Encryption Standard) which is the U.S. Governments standard for data encryption you will see that the NSA was caught with its hands in the cookie jar here also. DES was first developed by IBM in the early 1970's under the code name Lucifer. When the National Bureau of Standards solicited for encryption algorithms for the U.S. Government IBM submitted Lucifer. But before it did so IBM dropped the key length from 128 bits long to 56 bits long. James Bamford in "The Puzzle Palace" reports that this was due to closed door meetings between IBM and the NSA where IBM agreed to cut the key length from 128 to 56 bits. It was eventually approved as the nations standard for data encryption and became known as DES. By cutting the key from 128 bits to 56 bits the NSA made sure that it would be able to crack the code with super computers. In fact, Dvorak reports, same column mentioned above, that it only takes hours of super computer brute force to crack a message encrypted by DES. Plus he reports it is believed that Adi Shamir of RSA Data Security has cracked the DES by using math alone. It sounds like the governments standard is only a standard way of making sure the NSA can read your transmitted computer data. For a full report on the controversy over DES I suggest you read the chapter "Competition" in "The Puzzle Palace". In the same column John C. Dvorak also praises the RSA Data Security company and their "practical public key/private key" method of encoding and decoding messages. This method uses the patented Rivest-Shamir-Adelman (RSA) encryption algorithm. It works like this: pick a number N that is the product of 2 prime numbers. Call them X and Y so that N = X times Y. You then pick a number less than N to be your public key - call this number P. Your private key K is then calculated by the formula P times K = 1(mod L) where L is the least common multiple of (X - 1) and (Y - 1). To encrypt a message the sender must know N and P. With a "little" bit of computer work X, Y, and K can be calculated. The formulas used to encipher and decipher data seem to me to use very large numbers if N is large which would make encyphering and deciphering data a lengthly process. To crack the RSA algorithm would just take a little bit of time. Calculating prime factors of large numbers would be a cinch on any computer. On the super computers that the NSA has it would be even faster. You could even do the hard work in advance. Just generate a list of large prime numbers and then it would be a matter of trial and error to find two prime numbers that when multiplied together produce N. From that point on finding K would be a piece of cake. The RSA algorithm seems to be open to analytical attack also. Looking at the formulas to encipher and decipher data that are in the June 1990 issue of Byte magazine in the article Appendix A Page 61 --------------------------------------------------------------- "Cloak and Data" by Rick Grehan it appears that if the first 'A' in the message is encrypted into a 'Z' by the formula all other A's in the message will also be encrypted into Z's. If this is the case, any RSA encrypted message is open to the most basic cryptanalytic procedure: frequency and contact of letters. How many of each letter are there in the message and what letters do they come in contact with. Take the letter combination TH. It appears often in the english language. If the letter combination SB appears often in an enciphered message using the RSA algorithm it is a better than even bet that they stand for the TH in the plaintext message. From there it is just a matter of time until you solve the message. The longer the message the easier it is to solve. From the looks of things I would not place too much faith in the RSA algorithm. The 28 April 1994 edition of The Wall Street Journal has a front page article entitled "Cipher Probe" about the encryption program PGP - Pretty Good Privacy. This program is based on the RSA algorithm and is therefore open to the same basic attack as described above. Any encryption program not based on the "One Time Pad" System in this day and age can, with a little effort, be broken by the National Security Agency. Dvorak reports and I quote: "It's logically believed that the National Security Agency doesn't like the idea of truly secure encryption, since it means the NSA won't be able to keep tabs on foreign spies easily." To this I would add the NSA does not want the American public to have a truly secure method of encryption because then the U.S. Government could not keeps tabs on its own people like it has in the past. One such operation was known as Operation Shamrock which started in 1945 and continued for 30 years until 1975. Senate Intelligence Committee chairman Frank Church labeled this "probably the largest governmental inteception program affecting Americans ever undertaken". Operation Shamrock consisted of the three major international telegraph companies of the time voluntarily handing over to the U.S. Government all international cable traffic between foreign governments. Later it turned into a giant operation where the U.S. Government listened in on the American people. When the NSA was formed in 1952 it inherited Operation Shamrock. When the country started to convert to computers and magnetic storage devices the cable companies just turned over their magnetic drums with all the cable traffic to the NSA for copying. As the capabilities of the NSA grew to listen in on the American public agencies of the U.S. Government like the FBI, CIA, DIA, and Secret Service sent the NSA "watch lists" of people they would like the NSA to listen to. It only stopped in 1975 because it was close to being splattered all over the American press. What the government has done in the past it will do in the future. Appendix A Page 62 --------------------------------------------------------------- Now that the cold war is over governments everywhere will shut down their super secret spy agencies and the world will at last know peace of mind. If you believe that I have some real estate on the moon I would like to sell you - real cheap. What will the NSA and the CIA do in the future