UPDATE: This program and documentation are a limited version (shareware) of our PCYPHER product line. For more information on PCYPHER File security/anti-virus PCYCOM Encrypted COMMUNICATIONS Encrypted Remote sites Anti-hacker IFF PCYNET Encrypted network COPYRITE Software Copyright Protection or any of our other lines of hardware and software SOFTWAR 804/375-7472 VOICE MAIL/OFFICE 6307 BRAMBLETON ROAD RICHMOND, VA 23234 INTRODUCTION COLD WAR ORPHAN OR NEW WORLD BABY? PCYPHER was born in the black, buried in a cold war computer lab, a tool of war. The intent was to devise an unbreakable code system for electronic combat. The war and much of the equipment for which PCYPHER was invented never happened. They disappeared along with the Berlin wall and the fall of the Soviet Union. However, just as a new world was dawning, we realized that much of the old world rules remain. The reason for PCYPHER has not changed. It is as old as mankind. To keep secrets... C.R. Smith 1993 YOUR DATA OR YOUR LIFE! PCYPHER will protect you from information theft. Much of what we are, will be and may become is lodged somewhere on a computer. Worse, that computer is our own! Each time someone else has access to your computer they have access to your life. Examples of life effecting information are easy to find, just look at your own PC. Spread sheets with financial data, investment data, tax forms, source code for programs. Computer data is even admissible as evidence in court. Even a simple diary may be so personally important that you would insist on locking it with an ordinary key. Today, in our network world, each time you sign onto a bulletin board you are inviting someone to rifle through your life without you knowing it. Each time you transmit data through a modem or fax board, you are also vulnerable. Each time a technician services your machine. Each night when you leave the office, your machine and someone else may be up working late. Just think of the possibilities a determined computer thief can use against you to break in to your open books. Don't loose any sleep over it. Your cure for this nightmare is PCYPHER. THREE WAYS TO KEEP YOUR SECRETS SAFE - NASTY - PASSWORD: PCYPHER allows you to protect yourself with three ways of encryption. First, the lowest level of security you may use is a PASSWORD up to 32 characters in length. Nice though passwords are, they are also easy to break. PCYPHER enhances your password powers by recognizing every KEY on the keyboard except the Enter, Backspace and Escape key. You may use upper/lower case letters, symbols, even the Home, End, Del, Ins and arrow keys. This increases your power to make passwords even your mother wouldn't know. NASTIER - USER KEY FILE: Second, a higher level of security you may use is a USER key file. The USER key file is much like an extended password. You can use any type of valid DOS file. Data, text or program. The advantage of a USER KEY file is that it is like a password. The USER key you select may be anything from a poem keyed in with a editor, a public document such as the Constitution (available from an on-line library) or even a DOS utility. You select it and it is the key. So beware non literate thieves! Once upon a midnight dreary... THE BIG UGLY - PCYkey FILE: Finally, PCYPHER uses a method that only your computer and you can make. PCYkey (pronounced: si-kee) is a randomly generated key file that uses our own specially written version of a one time pad system. The only system that is in theory and in practice that cannot be cracked. The use of a PCYkey is the ultimate in security even if the concept of keeping a key is as old as the front door. However, a PCYkey can only be made by you. No two PCYkeys are alike. Your data is not really stored but smashed with a key that defies reproduction. Even the big boys with their super-computers will spend years (and