SCRAM.TXT rev 1 96-09-18 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * THIS DOCUMENT IS COPYRIGHT (C) 1988, 1996 BY HERNE DATA SYSTEMS LTD. THE MATERIAL CONTAINED HEREIN MAY BE FREELY USED FOR PERSONAL INFORMATION ONLY. IF YOU REPRODUCE IT, THIS COPYRIGHT NOTICE MUST NOT BE REMOVED. THIS MATERIAL MAY NOT BE EXPLOITED FOR COMMERCIAL PURPOSES. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * Herne Data Systems Ltd., PO Box 250, Tiverton, ON N0G 2T0 CANADA. Voice/fax 519-366-2732, e-mail hernedata@mail.bmts.com, internet: http://ourworld.compuserve.com/homepages/herne_data * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * Scramb'ler-128 C-128 CP/M Disk Encryption System Users' Guide (version 2.0) (c) Copyright 1988, 1996 Herne Data Systems Ltd. The Fine Print ============== Scramb'ler-128 is a copyrighted program written by Miklos Garamszeghy for Herne Data Systems Ltd. You may reach us at: Herne Data Systems Ltd. PO Box 250 Tiverton, ON N0G 2T0 CANADA voice/FAX (519) 366-2732 e-mail: hernedata@mail.bmts.com or 72060.1153@compuserve.com http://ourworld.compuserve.com/homepages/herne_data ============================================================ Note: Scramb'ler-128 is no longer fully supported by Herne Data Systems Ltd. We regret that we are unable to provide any future updates to the program. However, it is being released as "freeware" for the benefit of those who may still have a use for it. (Visit our website, or contact us by e-mail if you have any comments or questions concerning the program. We will try to answer your questions, but due to the age of the program, we can't promise anything.) ============================================================ The Scramb'ler disk formatter is intended to format new blank disks only. Because it will destroy all existing data on a floppy disk, Herne Data Systems assumes no liability for losses caused by misuse or abuse of this product. This responsibility rests solely with the end user. PLEASE REMEMBER YOUR ENCRYPTION PASSWORDS. THE PASSWORD IS NOT STORED ANYWHERE, EXCEPT IN YOUR OWN MEMORY. YOU WILL NOT BE ABLE TO USE YOUR ENCRYPTED DISKS WITHOUT THE PASSWORD. This manual assumes that the reader is reasonably familiar with C-128 CP/M concepts and terminology and has a basic understanding of how to use his/her computer. Introduction Scramb'ler-128 is a user transparent high security disk encryption system for the C-128 in CP/M mode. The system physically encrypts all data (using a special disk format and including the directory) based on a user selected four to twenty-four character password. The encryption and decryption is done automatically at the CP/M BIOS level and will not interfere with normal user programs. In addition, the encryption driver is also transparent to non-encrypted disks (i.e. you still have full access to normal, non-encrypted disks when Scramb'ler is installed, and can copy back and forth between encrypted and non-encrypted disks transparently). Scramb'ler is ideal for anyone who wants to protect sensitive or confidential data from un-authorized access. Teachers can use it in classroom settings to keep student grades and test results away from student snooping. (It has often been said that many students are more computer literate than many of their teachers and have little difficulty bypassing normally 'secure' data storage systems.) Doctors, lawyers, accountants and other professionals can make use of Scramb'ler to protect confidential client records. YOU could even use it to keep Aunt Martha's secret cake recipe that has been handed down to selected family members over the generations. In short, anyone who deals with private information can benefit from using Scramb'ler. Scramb'ler consists of two parts. These are: SCRAM.COM is the encryption driver which normally does most of the work. SCRAM.COM installs itself in BANK 0 as a memory resident part of the CP/M BIOS. All subsequent floppy disk access from drives A: to E: is channelled through this driver. Disk access requests for normal (non-encrypted) disks are automatically directed back to the standard BIOS routines, while those for encrypted disks are handled by the special encryption code. SFORM.COM is used to format new disks for use with the Scramb'ler system. Note that as part of the security features of Scramb'ler, a special floppy disk format is used. This disk can only be created using SFORM.COM. NOTE: Because it relies on