now that a major reason for their being no longer exists? Everyone knows that a govern- ment agency that has been in existence for any length of time over a few days can never be shut down. It just grows and grows and grows. So, who will the NSA and CIA target next? There is only one place to go and that is the American people. It may not happen over night or even in the next few years, but it will happen. Now is the time to get prepared for them. Even the phone system is going digital at a slow rate. Because of this a computer will be able to recognize words and intercept and record all phone conversations that contain a certain word. The NSA will have a lock on the American people. The following quote was made by Senator Frank Church of the Senate Intelligence Committee in 1975 in regard to the NSA's ability to intercept electronic transmissions: "At the same time, that capability at any time could be turned around on the American people and no American would have any privacy left, such [is] the capability to monitor everything: telephone conversations, telegrams, it doesn't matter. There would be no place to hide. If this government ever became a tyranny, if a dictator ever took charge in this country, the technological capacity that the intelligence community has given the government could enable it to impose total tyranny, and there would be no way to fight back, because the most careful effort to combine together in resistance to the government, no matter how privately done, it within the reach of the government to know. Such is the capability of this technology... I don't want to see this country ever go across the bridge. I know the capacity that is there to make tyranny total in America, and we must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision, so that we never cross over the bridge. That is the abyss from which there is no return." If the NSA could do this in 1975 what can they do today? It has been 20 years and a revolution in the computer industry since then. It is something to think about in the dark of night when the moon is full and all the little government spies (worms) are busy watching you. Appendix B Page 63 --------------------------------------------------------------- WHY GLOBAL SECURITY --------------------------------------------------------------- Now that I have torn down every encryption method available that is supposed to be any good and shown you the capability of the NSA to intercept not only your phone conversations but all your computer transmissions too, where do we go from here? There is one method of encryption that can be used that is unbreakable in practice and in theory. It was first developed in America in 1918, completely rejected by the U.S. Government, and first used by the German diplomatic establishment sometime between 1921 and 1923. It is called the "One Time Pad System". It is a remarkable system in its simplicity. For further information see pages 398 to 400 of "The CODEBREAKERS" by David Kahn, published by The Macmillan Company in 1967. It consists of a random key used once, and only once. It provides a new and unpredictable key character for each plaintext character in the message. This means that every letter or character is enciphered with its own random key. The letter 'A' may be enciphered into a 'Z' the first time it is encountered in the message and into an 'N' the next time, a 'B' the next, and so on and so on. This means for a message that is encyphered as "Z T Q W" the first 'Z' could be deciphered into any of the 26 letters of the alphabet. This holds true for all the other letters also. This could be deciphered into the word "L O O K" where both the 'T' and the 'Q' stand for the letter 'O'. "The perfect randomness of the one-time system nullifies any horizontal, or lengthwise, cohesion, as in coherent running key or autokey, and its one-time nature bars any vertical assembly in Kasiski or Kerckhoffs columns, as in keys repeated in a single message or among several messages. The cryptanalyst is blocked." If you were to use the brute forc method and try to decipher this message with every possible key combination all you would have done is compile a list of every possible four letter word in the world. There are stop, hard, slow, kiss, etc., etc., etc. The longer the message the more possibilities there are. What is boils down to is that you have an equation in two unknowns with only 1 equation and that is impossible to solve. X + Y = 9. You know that 9 is the ciphertext. Without another equation there is no way to solve X (the plaintext) or Y (the key). X and Y could be any values you choose that equal 9. All this does is compile a long list of possible solutions with one just as good as the other. Since there are an infinite number of numbers there are an infinite number of solutions to the above equation. One could be just as valid as the other. There is no way to know which one is right. In this age of computers why is this "One Time Pad System" not in widespread use? Could it be the fact that computers cannot generate random numbers. All they can generate is pseudo-random numbers. This means that the string of random numbers produced by any computer can be reproduced by that or another computer using the same formula. But this is exactly what is required by any computer program to encipher data. You need to be able to reproduce that same set of random numbers to decipher the data. Appendix B Page 64 --------------------------------------------------------------- This is easy enough. There are many formulas to generate pseudo- random numbers on computers. But even this is not enough. Most of these formulas only require a small seed number to get the formula going. This is the key to why these formulas and other encryption formulas are no good. Remember this: NO MATTER HOW INTRICATE OR COMPLEX ANY DATA ENCRYPTION FORMULA IS, IF THE SEED NUMBER TO START THE FORMULA IS SMALL, THAT ENCRYPTION FORMULA CAN BE VERY EASILY CRACKED BY THE BRUTE FORCE METHOD. Just plug in all possible seed numbers into the formula using a super computer and within a matter of hours any message can be decoded. This is the bane of most encryption formulas. They try to keep the seed number small by using very complex and lengthy formulas because human beings, you and me, do not like to enter 100 and 200 digit seed numbers into a computer every time we have to encipher or decipher a message. The small seed number is their Achilles Heel. In this day of the super computer I would call any seed number under 40 digits small. This equates to about a 128 bit number on a computer. So what would it take to make an ideal computer program for enciphering and deciphering data. 1 - The formulas used to encipher and decipher data have to be as simple as possible for fast, economical, error free performance. 