millions $$) trying to work this baby out. Worse still, if you loose your PCYkey... You can forget calling the SOFTWAR office. Even we can't break in! INSTALLATION: PCYPHER is easy to install. There are only two files on the entire diskette that one can execute. PCYPHER.EXE and PCYPHER.88. PCYPHER is built for a 80286 or above machine but we have taken heart for those of you with the millions of 8088 (XT type) computers. Therefore there are two versions. You may put PCYPHER anywhere on your computer with a simple COPY command. PCYPHER is no different that any DOS utility command. SAMPLE HARD DRIVE INSTALLATION: BOOT YOUR MACHINE NORMALLY. ENTER AT THE DOS PROMPT: MKDIR \PCYPHER CD \PCYPHER INSERT DISK INTO DRIVE A: *** IMPORTANT! *** IF YOU HAVE A 80286 (AT) OR ABOVE MACHINE ENTER: COPY A:PCYPHER.EXE/V IF YOU HAVE A 8088 (XT) MACHINE ENTER: COPY A:PCYPHER.88 PCYPHER.EXE/V You may want to include PCYPHER in your PATH calls by changing or adding: PATH C:\PCYPHER;C:\DOS;C:\DATA PCYPHER OPERATIONS: PCYPHER is easy to use. It can be run standalone from the DOS prompt: >PCYPHER The menu driven form of PCYPHER has six selections: F1 = HELP MENU F2 = PCYPHER A FILE F3 = DE-PCYPHER A FILE F4 = PCYkey MENU F5 = RUN 2ND COPY OF DOS ESC = EXIT TO DOS THE HELP MENU The Help Menu is a quick flash card of PCYPHER commands, intended to supplement this manual. PCYPHER A FILE The F2 PCYPHER command encrypts your data. You must select a method of PCYPHER, either password, User KEY file or PCYkey file. If you select a key file mode then you must also provide the file name. Finally, you must provide the file you wish to PCYPHER. Valid DOS file names must be used or standard globals. For example: C:\YOUR\DATA.DAT A:TEXT.DOC C:MY*DAT.TXT <--- THIS IS AN EXAMPLE OF GLOBALS * E:\PROGRAM.EXE D:*.* <-- THIS IS AN EXAMPLE OF GLOBALS * DE-PCYPHER A FILE The F3 DE-PCYPHER command de-crypts your data. You must select a method of DE-PCYPHER, either password, User KEY file or PCYkey file. If you select a key file mode then you must also provide the file name. Finally, you must provide the file you wish to DE-PCYPHER. PCYkey MENU This option creates a PCYkey file that you can use to lock and un-lock your data. You should write your key separate from your PC on a 5 1/4 or 3 1/2 diskette. Your PCYkey file can be any size from 16K bytes to 32 Meg in size. *** SHAREWARE NOTE *** YOU ARE LIMITED TO ONLY A 16K KEY - Commerical version of PCYPHER contains the 32 MEG PCYPHER. *********** You should tailor your PCYkey file to the maximum size of file you are locking, or use the entire diskette. If you cannot store the PCYkey file separate, then a simple USER key or password can be used to super-Pcypher and scramble your PCYkey file (see the Section on Security). It not necessary to change your PCYkey file unless you believe that it has been compromised. However, good security routines require periodic key changes. If the material or situation requires it then you can change your key (or even method of key) during PCYPHER operation. The best method is to create a new PCYkey file during each user session. You may not elect to do this but it is STRONGLY recommended that you change your PCYkey as often as you would a password. This will foil anyone who has had access to your key file or obtained it without your knowledge. RUN 2ND COPY OF DOS This option allows you to enter your own DOS partition and return to PCYPHER. PCYPHER uses only about 60K of memory so you can run other applications with the standard 640K memory systems. This allows you to enter your own user programs with un-locked data and then return to lock them. OPTION TWO - BATCH (FROM DOS PROMPT) MODE PCYPHER can also be run directly from the DOS prompt and has nearly all the functionality of the ON-LINE MENU form. The only exception is the PCYkey MENU. Please use the ON-LINE MENU to cut a new PCYkey