hardware specific features of the C-128, it will not work on any other CP/M based computer. In addition, you cannot boot your CP/M system from a Scramb'ler disk. What You Need to Use Scramb'ler In order to use Scramb'ler-128 you will need a Commodore C-128 or 128-D computer operating in CP/M mode with at least one 1571 or 1581 disk drive. (The built in drive on the 128-D is equivalent to a 1571.) Scramb'ler supports up to four physical disk drives, labelled A: to D:. It also supports the virtual drive E:, which is shared with the physical drive A:. Scramb'ler works in either 40 column or 80 column CP/M mode. You can use any version of the C-128 CP/M boot disk. Installing the Scramb'ler Driver The first thing you must do to use the Scramb'ler system (after making a back up copy of your original Scramb'ler disk, of course) is to install the SCRAM.COM device driver. To install the encryption driver, type in: SCRAM {password} where: {password} is a 4 to 24 character password of your choice. The characters can be anything that you can type in from the keyboard, including letters, numbers, symbols, and even some control codes. Lowercase letters are equivalent to uppercase letters in the password. The password cannot have leading spaces, but may include embedded spaces in the character string. Choose a password that is easy for YOU to remember without being too obvious to an outsider who might try to guess it. Once chosen, guard it carefully as you would your banking machine security code. is the normal carriage return or ENTER key. If the {password} is shorter than 4 characters or longer than 24 characters, you will get a summary instruction screen and the driver will not be installed. Some examples are: SCRAM MYDISK to install the encryption system with the password 'MYDISK'. SCRAM REDDOG-123 to install the encryption system with the password 'REDDOG-123'. Only one password can be installed at any given time, and is active for all compatible drives on your system. If you have previously installed a password, and wish to change it, just type in: SCRAM {new password} and the new password will automatically replace the old one. NOTE: Although the SCRAM driver is memory resident, it does not become a permanent part of your CP/M operating system. Therefore, if you wish to use encrypted disks, you must install the driver each time you start up your system. When installing SCRAM for regular use, you must use the same password as you used when the disk was formatted with SFORM, otherwise you will not be able to access the data on the disk. SCRAM can be installed automatically as part of your PROFILE.SUB start up routine. However, this is not normally recommended for security reasons. All someone intent on breaching your security has to do is to look at your PROFILE.SUB file to discover your password. Once the SCRAM driver has been installed, you can fully access the encrypted disks as if they were normal disks. User programs and applications, such as data base programs and word processors as well as system utilities such as file copying programs and assemblers, will treat the disks like normal disks AS LONG AS THE CORRECT PASSWORD HAS BEEN INSTALLED. OTHERWISE, YOU WILL NOT BE ABLE TO ACCESS ANYTHING ON THE ENCRYPTED DISKS, EXCEPT FOR POSSIBLY SOME RANDOM JUNK. SCRAM is compatible and transparent with all normal CP/M programs. It is also fully compatible with, and can be co-resident with, other Herne Data Systems products, such as Jugg'ler-128 (which allows your C-128 in CP/M mode to read, write and format over 140 types of standard MFM CP/M disk formats) and QDisk (a non-volatile CP/M RAM Disk driver for use with the Quick Brown Box battery backed RAM cartridge). However, in the case of non-standard programs (such as possibly other custom system enhancements) which MAY use the same normally un-used BANK 0 memory areas as the SCRAM driver (we don't know of any that fit into this category), you may want to un-install the SCRAM driver before using them. To un-install the SCRAM driver, type in: SCRAM /U The driver will be un-installed and the CP/M system returned to its 'normal' state. If the SCRAM driver was not installed, an error message to that effect will be displayed. Using a Scramb'led Disk Scramb'led disks can be used by all standard CP/M programs just like normal disks. Support for them is provided automatically by the patches to the CP/M BIOS. When you try to access a Scramb'led