2 - The formula must have a very long key (seed number), but one that does not have to be entered by a human into the computer. A number that is 7,776 bits (972 bytes) long is used by Global Security. 3 - The program must use the "One Time Pad System" by generating a unique key letter for each plaintext letter in the file or message enciphered. 4 - The files created to enter this long seed number into the formula must be easy to make, and more important, easy to produce new files as often as required. 5 - The system must be reliable. It must decipher all files or messages without error. 6 - The system must be "software only". No extra hardware required. 7 - The cryptosystem must be easy to use. The more complicated a cryptosystem is the less it will be used. All this and more describes Global Security, the best little enciphering/deciphering program in the world. The 7 items listed above all apply to Global Security. What follows is a detailed Appendix B Page 65 --------------------------------------------------------------- explanation of why Global Security is the most secure, bar none, of any encryption/decryption method or program available in the world today. This has to be done so you will know that what I say is true. You will not have to take my word for it. You can then make up your own mind about how good Global Security really is. Run the Phi and Chi Tests to confirm this in the new Frequency Distribution Tests included in Global Security. There are four files that have to be created by the program before you can encipher and decipher files, or make actual "One Time Pads". The first is called a Prime Number File. This file holds 3,067 prime numbers in the range 100,000,001 to 4,294,967,295. You enter a search factor between 2 and 100,000 (an even number must be used) and a starting number equal to or greater than 100,000,001. The search factor is there so you will not find consecutive prime numbers. If you enter a search factor of 32,984 and a starting number of 1,496,392,593 the second number to be checked for being prime would be 1,496,425,577 and so on and so on until 3,067 prime numbers are found. The numbers wrap around if they exceed 4,294,967,295. There are approximately 83,899,345,900,000 different prime number files that can be created. On my 20 Mhz 386DX computer this takes only about 20 minutes or less with the 32 bit version of Global Security. The next step is to create a Default Parameter File. When you encipher a file 2,205/2,326 bytes are added to the length of the file or E-Mail Message. A group of 2,048 bytes hold a 7 character password (enciphered) needed to decipher the rest of the file. Where the 7 character password is placed within these 2,048 bytes is determined by the Default Parameter File. This file also holds one parameter used by the enciphering, decipher- ing, and scrambling formulas. This file takes only a few minutes to create. There are 1.19657994458 times 10 to the 24th power different ways to create a Default Parameter File. The third step is to scramble the Prime Number File and create a Scrambled Prime Number File. How many different ways are there to scramble 3,067 prime numbers? Using Stirling's Approximation formula for calculating large factorials you get: 3,067! = 8.17375658029 times 10 to the 9,363rd power This is a number 9,364 digits long. It is best to scramble and rescramble this file as often as possible. The more you do this the harder it will be to duplicate the file. The fourth and last file to create is a Key File. This holds the initial key used to select 243 prime number from the Scrambled Prime Number File to plug into the encryption/ decryption formula. How can you automatically select an initial key from a file? DOS provides the answer to that for us. Every file you are going to encrypt has a date/time stamp assigned by DOS when the file was created. Since DOS assigns date/time stamps in 2 second intervals there can be 43,200 different date/ time stamps in one 24 hour period. Therefore the Key File holds 43,200 different numbers in the range 100,000,001 to Appendix B Page 66 --------------------------------------------------------------- 4,294,967,295. These numbers are randomly selected. Once created this file can also be scrambled as many times as you like. Due to the way the file is scrambled in sections there are only apprximately 3.48143426965 times 10 to the 30,261 different ways to scramble a Key File. The program checks the date/time stamp of the file and uses it to index into the Key File to select an initial seed to use in the formulas. This initial seed is then used to randomly select 243 prime numbers from a Scrambled Prime Number File. These 243 prime numbers are placed into 3 arrays which comprise 81 different pseudo random number generators. One pseudo random number generator is used to randomly select from the other 80 pseudo random number generators for each character in a file to encipher or decipher. These 81 pseudo random number generators require 3 prime numbers each for a total of 243 prime numbers. Each prime number is 4 bytes or 32 bits long. This equals 7,776 bits. This is the initial starting seed for all the random number generators. For anyone to duplicate a seed number 7,776 bits (972 bytes) long without the original files used to create it would require a miracle in the absolute true sense of the word. What is all boils down to is that a brute force attack on any message enciphered with Global Security would require more