file. Format must be separated by commas. PCYPHER INFILE,KEYFILE/KEYTYPE,RUNFILE,COMMAND Where: INFILE = VALID INPUT FILE NAME DOS STANDARD KEYFILE = VALID KEY FILE NAME DOS STANDARD IF NO KEY FILE SPECIFIED THEN PCYPHER WILL PROMPT FOR PASSWORD. KEYTYPE = /U - USER file = /P - PCYkey file BE SURE TO PROVIDE THE /U OR /P FOR THE KEY TYPE. THE DEFAULT IS /P - PCYkey. RUNFILE = IF R COMMAND SPECIFIED THEN .COM .EXE .BAT FILES OR IF NONE THEN DOS. COMMAND = P - PCYPHER INFILE. = D - DE-PCYPHER INFILE. = R - DE-PCYPHER INFILE, EXECUTE RUNFILE AND PCYPHER INFILE. = V - ANTI-VIRUS FEATURE Examples: DE-PCYPHER file EXAMPLE.DAT with file POEM.KEY which is a User (non-PCYPHER) file. >PCYPHER EXAMPLE.DAT,POEM.KEY/U,,D PCYPHER file EXAMPLE.DAT with a password. >PCYPHER EXAMPLE.DAT,,,P DE-PCYPHER all files EXAMPLES.* (with any extension) with file MYKEY.KEY which is a PCYkey file (made by PCYPHER). Execute file EDITOR.EXE and then PCYPHER all files EXAMPLES.* >PCYPHER EXAMPLES.*,MYKEY.KEY/P,EDITOR.EXE,R As you can see the batch option gives you the power to execute directly from the DOS prompt. This allows you to not only access your files from within a program it also allows you to establish file processes for user security. You can PCYPHER your own application program and then use the R option to DE- PCYPHER/RUN/PCYPHER. Better still, you may execute your DE- PCYPHERed program and then delete it (be sure to write 0s over it first or someone may be able to recover it). This option also allows for password/User key/PCYkey entry into your own application programs. Simply use PCYPHER to code string data and check the for the proper values in your own user based program. ANTI-VIRUS FEATURE - COPYRITE has an additional anti-virus check features that runs from the DOS batch prompt. This feature does not allow the locked file to be altered and will alert the user if an alteration was detected. If a virus attempts to enter a locked file then it will no longer execute. If a virus attempts to enter a locked file while you are executing it then it will notify you of the ERROR when your escape to DOS. THIS EXAMPLE PERFORMS A VIRUS CHECK ON AND EXECUTES PROGRAM.EXE: >COPYRITE PROGRAM.EXE,MYFILE.KEY/P,PROGRAM.EXE,V BACK-UP OPERATIONS - If your DE-PCYPHER is unsuccessful (double check your password/User Key or PCYkey) then PCYPHER will not unlock your data. However, even upon successful exit, or if there is a power loss during the DE-PCYPHER operation, then there is a backup file with the same name as your original file. Except, it will have a extension of .PCY. This is the PCYPHER (locked) file backup. If you need to try again, simply copy the .PCY file to its original name and try again. DISK SPACE REQUIREMENTS - PCYPHER uses about 52K of disk space for the .EXE program and resides in 60K of memory. It is not a exit-and-stay-resident program but more closely resembles a copy or backup utility. PCYPHER can create files both larger or smaller than the original data because of several compression algorithms. Additionally, PCYPHER can require either a User key file or a PCYkey file. Because PCYPHER is an I/O oriented program it is limited by your disk speed. You can improve on this by using a RAM drive. Consult your PC DOS user guide for creating and using a RAM drive. SYSTEM REQUIREMENTS - DOS 3.3 or above XT version = 8088 AT version = 80286 and above ELEMENTS OF DATA SECURITY PCYPHER is a data security product, capable of rendering your files useless to anyone but you. However, there are many things that can enhance your usage of our product. KEY SECURITY The three methods of encryption given allow you to select both the means and the content of the key that locks your data. Password security is difficult other than change your password often, and use something ONLY YOU WOULD KNOW. Examples of passwords not to use are obvious: PASSWORD, YOUR NAME, THE