perm filename CRYPT.HPM[UP,DOC]1 blob
sn#128269 filedate 1974-11-07 generic text, type C, neo UTF8
COMMENT ⊗ VALID 00004 PAGES
C REC PAGE DESCRIPTION
C00001 00001
C00002 00002 INTRODUCTION
C00005 00003 OPERATING THE CHECKER
C00010 00004 RUNNING THE PROGRAM
C00014 ENDMK
C⊗;
�INTRODUCTION
CRYPT is a program for enciphering arbitrary files, so as to
make them unreadable, and for deciphering them again. The
encipherment consists of exclusive or'ing a sequence of words
produced by a random number generator, with deliberately obscure
number theoretic properties, with the words of the file. The
decipherment repeats the process with the same pseudo random
sequence, restoring the file. The generator is seeded by a function
of the date and time of encipherment and a user supplied keyword. The
date and time is written out with the encrypted file so that it can
be combined, when the time to decipher arrives, with the keyword,
which the user must again enter correctly.
In order counter the main vulnerability of a program of this
type implemented on our system, namely the possibility that the
program itself can been altered by a fiend in some way that
compromises the security of the data handled by it (the original
file, for instance, or the user's keyword), the program is equipped
with a self checker. The checker is a nine word program whose
correctness the user can verify using the technique described on the
next page, and which he can then run to check the rest of the
program.
The overall protection provided is far from complete, but may
represent the best that can be done without massive manual labor, or
secure computing, somewhere along the link between our open system
and the user.
�OPERATING THE CHECKER
In order to ensure the integrity of your CRYPT core image,
you should say "GET CRYPT" (on whatever area the DMP file you like
lives. CRYPT[1,3] is the system version) to the monitor, and begin
examining the resulting core image at location 140, by issuing the
monitor command "E 140", and then simply "E" eight more times. The
result should be the following on your console (but keep in mind that
the very text of this writeup may have been tampered with!):
.GET CRYPT
JOB SETUP IN 1K
↑C
.E 140
140/ 205100 777322 .E
141/ 477140 4 .E
142/ 220140 0 .E
143/ 200242 140 .E
144/ 220240 3 .E
145/ 270200 5 .E
146/ 253100 142 .E
147/ 312200 1 .E
150/ 254200 0 .
If these nine words are as they should be, you are ready to
use them to check the rest of the program. This is done by depositing
an ODD number in location 0, and another number in location 1, then
starting the program at location 140. The checker computes
sigma(Wi*X↑i) mod 2↑35, where the Wi are the succesive words of the
core image, and X is the number you placed in location 0, and
compares this sum with the number you placed in location 1. If the
numbers are the same, the program continues, otherwise the test
fails, and the program halts.
The number placed in 0 is arbitrary, except that for the test
to be effective it must be odd. The number that should be deposited
in 1 is a function of that in 0, and can be determined the very first
time CRYPT is used (at which time you must use independent means,
such as carefully reading and then assembling a source of the
program, to assure yourself that the program is not already bugged),
by depositing your most secret ODD number in 0, starting at 140, and
then examining location 4, which contains the number you should have
placed in 1, when the program halts. Here is what should show on your
console (in addition to the stuff above)
After the first running:
150/ 254200 0 .DE leftX rightX 0
.S 140
HALT AT USER 150
↑C
.E 4
4/ leftY rightY
at which point you can continue running the program,
should you so desire, by typing
.CON
And on subsequent runnings
150/ 254200 0 .DE leftX rightX 0
.DE leftY rightY 1
.S 140
ENCODE OR DECODE:
where leftX and rightX are the left six octal digits of the word to
be placed in 0, and rightX are the right six digits (note that the
last digit in rightX should be a 1,3,5 or 7, to make X odd), and
similarly for leftY and rightY in word 1.
Don't forget to remember X and Y!
�RUNNING THE PROGRAM
After going through the verification procedure outlined on
the previous page (or, if you want to live dangerously, after simply
saying R CRYPT, or RU CRYPT on some other area), the program asks
ENCODE OR DECODE:
to encipher a file answer E<cr>, to decipher an enciphered file
answer D<cr> (longer strings begining with those letters will work
too). Enciphered files have a special enciphered file flag, which is
always checked. If the program is asked to encipher an already
enciphered file, or decipher a plaintext file, it will complain after
asking all its questions.
The next question is
INPUT FILE:
answer with the usual file spec, indicating which file you wish to
convert. The file name scanner is quite general and will probably
accept anything COPY will, including references to devices other than
DSK, missing "]", etc. If it doesn't understand, you will be asked to
try again.
The third query is
OUTPUT FILE:
same considerations as with the previous question, but say where you
want the converted file written. You may overwrite the input file if
you wish.
The final question is
KEYWORD:
respond with an arbitrarily long string of letters and special
characters, followed by a carriage return, but remember that if you
are enciphering, and you forget this string, you will be unable to
decipher.
In the keyword, lower to upper case conversion is done, and
Stanford special characters are converted to normal ASCII, so that
any keyword entered via a Stanford keyboard can also be expressed on
a normal teletype. The rule is, if the ASCII representation is
greater than 137, subtract 40, and if it is less than 40, add 40 (all
octal). Thus "↓" (down arrow) is equivalent to "!" (exclamation
point), etc.
If there are no problems, the program converts the file and
exits. The original file is left untouched unless you specified that
it should be overwritten by the converted version. If you wish to
convert another file, you may simply say "S" to the system. This
starts up your old core image at the "ENCODE OR DECODE:" question.