time and more computer power than is possible within the next few million years or so. To decipher a message you need the exact same set of files used to encipher it. The only way to get these files would be to steal them. So what? If someone stole the files all you have to do is change them - it only takes 20 minutes or so. In fact, to really be secure, you could make it a practice to change the files every week. This way if someone did steal the files they could only decipher the messages for that week and no more. There is also the question of the password. This could be set up to change on every message. Now someone would have to steal the files and the correct password for each message to decipher them. The best place to keep these files is on a floppy disk locked up in a very good safe. They should only be taken out by an authorized person. If you left the files on a hard disk on a single computer or a network it would be very easy for someone to copy them. The best program in the world will not protect you from "inane" actions like this. For each person or organization you exchange enciphered data with it is a good idea to maintain a different set of Scrambled, Default, and Key files. A seperate list of passwords should be kept also. I envision a setup much like the following one. You are an auditing department of a large accounting firm with teams of auditors that travel fequently around the country making audits on large corporations and companies. These auditing teams send back to the home office very sensitive data and reports that could have major implications on Wall Street if the information leaked out. Just before a team heads out to audit a company they Appendix B Page 67 --------------------------------------------------------------- are given a new set of Group Files to use with Global Security and a list of passwords to use for each day. At the home office the only person that has the other set of files and passwords is their boss. He is the only one that can decipher the incoming data and reports. The next time a team went out a new set of Group Files would be created again. This is as secure as you can get. The key to having a secure system is to use a set of Group Files only a few times and then create new ones. This ensures that every message that is enciphered will have a unique set of keys which means a unique string of pseudo random characters that is just as long as the file. If this is always adhered to any message that is intercepted will not be able to be broken or analysed in any way. The government, or anyone with a lot of money, could set up a special van that when parked outside of your home or office could record the keystrokes from your computer and the data going to your screen from the electrical signals they emit. It would then be possible to create duplicates of the Group Files from this data. If you think someone is doing this to you, you can guard against this interception by using "Tempest" shielding on your computer which does not permit these electrical signals to be emitted. Check with your local hardware vendor to see if this "Tempest" shielding can be installed on your computer. Clear and Present Danger --------------------------------------------------------------- Just recently I had the pleasure of reading "Clear and Present Danger" by Tom Clancy. The only reason I mention this here is that on page 240 of the paperback novel he presents a very excellent explanation of the One time Pad System. This is the system used by most major governments in the world and now you, an individual, have at your command Global Security which is based on the same secure One Time Pad System. Appendix C Page 68 --------------------------------------------------------------- STARTUP/TERMINATION ERRORS --------------------------------------------------------------- There are 4 errors that can be displayed upon startup and 1 upon termination of GS16.EXE. They will be displayed and you will be returned to the DOS prompt. 1. Global Security ■ 16 requires DOS Version 3.x or above. 2. Global Security ■ 16 needs to be in 25 rows by 80 columns Mode. If your display is set to display anthing other than the above please set it back using the DOS Mode Command (MODE CO80 for color or MODE BW80 for black and white). 3. Gobal Security ■ 16 cannot find itself at the end of the Environment. In DOS 3.0 and above a fully qualified drive, path, and program name is place at the end of the environment assigned to the program. Global Security uses this information to find itself and place the GLOBAL.PRN file in the same directory. If you get this error message it means that you are using a DOS version of 1.x or 2.x. Or your version of DOS does not place this information at the end of the program environment. 4. Insufficient extra memory to run Global Security ■ 16. Global Security uses dynamic memory allocation for its text window buffers. If there is not 20K of extra memory available when the program is started this message will be displayed. Remove some TSR's and run Global Security again. 5. (Termination Error) Global Security ■ 16 terminated due to memory allocation/release error. An error was encountered while allocating or releasing memory for use by a text window. This error should never be encountered unless another program has grabbed all available memory for its own use. Appendix C Page 69 --------------------------------------------------------------- PROGRAM ERRORS --------------------------------------------------------------- The following errors are displayed by the Extended Error Reporting System as required by the program. 1. Drive Index Too Large for Drive Table When the program first determines which drives are installed in your system (substituted drives included) it builds a drive table and an index for the current drive. It checks for a maximum of 26 drives but only the first 12 are usable by the program. If the drive you loaded the program from has an index greater than 12 the program will display this error and then exit the program. 