FILE NAME, COLORS, 12345, ABCDEFG. Try something only you know. The name of your first boy/girl friend, the names of flowers, stamps, airplanes, cartoon characters. Anything but what you normally discuss with other people. Use passwords for the lowest level of security, or for operations where a short, in-destructible key is required. The User file is one step above a password in that it can be a non-physical key, such as a poem, selection of literature, document that is memorized. You can use any type of file for a user key but I suggest you stay away from files where a large number of repetitive data or duplicates exist. BE CAUTIOUS about this because such files maybe easily found or duplicated. Documents, help files, data and text files are far more preferable to .EXE or .COM files for a User key. The PCYkey file is above both methods in security but you can't simply key one in. However, the concept of a key is not foreign to anyone in the modern world... Why not carry it on a 5 1/4 or 3 1/2 diskette in you pocket? Do you leave your keys out in the office for everyone to use? Not likely. So, taking a diskette is not unusual to anyone working with a PC. Simply make a backup copy of the PCYkey and stash it somewhere physically safe (with you, your dog, your spouse, in a safety deposit box). If you change your PCYkey just make another copy. ALWAYS BACKUP ALL YOUR DATA AND YOUR PCYKEYS AND STORE THEM OFFSITE. This last prudent move is for those of you who do not want to go out of business if a storm, or terrorist (can you say Florida or New York?) strikes. Please note, the firms who had offsite backups were up and operating in hours, capturing vast amounts of business their idle brethren lost. I recommend a safety deposit box since I am partial to large, fire/water/bomb proof safes and paying a weekly visit to the bank is not unusual for anyone with a loan payment. Please note that a PCYkey file has may advantages over both the User file and the password method. I recommend that the PCYkey file become your daily lock and the password/User file be used if it is not available. Why? Simply because even if the un-coded version of a data file were made available it is still impossible to unlock or deduce the PCYkey file. This is because being a random based file system and using our special version of the one time key pad system enables PCYPHER to lock each file differently. Even if you were to lock the same file twice, it will still be different in content if not in size. Although, this is also applied at a lower level in the Password and User key file functions, only the PCYkey system can lock/unlock your data in a one time fashion. PCYRUN - A USER RUN TIME MODULE. You may be also working at a user site, in which various levels of security are required. Only those with the most secure levels of capability should possess PCYPHER because the product can encrypt data with a variety of methods. Some of this power you may not want to give to your user community. Thus, we created PCYRUN, a run-time version for more controlled access. PCYRUN cannot cut a PCYkey file. PCYRUN will not allow you to change your password or key file. PCYRUN does not even run with menu or help operations. Why defang PCYPHER so much? Simple: EMPLOYEE DATA SECURITY You can create data and execution streams coded with a password/key file you create and control. The user must either enter the password designated or the key file. Format must be separated by commas. PCYRUN INFILE,KEYFILE/KEYTYPE,RUNFILE,COMMAND Where: INFILE = VALID INPUT FILE NAME DOS STANDARD KEYFILE = VALID KEY FILE NAME DOS STANDARD IF NO KEY FILE SPECIFIED THEN PCYPHER WILL PROMPT FOR PASSWORD. KEYTYPE = /U - USER file = /P - PCYkey file BE SURE TO PROVIDE THE /U OR /P FOR THE KEY TYPE. THE DEFAULT IS /P - PCYkey. RUNFILE = IF R COMMAND SPECIFIED THEN .COM .EXE .BAT FILES OR IF NONE