disk, the CP/M operating system will recognize it as an MFM disk and prompt you through the MFM disk type selection box (which will appear on the disk status line) to select the correct disk type. (Unfortunately, the C-128 CP/M system is not smart enough to be able to distinguish among MFM disks which have the same physical format, but different logical formats. In recognition of this, a method is provided for manually selecting similar MFM disk types.) Normally, you will have three choices: EPSON QX-10 (which is NOT a Scramb'led disk format), SCRAM 71 (which is used with the 1571 drive) and SCRAM 81 (which is used with the 1581 drive). Use the <-- and --> (cursor left and cursor right) keys in the cursor control keypad at the top right of the main keyboard to select the correct format, then press . Once you have selected the correct format, all disk access will appear (at the user level anyway) to be normal. The only difference that can be observed at the user level is that the track and sector access message normally displayed on the disk status line will not operate when accessing a Scramb'led disk. It will, however, operate normally when accessing a non-Scramb'led disk. Since the password is used to select the logical disk format, it may appear that some passwords are 'faster' than others. This is because the use of certain sector skew factors on the disk affect disk access speed slightly. By trying various passwords, you can experiment to find one which provides the best combination of speed and security for your own personal use. NOTE: ALWAYS BE SURE THAT YOU HAVE THE CORRECT PASSWORD INSTALLED WHEN USING A SCRAMB'LED DISK, ESPECIALLY WHEN WRITING FILES TO IT. ALTHOUGH THE OCCURRANCE IS VERY RARE, RANDOM BYTE PATTERNS ON A DISK MAY CAUSE IT TO APPEAR TO BE WRITABLE UNDER A DIFFERENT PASSWORD, BUT WILL IN ACTUALITY OVERWRITE AND DESTROY EXISTING DATA ON IT. Just like normal CP/M disks, you can also use CP/M file password protection and time and date stamping with your Scramb'led disks. Formatting a New Disk The program SFORM.COM is used to format new disks for use with the Scramb'ler system. Physically, the disk format is 512 bytes per sector, 10 sectors per track. (This is identical to the EPSON QX-10 format normally supported by C-128 CP/M.) The 5-1/4 inch format for the 1571 drive has a capacity of slighlty under 400k bytes, while the 1581 can hold just about 800k. To start up SFORM, simply type in: SFORM and you will be guided through the disk formatting process with a series of menu screens, prompts and status displays. NOTE: BEFORE USING SFORM, YOU MUST HAVE ALREADY INSTALLED SCRAM.COM WITH A PASSWORD. SFORM WILL QUIT WITHOUT DOING ANYTHING IF SCRAM IS NOT INSTALLED. The first thing that SFORM will prompt you for is the drive letter to do the formatting on. Type in the appropriate drive letter (A: to D:) followed by the key to select a drive, or just the key alone if you wish to quit the program without proceding. (Note that the virtual drive E: is not supported by SFORM because it is physically the same as drive A:.) When it is ready to go, SFORM will prompt you to insert a disk into the specified drive. At this point, you can either insert the disk and press to procede, or press the key to abort and return to the 'select drive' menu. If SFORM detects that there is no disk in the target drive, an error message will be displayed, and the process will be terminated. NOTE: THE FORMATTING PROCESS WILL DESTROY ALL EXISTING DATA ON THE DISK. IT SHOULD ONLY BE USED FOR CREATING NEW BLANK DISKS. SFORM will automatically determine if the specified drive is a 1571 or a 1581 drive and will format the disk accordingly. If SFORM detects that the drive is neither (such as a 1541 drive), an error message will be displayed, and the process terminated. Once SFORM begins its formatting operation, a status message will be displayed indicating the current process. The formatting process consists of two steps: the physical formatting of the disk, and creating the directory area. The directory area will be encrypted using the currently installed SCRAM.COM password. Once the disk has been created, its password cannot be changed without reformatting the disk. NOTE: REMEMBER YOUR PASSWORD!! THE PASSWORD FOR THE DISK IS NOT STORED ANYWHERE ON IT, IN ANY FORM. IF YOU FORGET YOUR PASSWORD, YOU ARE OUT OF LUCK, BECAUSE THE ENCRYPTED DATA ON THE DISK CANNOT BE RECOVERED. When the formatting