Classic Computer Magazine Archive ST-Log ISSUE 33 / JUNE 1989 / PAGE 66


Safe Keeping

by Mark E. Nelson

Safe Keeping is a file encryption program, used to keep sensitive files—either programs or data—secure from everyone except those with the correct password. The file is encrypted or encoded using the password as a key, then only the same password will decrypt the file. If you've wanted to keep your diary or journal on the computer, if you're writing a book or article that you'd like to keep private until it's thoroughly edited, if you have sensitive business documents or records stored on disk, or if you have any other privacy or security concerns, Safe Keeping can help.

Using the program

Double click on SAFEKEEP.PRG from the desktop, in either medium or high resolution. Click on OK to get past the copyright notice. Now select the options you prefer from the Options drop-down menu. You can choose to have the password echoed or shown on the screen as you type it. It's nice to have the echo turned off if someone is watching as you work, so that your password will remain confidential. You can also choose to have the encrypted or decrypted file that has been worked on automatically deleted. The defaults are echo on and delete off.

After you have selected your options, click on Lock/Unlock from the menu with the same name. The standard GEM file-selector box will be displayed, and you are told to select a file for encryption. The process is exactly the same for locking and unlocking files, and any type of file may be locked including programs, data, text, graphics, etc. Next you select the file name to be used for the new file, which is created by locking or unlocking a file. If you are locking a file, I suggest the extension .SAF be given the file to help you remember which files are locked and which are not.

Now you are prompted to enter a password. You may enter up to 80 characters including spaces, combination characters (such as Control-D, Alternate-K), punctuation, just about anything you can type except function keys. A password sequence that includes only alphabetic characters is the most common and the least secure. Longer password sequences are also more secure than short ones. If you have the "Don't echo password" option on, an asterisk will be shown for each character typed. Backspace to correct errors, and press Return when you're finished.

Safe Keeping will now begin the lock or unlock process on the file you have specified. The status of reading from the input file or writing to the output file is shown on the screen. If the file is larger than 100K, then multiple reads and writes will be required. If you have the delete option on, then Deleting will be shown as the file is deleted. Now you're ready to lock or unlock another file or quit.

A trial run

You may wish to go through this step-by-step trial run to get comfortable with Safe Keeping. A sample file called TEST.DOC is included on the disk to practice with.

  1. Double-click on SAFEKEEP.PRG from medium or high resolution.
  2. Click on Lock/Unlock from the drop-down menu.
  3. Select TEST.DOC from the GEM file-selector box.
  4. Type TEST.SAF in the new file-selector box.
  5. Type "cheese" as the password and press Return.
  6. Quit.
  7. Show the contents of TEST.SAF by double-clicking on it and then selecting SHOW from the alert box that appears. You'll see that it is just a bunch of garbage characters since it has been locked. Compare it to the original file by showing the contents of TEST.DOC.
  8. Double-click on SAFEKEEP.PRG to run it again so that we can unlock TEST.SAF.
  9. Click on Lock/Unlock, select TEST.SAF from the selector box, and then type TEST.TXT in the next selector box.
  10. Type "cheese" as the password.
  11. Quit, then compare the unlocked file, TEST.TXT, with the original file, TEST.DOC. They should be exactly alike.

Play with the test file, trying out the different options until you feel comfortable with Safe Keeping. It's easy to use, but you should be sure about what you're doing before you lock an important file. Use a password that you will easily remember, but that would be hard to guess. There is no way to find out what the password was if you have forgotten it, so be careful! If you do forget your password, leave the delete option OFF and try several guesses.

How the program works

Each byte of the input file is read into a 100K buffer. Then the first byte is exclusive-ORed (XORed) with the first character in the password and written to the output file. The second byte is XOR'd with the second character and written and so on. At the end of the password, we begin with the first character again.

The XOR is used because it is a simple function with the property f(f(x)) = x. In other words, we get back what we started with if we apply the function twice.

Here's how it works on the bit level. Suppose a byte in my input file contains binary 10101010, and the character I am going to XOR it with is binary 01110111. Remember that the XOR result is 1 if one of (but not both) bits is a 1, and 0 otherwise. To lock it:

input:          10101010
password char:  01110111
XOR result:     11011101

To unlock it:

locked byte:    11011101
password char:  01110111
XOR result:      10101010

I wrote the program using Personal Pascal Version 2. If you make a modification to the program that you believe makes it better, please send me a copy at the Atari Connection BBS at 801-377-1617. You can also leave any questions you have about the program there.

Mark Nelson is a computer science student at Brigham Young University and the father of three boys, Drew, Steven and Aaron. He spends his free time coaching tee-ball, wrestling on the family room floor and watching Sesame Street.