2. Wrong KEY File Selected When deciphering a file you will be asked to select the designated KEY File to decipher the program. If you select the wrong one you will be told and then returned to the File Selection Screen to select the correct KEY File. 3. More than 1,000 Directories on Disk If you load Global Security from a disk with more than 1,000 directories the Extended Error Reporting System will display this error and then exit the program. If you select a disk drive within the program to use that has more than 1,000 directories you will be returned to the File Selection Screem to select another disk drive. 4. Number Already Used While creating a Default Paramter File you cannot place 2 or more password characters in the same position. If you try to use a number twice the Extended Error Reporting System will tell you and you will be returned to the number entry screen to enter another number. 5. Enciphered File too Large to View If the enciphered file you selected to view is larger than 5,952,000 bytes the Extended Error Reporting System will tell you and return you to the File Selection Screen to select another enciphered file to view. 6. Number Entered too Small Number entered is out of range on the small side. You will be returned to the number entry screen to enter a number in the correct range. Appendix C Page 70 --------------------------------------------------------------- 7. Number Entered too Large Number is out of range on the large side. You will be returned to the number entry screen to enter a number in the correct range. 8. Number Entered not Even While entering a number for the Search Factor an odd number was given. You will be returned to the number entry screen to enter an even number. 9. Number Entered not Odd While entering a Starting Number for the Prime Number search an even number was entered. You will be returned to the number entry screen to enter an odd number. 10. S.F./S.N. Evenly Divisible by Same Number The Search Factor and Start Number are checked to make sure they have no common divisors between them. If they were to have a common divisor no prime numbers would be found. If they do have a common divisor you will be returned to the Start Number entry screen to enter another starting number. 11. Insufficient Space on Disk When creating any file the program checks to make sure there will be enough space on the disk to hold it. If not the Extended Error Reporting System will tell you and then return you to an appropriate menu. At this point you may have to change disks or exit the program and erase some files on the disk you want to use. 12. Substituted Drive While selecting a drive to use in the File Selection Screen you selected a substituted drive (ie. a drive letter has been substituted for a path name). You will be returned to the File Selection Screen to select an unsubstituted drive. This applies to Assigned drives too. (See DOS ASSIGN and SUBST commands in your DOS Manual) 13. File is Incomplete When you selected a Prime Number File to scramble you selected one that was incomplete. You will be returned to the File Selection Screen to select another Prime Number File to scramble. Appendix C Page 71 --------------------------------------------------------------- 14. File Contains Invalid Data A check is made on some of the files created by Global Security. If you ever get this error message the file has been corrupted. You will be returned to an appropriate menu. 15. File is Already Complete When selecting a Prime Number File to finish you selected one than is already complete. You will be returned to the File Selection Screen to select another file to finish. 16. File Not Found At various times in the program you will need 1 or 2 additional files in a process. When you encipher a file you are asked to select a KEY File to use. The SCM and DFT files with the same name must also be present. If they are missing you will get this error message with the file name and then returned to an appropriate menu. 17. More than 12 Levels of Subdirectories If you have more than 12 levels of subdirectories the program will exit upon startup after displaying the above error message. After startup if you use a disk that has more than 12 levels of subdirectories the program will display this error message and return you to an appropriate menu. 18. Decompression Integrity Check Failed Decipher Integrity Check Failed Reconstrcution Integrity Check Failed An error was detected during the integrity check while deciphering, decompressing, or reconstruction a file. Data may be corrupted. If the file was transmitted to you ask for it to be enciphered, compressed, transformed, and transmitted again. 19. Disk Full Since the calculations of the required disk space needed to decipher a file or set of messages for E-Mail may not always be accurate you will get this message if the disk you are using to put deciphered files/messages onto runs out of room. Make more room on the disk or use your hard disk to put the deciphered files onto. 20. Not a Valid "ENC" File to Decipher The decipher routine could not find the proper Global Security File ID String which identifies this as an "ENC" File. The ID String may be corrupted or you have selected a file with an "ENC" file extension but which is not a true "ENC" file. Appendix C Page 72 --------------------------------------------------------------- 21. No "HR64" Messages in File to Extract While scanning a file of E-Mail messages none were found to extract. If you know for a fact that there are messages to extract in the file the High RADIX 64 ID String has been corrupted. 22. Too Many Files With The Same Name The decipher routines will assign the original name to any file it decipheres. If a file with the same name already exists in the directory it will use the same file name but assign a file extension of "001". If "001" is in use it will use "002", etc. all the way up to "999". If you already have 999 file names like this in the directory you will get this message. 23. Future Compression Method Used Future Encryption Method Used You are attempting to decipher or decompress a file or message that has been enciphered or compressed by a method used by a future version of Global Security. Select Ok from the Extended Error Reporting System Screen and you will be returned to an appropriate menu or, if you are deciphering E-Mail Messages, the program will continue looking for valid messages to decipher until the end of the file has been reached. 