                              [?] Secret [?]

I'm not paranoid. I don't think I have to protect all personal data on my
Pilot. I don't want to bother with the tedious built-in password
protection. And I heard it isn't even very secure.
There are, however, some information like passwords and PINs that need
protection from casual glances. Sadly enough, the number of secret numbers
and codes I receive is constantly growing and I really can't memorize all
of them. That's why I felt the need for an application that stores those
numbers and passwords in a secure way. It encrypts/decrypts the information
every time I call it. It should be easy to use (no graffiti needed) and has
to hold only a limited amount of data. There's no need for sophisticated
encryption algorithms because it should only survive the amateur hacking
attacks. After all, if the NSA or the BND wants to finds out something
about me, they have probably other ways than hacking my programs...

Do you feel the same? Then my Pilot application Secret V1.5  is for you.
It is free but copyrighted for legal reasons. Mail me if you want to see
the source.

Installation and Usage

If you have used a previous version of Secret, please save your data (e.g.
copy it to MemoPad)! I try to remain backwards compatible, but I can't
guarantee it.
After installing the file secret.prc (use instapp.exe from your pilot
directory) on the Pilot you start with the "Enter your secret number"
screen. You can enter any number with 1-8 digits you wish, except 0.
Leading 0s are ignored. It is also possible to enter Graffiti letters.
After unchecking the "r/o" (read-only) checkbox and clicking "OK" you get
access to the "Secret data" screen. Here you can manually enter text or use
the menu command "Paste" to paste text that was copied from e.g. MemoPad.
Everytime you click "Close" or switch to another application, this data is
encrypted using your previously entered secret number. The same happens if
no user interaction occurs for more than 30 sec. So if you forget to
"Close" your secret data the program will do so automagically before the
Pilot turns auto-off. The secret data is never left unencrypted in the data
base.
To protect the data from accidental changes, the "Secret data" field is
read-protected by default. Please make sure you have disabled the "r/o"
checkbox on the main screen if you want to enter or change text.
You can change or disable the auto-close timeout and the startup read-only
mode in the Preferences menu from the Secret Data screen.

Multiple categories for your secret data are now supported. Add up to 5
categories in the preferences menu.

Due to the nature of the encryption algorithm it is not possible to find
out if the user entered the correct password. Therefore, changes to the
text can be made even if someone doesn't know the password. Any tampering
with the encrypted or wrongly decrypted data will make a correct decryption
impossible.

Background

The encryption scheme is nontrivial using xor'ed random numbers and is
unitary and hermitian, or in simple words, it recovers the original after
applying it twice. This means that if you enter the wrong password (and get
garbage in the data window) clicking "Close" restores the original
encrypted value. If you than enter the correct password the real data is
decrypted. Since the data to protect (PINs and passwords) is (or should be)
almost random the used encryption scheme should withstand plain text
attacks and other brute force methods. There is no way other than reading
the text to tell whether it is encrypted or decrypted.
The database that holds the (encrypted) secret information will get backed
up with the standard hotsync and survive any soft resets as well as release
changes. If you have to do a hard reset on the Pilot, you can install
secret and the SecretDB.pdb file from your backup directory.

Known bugs and problems

   * it's complicated to change the secret number (Use "Mark All", "Cut",
     "Close", enter new number, "OK", "Paste")
   * if you paste secret data, the systems stores the text in dynamic
     memory which may also appear in other backed up databases (Use an
     empty "Copy" after copy/paste of secret information). Don't forget to
     erase the MemoPad record if you copied or saved secret data in MemoPad
   * there should (some day...) be a Windows application, i.e. a conduit,
     that can encrypt/decrypt the Secret database on the PC

History

First of all, thanks for all the feedback.

   * V1.5
     added multiple categories, redesign: faster and less memory usage, /P
     for paste on popular demand
   * V1.4a
     mixed up r/w and r/o, so cut/paste only worked in read-only -- fixed
   * V1.4
     included preferences, e.g. for setting time-out
   * V1.3
     numerous small bug fixes, including iterim release v1.2a
     security bug in backup db now really fixed
     enter up to 8 digits as key fixed -- may be incompatible to older keys
     (previous version cleared password after 5 digits)
     error if no password entered (data wouldn't be encrypted in this case)
   * V1.2
     problem with scroller update fixed by using Wes Cherry's pilrc v1.4
     fixed (?) small security bug in backup database
   * V1.1
     added "0" and "C" buttons
     added read-only feature and possible graffiti input
   * V1.0
     first public version

---------------------------------------------------------------------------
Andreas Linke, a.linke@sap-ag.de, 10-Jun-97

Copyright (c), 1997, by Andreas Linke, Heidelberg, Germany

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:

1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
   notice, this list of conditions and the following disclaimer in the
   documentation and/or other materials provided with the distribution.
3. All modifications to the source code must be clearly marked as
   such.  Binary redistributions based on modified source code
   must be clearly marked as modified versions in the documentation
   and/or other materials provided with the distribution.
4. All advertising materials mentioning features or use of this software
   must display the following acknowledgment:
     This product includes software developed by Andreas Linke.
5. The name of Andreas Linke may not be used to endorse or promote
   products derived from this software without specific prior
   written permission.

THIS SOFTWARE IS PROVIDED BY ANDREAS LINKE ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED.  IN NO EVENT SHALL ANDREAS LINKE BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.

