Technical Reference Manual

LZ PASSWORDS

GENERAL

The LZ has a built in security system. It allows you to set a general password to lock up the organiser completely, and also to set a password on a notepad file which is then encrypted to keep out prying eyes.

Passwords are not stored directly in memory, otherwise a simple peek would allow someone immediate access to them. After a password has been typed in, it is encoded in a rather complicated way to give a 9 byte string, the passcode. This encoding is a little complicated to describe (see Key Generation), but not very difficult to do. It is however impossible to undo directly, so the originally typed password can't be recovered from the passcode.

Furthermore, the resulting passcode probably is unique to each password. This means that passwords can be checked by comparing their codes only.

SYSTEM PASSWORD

When a system password is given, it is encoded and the resulting 9 byte passcode is stored at $7FD7-$7FDF. It is difficult to recover the original password from these bytes directly. The only way to do this is to try all possible passwords until you find one that has the right code.

In practice however, it is either impossible or not necessary to do such a search for a system password. On a Psion with a system password set and active it is impossible to read the encoded password. The only way to deactivate an active system password if it is unknown is to remove the battery which of course destroys all data on A:. Note also that since external devices are not loaded during a warm boot it is not possible to intercept the password routine that way.

On the other hand, on a Psion with a password set but not active it is not necessary to do any calculating at all as it is easy to erase the password completely.

The byte at $7FD6 contains the system password state. It can contain the following values:

• 0 - There is no system password (this is the default).
• 1 - There is a system password but it is not active.
• 3 - There is a system password and it is active.

Note: Actually bit 0 is set when a system password has been given, bit 1 is set when it is active.

Poking 0 to $7FD6 will erase the system password. This allows you to set a new system password without knowing the old one. Note that there is no need to clear the passcode at $7FD7-7FDF as it is simply ignored until it is overwritten at such time when a new password is typed in.

NOTEPAD PASSWORDS

When a notepad is given a password, the password is encoded in exactly the same way as the system password. The 9 byte passcode is then also stored in the notepad file (see chapter Notepad). Thus when it is accessed using the notepad editor, it will be password verified before viewing/editing is allowed.

To further secure the notepad text from peeking, it is also encrypted. This encryption is done in a very simple way using an 8 byte key. The same algorithm that produces the passcode from the password is used (with slight modifications) to generate the 8 byte key.

Recovering the notepad text without the password seems to be very difficult. It is impossible to go directly from the passcode to the key without finding the password first. Trying to find out the password from the passcode, and then using that to get the key and decode the text is possible but involves quite an exhaustive search.

However the method used to encrypt the text is so simple that it is possible to decode it without knowing the password or key at all, provided the notepad contains at least about 20 characters of text. No further information is given on that subject, just be warned!

NOTEPAD ENCRYPTION

There now follows a description of the encryption method. Suppose we have the following notepad file:

  Testing:
  This is a
  test.

and the password ABCDEFGH.

   Txt: Testing:#  T   h   i   s   _   i   s   _   a  #   t   e   s   t   .  #
   Asc:           84  104 105 115 32  105 115 32  97  0  116 101 115 116 46  0

Note that the end of a line is indicated by a 0 byte (denoted here by a #). The title of the notepad 'Testing:' will not be encrypted, and if like here there is a zero byte immediately following it, that byte is not encrypted either.

The encryption key is calculated from the password (see Key Generation), and turns out to be 82,47,5,181,247,92,30,165. On of the simplest types of encryption with a key is adding the key letter by letter (or rather number by number) to the text. This is the so-called ViginSre cypher. The notepads are encrypted in this way, but to further disguise the encryption another sequence is added. The sequence is generated by consecutive multiples of 163, i.e.. 163, 70 (=163+163-256), 233, 140 (233+163-256), etc. This sequence is added to the key before being added to the plain text.

This is of course best illustrated with our example. For the first eight characters we have:

       Text:          T   h   i   s   _   i   s   _
       
					')";
					onMouseout="hideddrivetip()">
					ASCII:         84 104 105 115  32 105 115  32
     
       OldKey:        82  47   5 181 247  92  30 165
       Seq:          163  70 233 140  47 210 117  24
       NewKey:       245 117 238  65  38  46 147 189
    
       Asc + NewKey:  73 221  87 180  70 151   6 221

Note that if a number exceeds 255, 256 is subtracted to keep it within range of a single byte.

The key that was used here is now used to calculate the key to use on the next 8 letters:

       Txt:          a   #   t   e   s   t   .   #
       Asc:          97  0  116 101 115 116  46  0
      
       OldKey:      245 117 238  65  38  46 147 189
       Seq:         187  94   1 164  71 234 141  48
       Newkey:      176 211 239 229 109  24  32 237
      
       Total:        17 211  99  74 224 140  78 237

The complete encryption is now:

    T   h   i   s   _   i   s   _   a   #   t   e   s   t   .   #
    73 221  87 180  70 151  6  221  17 211  99  74 224 140  78 237

KEY GENERATION

Here is a detailed description of the algorithm used to transform the password into the 9 byte code or 8 byte key.