24. Not a Valid File to UnPack. You have selected a file that does not have the Global Security Pack File ID String in the header or the ID string has become corrupted. 25. WIPE File Verify Error. After the last overwrite of a file with character 240 the file is read and verified that it is filled with character 240. If for any reason the file is not filled with character 240 this error is displayed. 26. Suspected Computer Virus Attack! (Registered Versions Only) Every time Global Security is executed it calculates a CRC_32 value for its EXE file on disk. If it does not match the one stored in the program this message will be displayed in an Extended Error Reporting System Screen and then the program will perform a controlled exit to DOS. 27. All Files Selected to Pack are Empty. If the files you have selected to Pack are all 0 length this error message will appear and you will be returned to an appropriate menu. Page 73 --------------------------------------------------------------- 28. "HR64" Files to Create Exceeds 999 When trying to break up a very large file into smaller ones for transmission by E-Mail the number of small files to create exceeds 999. 29. No. Selected Does Not Match No. in Header Not all the files needed to reconstruct the original file have been selected. 30. Recon Group Files Not in Proper Order The first file in the selected list is not the first file in the group needed to reconstruct the original file. 31. End of File Before End of Reconstruction End of File Before End of Extraction The actual end of file came before it should have. The file you have received may have lost some data along the way. 32. Not a Valid "HR64" File to Reconstruct The file selected does not have the "HR64" file format signature in it. Select another file. 33. Not a Valid "ENC" File for Phi/Chi Tests The file selected does not have a valid ENC signature in it. Select another file. Appendix C Page 74 --------------------------------------------------------------- CRITICAL ERRORS --------------------------------------------------------------- The following errors are reported by the Critical Error Reporting System. Possible remedies are also suggested. 1. Disk Write Protected Remove the write protection from the disk and select Retry from the Critical Error Reporting System menu. 2. Unknown unit With the File Selection Screen this error should never be encountered. But if it is select Cancel from the Critical Error Reporting System menu and you will be returned to an appropriate menu. 3. Drive Not Ready You have selected a drive without a disk in it. Insert a disk in the drive and select Retry from the Critical Error Reporting System menu or select cancel and you will be returned to the File Selection Screen to select another drive. 4. Unknown Command A device has received an unknown command. If you ever encounter this critical error select Cancel from the Critical Error Reporting System menu and you will be returned to an appropriate menu. 5. Data Error (Bad CRC) A data error as indicated by a bad CRC value has been encountered. You may select Retry from the Critical Error Reporting System menu and DOS may be able to overcome the error. If it still reports Data Error after a few attempts select cancel from the menu and you will be returned to an appropriate menu. The process you were trying to do will be cancelled and all files being worked on or created will be taken care of. If you continue to get this error repeatedly on a floppy or hard disk it indicates that the disk is going bad in the area reported by the Critical Error Reporting System. 6. Bad Request Structure Length Select cancel from the Critical Error Reporting System menu and you will be returned to an appropriated menu. Appendix C Page 75 --------------------------------------------------------------- 7. Seek Error A disk drive is having problems finding a specific track or cluster on a disk. Select Retry from the Critical Error Reporting System menu a few times to see if DOS can overcome this error. If it cannot select Cancel and you will be returned to an appropriate menu. If you continue to get this error repeatedly on a floppy or hard disk it indicates that the disk is going bad in the area reported by the Critical Error Reporting System. 8. Unknown Media Type A disk with an unknown or improper format type is being used. This may also happen because of different format programs being used which are not compatable with all computers (ie. my 386 will not read any disk formated by my brothers IBM PS/2 286). Select Cancel from the Critical Error Reporting System menu and you will be returned to an appropriate menu. 9. Sector Not Found A disk drive could not find the sector it was looking for. You can select Retry from the Critical Error Reporting System menu a few times to see if DOS can overcome this error. If it cannot select Cancel and you will be returned to an appropriate menu. If you continue to get this error repeatedly on a floppy or hard disk it indicates that the disk is going bad in the area reported by the Critical Error Reporting System. 10. Out of Paper Will never be reported by Global Security because it does not use DOS to print with. 11. Write Fault Select Retry to see if DOS can overcome the error. If it cannot select Cancel and you will be returned to an appropriate menu. If you continue to get this error repeatedly on a floppy or hard disk it indicates that the disk is going bad in the area reported by the Critical Error Reporting System. Appendix C Page 76 --------------------------------------------------------------- 12. Read Fault Select Retry to see if DOS can overcome the error. If it cannot select Cancel and you will be returned to an appropriate menu. If you continue to get this error repeatedly on a floppy or hard disk it indicates that the disk is going bad in the area reported by the Critical Error Reporting System. 