THEN DOS. COMMAND = D - DE-PCYPHER INFILE. = R - DE-PCYPHER INFILE, EXECUTE RUNFILE AND PCYPHER INFILE THEN RETURN TO DOS. PCYRUN PCYRUN is a run time version of PCYPHER which does not allow the user to change KEY files or passwords. You can, therefore, assign passwords, use KEY files to lock data, and even develop programs that are protected by PCYPHER. PCYRUN is what you would give to a user. DO NOT DISTRIBUTE PCYPHER TO UNKNOWING USERS! PCYPHER's power allows them the option to change passwords and key files (lock you out). Instead, the de-fanged version of PCYPHER is called PCYRUN. TO INSTALL: SAMPLE HARD DRIVE INSTALLATION. BOOT YOUR MACHINE NORMALLY. ENTER AT THE DOS PROMPT: MKDIR \PCYRUN CD \PCYRUN INSERT DISK INTO DRIVE A: *** IMPORTANT! *** IF YOU HAVE A 80286 (AT) OR ABOVE MACHINE ENTER: COPY A:PCYRUN.EXE/V IF YOU HAVE A 8088 (XT) MACHINE ENTER: COPY A:PCYRUN.88 PCYRUN.EXE/V You may want to include PCYPHER in your PATH calls by changing or adding: PATH C:\PCYRUN;C:\DOS;C:\DATA PCYRUN EXAMPLES. PCYRUN supplies you the security officer several levels of control. Simply including it in the AUTOEXEC.BAT stream to decode files in a specific drive\directory with the individual password controlled (distributed) by you. These samples use passwords that you assign to your users. 1 - PASSWORD PROMPT: SAMPLE BATCH STATEMENTS TO DECODE ONLY C: CD \BILL PCYRUN C:\BILL\*.*,,,D C:\YOUR\SOFTWARE.EXE 2 - PASSWORD PROMPT: SAMPLE BATCH STATEMENTS TO DECODE/RUN YOUR SOFTWARE/RECODE & EXIT C: CD \FRED PCYRUN C:\FRED\*.*,,C:\YOUR\SOFTWARE.EXE,R These are key file samples, either USER or PCYkey, that you give to your users. 1 - USER CREATED KEY FILE: SAMPLE BATCH STATEMENTS TO DECODE WITH USER FILE IN A DRIVE C: CD \DICK PCYRUN C:\DICK\*.*,A:DICKS.KEY/U,,D 2 - PCYkey KEY FILE: SAMPLE BATCH STATEMENTS TO DECODE/RUN YOUR SOFTWARE/RECODE & EXIT C: CD \HARRY PCYRUN C:\HARRY\*.*,A:HARRYS.KEY/P,C:\YOUR\SOFTWARE.EXE,R PCYNET - A MULTI-USER VERSION Network environments are supported through the SHARE command of DOS 3.1 or higher. PCYNET for super-users (SECURITY) and the companion run-time version for users lock all files during read/write operations. This will allow all users the capability of using present Network software without compatibility problems. TO INSTALL: SAMPLE HARD DRIVE INSTALLATION. BOOT YOUR MACHINE NORMALLY. ENTER AT THE DOS PROMPT: MKDIR \PCYNET CD \PCYNET INSERT DISK INTO DRIVE A: *** IMPORTANT! *** IF YOU ARE THE SUPER USER (SECURITY) ENTER: COPY A:PCYNET.EXE/V IF YOU ARE INSTALLING A USER ENTER: COPY A:PCYRUNET.EXE PCYRUNET.EXE/V To execute the LOCK/UNLOCK functions you must install the DOS SHARE command. You may want to include PCYPHER in your PATH calls by changing or adding: PATH C:\PCYNET;C:\DOS;C:\DATA This is a sample NETWORK startup requiring a separate PCYkey file that must be accessible to the user. 1 - PCYkey KEY FILE: SAMPLE BATCH STATEMENTS TO DECODE WITH PCYkey IN F (SHARED) DRIVE F: CD \USER1 PCYRUNET F:\USER1\*.*,F:\SUPER\USER1.KEY/P,,D 2 - PCYkey KEY FILE: SAMPLE BATCH STATEMENTS TO DECODE/RUN YOUR SOFTWARE/RECODE & EXIT F: CD \USER99 PCYRUNET F:\USER99\*.*,F:\SUPER\USER99.KEY/P,F:\YOUR\SOFTWARE.EXE,R PCYNET and PCYRUNET in a NETWORK PCYNET and PCYRUNET lock all files selected during file read/write execution is taking place. This includes both your user files being coded/decoded as well as any key file being used during the operations. Others in a multi-user environment will experience a system error (file lock) if any attempt is made to access these files during this operation. This will not interfere with any of your software because once you have completed the read/write operation your data files are controlled by you. Access to them when they are decoded or open must be restricted at your system or software level. PCYNET and PCYRUNET will lock your data files only during read/write operations.