1. Capitalize the password. If its length is less than 8 characters, then repeat it as often as necessary to get an 8 character string. For example, 'abc' becomes 'ABCABCAB'. Let p0 to p7 denote the ')"; onMouseout="hideddrivetip()"> ASCII characters of this string. For the final few steps let l be the length of the password and let t=(p0+p1+p2+p3+p4+p5+p6+p7) MOD 8. (Note that MOD 8 means the remainder on division by 8, so it is the same as taking the logical AND with 7.)
2. Compute g0 to g3 using the following formulae:

          g0= (p0+3D)*(p7+25)*CB and ignore the lowest byte
          g1= (p1  "   p6  "  "   "    "     "     "     "
          g2= (p2  "   p5  "  "   "    "     "     "     "
          g3= (p3  "   p4  "  "   "    "     "     "     "

   The numbers are obviously given in hexadecimal notation. Note that the multiplications result in 3-byte integer values, and only the 2 high bytes are taken to give the 2-byte unsigned integers g0..g3.
3. Compute f0, f1 using the following formulae:

          f0= (g1+03)*(g2+0B)*A1 and ignore the lowest byte
          f1= (g0+03)*(g3+0B)*AD  "    "     "     "     "

   The multiplications result in 5-byte integer values, and only the 4 high bytes are taken to give the 4-byte long integers f0,f1. (Note that the addition operations will never cause a carry, so the factors really are two-byte integers.)
4. Swap the two high bytes with the two low bytes of f0. Similarly f1.
5. Compute e0, e1 using the following formulae:

          e0=f0*CB and ignore the lowest byte
          e1=f1*CB  "    "     "     "     "

   Let d0 to d3 denote the 4 bytes of e0, from low to high. Similarly d4 to d7 denote the bytes of e1.
6. Compute the first 8 bytes of the by the following formulae:

          c0=p0+d7
          c1=p1+d6
          .. .. ..
          c6=p6+d1
          c7=p7+d0

   Of course these are restricted to byte values, so ignore any carry that might result.
7. Compute the final code byte by the formula

          c8=d(t)+l

   where t and l are remembered from step 1.

Now c0 to c8 is the 9 byte passcode.

To compute the 8 byte notepad encryption key, nearly the same algorithm is used. The only difference is that the eight bytes d0 to d7 are used, so steps 6 and 7 are omitted.

Also, during the calculation different numbers are used:

• Step 2: 25, 3D, C5 instead of 3D, 25, CB
• Step 3: 7, 3, A9, 97 instead of 3, B, A1, AD
• Step 5: C5 instead of CB

Example

Password is 'abcdefgh'. All numbers below are in hex.

1.  p0..p7=  41,42,43,44,45,46,47,48
    l = 8
    t = (224 mod 8) = 4
 
2.  g0= (41+3D)*(48+25)*CB = 2A8A[A2]
    g1= ... = 2A7C
    g2= ... = 2A6C
    g3= ... = 2A5B
  
      Similarly, for an encryption key we get:
      g0= (41+25)*(48+3D)*C5 = 28C7[76]
      g1= ... = 28DE
      g2= ... = 28F4
      g3= ... = 2908
	  
3.  f0= (2A7C+3)*(2A6C+B)*A1 =046EEAFC[A9]
    f1= (2A8A+3)*(2A5B+B)*AD =04C32AFD[16]
 
      And for encryption key:
      f0= (28DE+7)*(28F4+3)*A9 = 0451EB3C[6B]
      f1= (28C7+7)*(2908+3)*97 = 03DBD692[96]
 
4.  f0= EAFC046E
    f1= 2AFD04C3
 
      And for encryption key:
      f0= EB3C0451
      f1= D69203DB
 
5.  e0= EAFC046E*CB = BA55D783[3A]
    e1= 2AFD04C3*CB = 2216A2C6[A1]
 
      And for encryption key:
      e0 = EB3C0451*C5 = B5052F52[55]
      e1 = D69203DB*C5 = A51E5CF7[87]

    d0..d7=  83,D7,55,BA,C6,A2,16,22
       
       And for encryption key:
       d0..d7=  52,2F,05,B5,F7,5C,1E,A5
            or 82,47,5,181,247,92,30,165 in decimal
            The encryption key is now done.
 
6.  p0..p7=  41, 42, 43, 44, 45, 46, 47, 48
    d7..d0=  22, 16, A2, C6, BA, 55, D7, 83
    c0..c7=  63, 58, E5, 0A, FF, 9B, 1E, CB
 
7.  c8= d(t)+l = d4+8 = C6+8 =CE
    so the nine byte passcode is 
       63, 58,  E5, 0A,  FF,  9B, 1E,  CB,  CE
    or 99, 88, 229, 10, 255, 155, 30, 203, 206 in decimal.