13. General Failure May be caused by a floppy disk drive going bad. This is the only time the author has seen this critical error on his system. Select cancel to be returned to an appropriate menu, or abort to exit the program. PRINTER ERRORS --------------------------------------------------------------- The following errors are reported by the Printer Error Reporting System. 1. TIMEOUT - Printer has timed out. Select Cancel from the menu in the Printer Error Reporting System, reset your printer and try again. 2. I/O ERROR - Printer has encountered an I/O Error. Select Cancel from the menu in the Printer Error Reporting System and try again. 3. NOT SELECTED - Printer not turned on. Turn your printer on and select Retry from the menu in the Printer Error Reporting system 4. OUT OF PAPER - Put more paper in your printer and select Retry from the Menu in the Printer Error Reporting System. 5. BUSY - Usually means that the printer is turned on but is not on line. Put the printer on line and select Retry from the menu in the Printer Error Reporting System. Appendix D Page 77 --------------------------------------------------------------- PROGRAM LIMITATIONS --------------------------------------------------------------- The File Selection Screen will only handle: 1. 12 disk drives. 2. 1,000 directories on a disk drive. 3. 2,048 files in a directory. 4. 12 levels of Subdirectories. (DOS has 32) Floppy Disk Drive Systems: If your computer has only one floppy disk drive you are not allowed to use this drive as an A: and B: drive as some DOS utilities do. Appendix E Page 78 --------------------------------------------------------------- TERMINOLOGY --------------------------------------------------------------- Algorithm A set of rules for solving a problem in a finite number of steps. Back Door Used in reference to a formula in a Pseudo Random Number Generator. Allows whoever inserted the back door to decipher a message without knowing the seed number used to encipher it. Binary File Any file that does not meet the definition of a text file (See Below). Click To quickly press and release a mouse button. Command Bar A shadowed bar that carries out a command or action. May be activated by pressing the indicated Hot Key or clicking with the left mouse button. Common Command Bars are Quit and Help. Some Command Bars do not have a Hot Key. In that case use the indicated keyboard key (ie. PgUp, Home, End). Cursor Keys The Left, Right, Up, and Down Arrow keys. Ciphertext Plaintext that has been put through a transformation into secret form. Directory A collection of computer files (programs, data, and subdirectories) stored at the same location on disk. Directory Tree A graphic display of the directory structure on a disk. Shown as a branching structure that looks like a tree. All directories and subdirectories are branches off of the root directory. E-Mail Electronic Mail (messages) sent from computer to computer. Usually restricted to text files (See Below). File Group A group of four related files with the same name but different file extensions created by the program. The file extensions are PRM for Prime Number Files, DFT for Default Parameter Files, SCM for Scrambled Prime Number Files, and KEY for Key Files. Mouse Pointer The non-blinking rectangular box on the screen indicates the mouse position. Paging Keys The Page Down, Page Up, Home, and End Keys. The Home Key takes you to the beginning of a file or list. The End Key takes you to the end of a file or list. Appendix E Page 79 --------------------------------------------------------------- Plaintext A message that will be put into secret form (ie. data file). Prime Number Prime numbers are numbers that have only improper divisors (ie. only divisible evenly by themselves and one). Pseudo Random Numbers Numbers generated by a formula that exhibit properties of random distribution. Can be duplicated. Pseudo Random Number Generator A process that continuously generates pseudo random numbers under control of a formula. Seed Number The initial number used by a formula in a pseudo random number generator to start generating pseudo random numbers. Sometimes called a key or key number. Text File Any file that uses only the character codes 32 to 127, the carriage return, line feed, and tab control characters. Appendix G Page 80 --------------------------------------------------------------- PGP on PGP --------------------------------------------------------------- I have just received my first copy of Pretty Good Privacy (PGP) and have had a chance to look over the program and documentation. I still stand by my statement on page 61 that any program not based on the "One Time Pad" System can be broken by the NSA. The documentation for PGP has not changed my mind. Once you read the documentation you realize that they really use a conventional cipher called IDEA(tm) invented in Europe. The only part that uses the RSA algorithm is the encryption of the key for the conventional cipher. If the public key can be broken to get the secret key you can then get the key to the conventional cipher and decrypt the message. The math to retrieve a secret key from a public key is known and published. Anyone who thinks the NSA cannot break a public key is a fool. I will let PGP's own documentation say the rest. "A major vulnerability exists if public keys are tampered with. This may be the most crucially important vulnerability of a public key cryptosystem, in part because most novices don't immediately recognize it." "Another similar attack involves someone creating a clever imitation of PGP that behaves like PGP in most respects, but doesn't work the way it's supposed to. For example, it might be deliberately crippled to not check signatures properly, allowing bogus key certificates to be accepted." This is possible because the source code to PGP is published for anyone to use, change, etc. "An expensive and formidable cryptanalytic attack could possibly be mounted by someone with vast supercomputer resources, such as a Government intelligence agency. They might crack your RSA key by using some new secret factoring breakthrough." "Perhaps the Government has some classified methods of cracking the IDEA(tm) conventional encryption