is complete, you will be asked if you wish to format another disk. Type in Y, for yes, followed by to go back to the 'select drive' menu, or any other response to exit SFORM and return to the CP/M prompt. All About Passwords CP/M provides rudimentary password protection for disks and files. However, security under that system is minimal at best. The password is used by the system to control access to a file's directory entry. Under this system, the file password is encrypted with an XOR mask and stored as a second directory entry. The XOR encryption key (which is calculated from the password itself), is stored in the same directory entry as the password it is supposed to protect. The 'protected' file itself remains unchanged on the disk. Obviously, it does not take much in the way of imagination to envision a programmer by-passing the system and accessing the files directly, either by de-coding the password or by viewing the disk with a sector editor. (See the document "The CP/M Disk System", available from the Herne Data Systems website, for details on standard CP/M password structures.) The Scramb'ler system works on an entirely different principle. It transparently encrypts the data on a disk. Everything from the directory to the file data is encrypted, so an avid snooper will not be able to find out the names or locations of files on the disk even using sector editors. With Scramb'ler the password can contain from four to twenty-four characters. The password is used for a number of purposes. Besides the obvious one of providing an encryption mask, it is also used to decide the logical format of the disk. Certain bits in the password control the logical disk parameters such as the sector skew factor. These parameters affect WHERE particular data may be located on the disk. In fact, there are 512 logical disk formats used by Scramb'ler, providing the first level of system security. Other bits in the password are used to determine a secondary encryption mask which is extracted from the system ROM chips. This mask provides a pseudo random source of bits which are combined with the password bits to produce a 512 byte 'primary key'. At disk access time, this primary key is then combined with yet another key, which is extracted from a different system ROM based on the track and sector number being accessed by the system, to provide the final key used to encrypt the data on the disk. The result of this multiple key system is to produce a unique 512 byte key for every sector on the disk! Now that is security. The Scramb'ler password can have from 4 to 24 characters in it. Just how secure is this? Well, the characters can be anything that you can type in from the keyboard, including letters, numbers, symbols, and even a few of the control characters, with the exception that the password cannot start with a SPACE character. (The Scramb'ler system removes all leading spaces from the password.) Since lower case letters are automatically converted to uppercase when parsed from a CP/M command line, lower case letters in a password, such as a, are treated the same as upper case (A in this example). This gives a total of about 75 possible characters to use in the password. If you have four characters in your password, these 75 available ones will give over 31 million different combinations. If you increase the password length to 5 characters, the total becomes over 2 billion; 6 characters gives you 180 billion combinations while 7 characters gives you over 10 trillion (1 followed by 13 zeros), and 8 characters in the password results in over 1 quadrillion possible combinations. If you really want to get secure, you can go all the way up to 24 characters in your password which will give you an astronomically high 10 to the power of 45 combinations (a one followed by 45 zeros). To put some of these numbers in perspective, if you choose an 8 character password, and had a super computer capable of trying a million combinations per second, it would take 32 years of solid number crunching to try all of the combinations using a 'brute force' attack. (You would also need to have a copy of the C-128 ROM code on your super fast computer to generate the unique keys for each sector, and be able to find the correct sector on the disk). If you used a 24 character password, the same ultra fast computer would take... well a r-e-a-l-l-y long time (you get the picture). Note, however, that password