algorithm used in PGP. This is every cryptographer's worst nightmare. There can be no absolute security guarantees in practical cryptographic implementations." "They are concerned that the whole package is weakened if we use a hybrid public-key and conventional scheme just to speed things up. After all, a chain is only as strong as its weakest link. They demand an explanation for this apparent "compromise" in the strength of PGP. This may be because they have been caught up in the public's reverence and awe for the strength and mystique of RSA, mistakenly believing that RSA is intrinsically stronger than any conventional cipher. Well, it's not." AND THEY ARE RIGHT! INDEX Page 81 Achilles Heel...............64 DoD 5220.22-M...............46 Algorithm...................78 Dvorak, John C..............59 Association of Shareware Professionals (ASP) E_Mail, What is it..........39 Address..................5 El Gamal Encryption Disputes.................5 Algorithm...................59 Member...................5 Encipher/Decipher a File....35 Ombudsman................5 Errors Available by same Author.....6 Start Up/Termination....68 Program.................69 Back Door................59,78 Critical................74 Bamford, James..............59 Printer.................76 Block Cursor................15 Executing Global Security...12 Build a Prime Number File...25 Extended Error Byte Magazine...............60 Reporting System............21 Extract E-Mail Files........40 Chi Test....................50 Chime.......................16 FBI.........................61 CIA.........................61 Features.....................4 Ciphertext..................78 File Group..................24 Clear and Present Danger....67 File Selection Screen.......17 "Cloak and Data"............61 Four Ways to use Command Bars................16 Global Security Command Line Parameters Normal Encipher..........9 Any Order/Combination...12 E-Mail Encipher..........9 /B......................12 Storage on Disk..........9 /P......................12 One Time Pads............9 /T......................12 Frequency Distribution /V......................12 Tests.......................48 /C......................12 Functions Communications Satelite Build a Prime Corporation (COMSAT)........59 Number File.............25 Compressing Files...........32 Create a Default Computer Requirements.......10 Parameter File..........28 Create a Default Parameter Encipher/Decipher File........................28 a File..................35 Critical Error Generate a Key File.....30 Reporting System............20 Make a One Time Pad.....43 Pack/UnPack File(s).....32 Data Encryption Standard Scramble a Prime (DES).......................60 Number File.............29 Data Integrity Checks....34,38 Transform E-Mail Files..39 Decipher a File.............37 Wipe/Delete File(s).....45 Decompressing Files.........34 Default Parameter Files.....28 Grehan, Rick................61 Password Character Generate a Key File.........30 Positions...............28 Government Wipe Procedure...46 Random Factory Array Shift.............28 High RADIX 64 File Format...39 DIA.........................61 Directory...................78 "Inside Track"..............59 Directory Tree..............78 Installing Global Security..11 INDEX Page 82 Intercepting Computer Data PC Magazine.................59 and E-Mail Transmissions....53 PGP - Pretty Good Privacy...61 PGP on PGP..................80 Kahn, David.................63 Phi Test....................49 Kappa Sub r.................48 Phone System - Digital......62 Kappa Sub p.................48 Plaintext...................79 Kerckhoffs, Auguste.........48 Preface......................7 Keyboard President Truman, Harry S...59 Control C Key...........15 Prime Number................79 Keyboard (Cont.) Printer Control Break Key.......15 Extended ASCIIZ Escape Key..............15 Characters..............22 Function Keys...........14 Command Line Switch /P..12 Hot Keys................16 Emulation Modes.........10 Pause Key...............15 Laser...................10 Print Screen Key........15 Pause After Page........22 Key Files...................30 Print Screen Key........15 Printer Error La Cryptographie militaire..48 Reporting System........22 Lempel-Ziv-Welch Method.....33 Printer Errors..........76 Licensing....................6 Setup Problems..........22 Lucifer.....................60 Using...................22 Program Limitations.........77 Main Menu...................24 Public Key/Private Key......60 Make a One Time Pad.........43 Pseudo Random Numbers.......79 MCI.........................39 Pseudo Random Mouse Number Generator............79 Click...................78 Hide Pointer............15 Receive Only Station (RCV)..59 Pad..................16,23 Reconstruct E-Mail Files....41 Right Button............15 Registration Incentives......5 Using...................15 Rivest-Shamir-Adelman (RSA) Using the Mouse Pad.....23 encryption algorithm........60 RSA Data Security...........60 National Institute of Standards and Technologies..59 Scramble a Prime National Security Number File.................29 Agency (NSA)..............7,59 Secret Service..............61 Operation Shamrock......61 Senate Intelligence Committe Senator Church, Frank One Time Pad System Chairman................62 First Developed.........63 Tyranny Speach......62 First Used by...........63 Setting up the Group Files Rejected by.............63 and Passwords...............48 Unbreakable.............63 Shamir, Adi.................60 Using a One time Pad....55 Sorting Files...............19 Vigenere Tableau........55 What is a One Time Pad..43 Text File................39,79 Operation Shamrock..........61 "The CODEBREAKERS"..........63 "The Puzzle Palace".........59 Pack/UnPack File(s).........32 Tips on Using Global Pass It Along................6 Security in the Real World..52 INDEX Page 83 Tom Clancy..................67 Transform E-Mail Files......39 Transmitting Enciphered Files.......................49 Using a One Time Pad........55 What is Electronic Mail?....39 Why Encipher Data...........59 Why Global Security.........63 Wipe/Delete File(s).........45