security depends ultimately on the password being readily available to the authorized user and not easily guessable by the un-authorized snoop. In short, keep your password(s) a secret. NOTE: PASSWORD SECURITY MAY PREVENT UN-AUTHORIZED PEOPLE FROM READING YOUR DATA, BUT IT WILL NOT PREVENT MALICIOUS DESTRUCTION BY CHANGING THE DATA WITH A SECTOR EDITOR, FOR EXAMPLE. The Technical Details Scramb'ler works on the basis of tapping into the CP/M BIOS extended disk parameter headers for drives A: to E: to insert transparent encryption routines. These routines are located in normally unused RAM in BANK 0 starting at address hex $4400. The encryption works by a simple logical XORing the disk data with a 512 byte encryption mask or key. The XORing process is used because it is fast and reversible (i.e. if you XOR a byte value with a key, you will get an encrypted value. If you then XOR the encrypted value with the SAME key, you will get back the original byte value.) and provides an encrypted byte that is not readily apparent from examining the original byte. The key is composed of several elements including the user selected password and 'random' byte patterns extracted from system ROMs. Because of this, disks encoded on one computer may not work on another or disks encoded on your machine may not work on it if you change the ROM chips. The native mode C-128 KERNAL and BASIC ROM chips are used as well as the Z-80 ROM code. The physical disk format is 10 sectors of 512 bytes each per track (numbered 1 to 10), with 40 tracks on the 1571 drive and 80 on the 1581. The disk has 2k byte allocation units and 128 directory entries. The logical sector skew is variable and is determined by some aspects of the password. The location of the directory track is also variable, depending on the password. The MFM disk parameter entries for the encrypted disks are contained in the normal CP/M DPT area. However, the entries for these new types (dubbed SCRAM-71 and SCRAM-81) over-write and replace two existing entries in the table. These entries, which are seldom used by most C-128 users, are the EPSON EURO and SLICER disk formats. If you wish to use these two formats simultaneously with Scramb'ler, you will have to re-install them with a multpile disk support program such as Jugg'ler -128 (also available from Herne Data Systems) Error Messages SCRAM and SFORM contain extensive error detection and correction routines. They may display a variety of error messages. These are summarized below. Not a 1571 or 1581 drive: You have attempted to format a Scramb'ler disk on a 1541 or similar drive. SFORM and SCRAM only work with the 1571 and 1581 disk drives. The formatting process has been halted. This message may also appear for other un-defined errors that may occur during the formatting process (eg. if you remove the disk from the drive half way through the formatting process.) Scramb'ler driver not installed: This message can appear with either SFORM or SCRAM. With SFORM it indicates that you have tried to format a disk without the SCRAM driver installed first. The formatting process will be stopped and you will be returned to the CP/M command prompt. With SCRAM this message indicates that you have attempted to un-install the SCRAM driver, when it was not installed in the first place. You are returned to the CP/M command prompt with no action having been taken. Drive not ready: This message appears with SFORM. It indicates that there is no disk in the specified target drive, or it is not connected or not turned on. This message may also appear for other un-defined errors that may occur during the formatting process. Cannot install Scramb'ler driver: This message appears with SCRAM. It indicates that SCRAM has detected that there may be a memory conflict with some other device driver in the memory area it wants to use in BANK 0 RAM. This is determined by finding a non-zero byte value at address hex $4400 of BANK 0. The SCRAM driver will not be installed. Other fine C-128 CP/M products from Herne Data Systems Ltd: Jugg'ler-128 Provides read, write and formatting support for more than 140 types of MFM CP/M disks. Fully compatible with 1571 and 1581 drives. QDisk CP/M device driver for the 32k or 64k Quick Brown Box battery backed CMOS RAM cartridge provides a non-volatile RAM disk for use in CP/M mode. It can be used in conjunction with a 1700 or 1750 REU RAM disk, if you have a cartridge port expander.