Krolypto 1.4

The Krolypto software is subject to United States export controls. This software may not be sold, exported or re-exported (1) into (or to a national or resident of) Iran, Iraq, Libya, Serbia, Sudan, North Korea, Cuba, Syria, or any other country to which the United States has embargoed goods; or (2) to anyone on the U.S. Treasury Department's list of Specially Designated Nationals or the U.S. Commerce Department's Table of Denial Orders. For more information on the U.S. Export Administration Regulations (EAR), 15 C.F.R. Parts 730-774, and the Bureau of Export Administration ("BXA"), please see the BXA homepage. By downloading this software, you certified the following as per U.S. export laws:

I understand that this software and its underlying technology is subject to United States Government export controls under the U.S. Export Administration (EAR);
I am not a national or resident of an ineligible destination country under the EAR or U.S. sanctions regulations (Iran, Iraq, Libya, Serbia, Sudan, North Korea, Cuba, Syria);
I am not located in an ineligible destination country under the EAR or U.S. sanctions regulations (Iran, Iraq, Libya, Serbia, Sudan, North Korea, Cuba, Syria);
I am not a Denied Party, Specially Designated National, or other person or entity prohibited from receiving exports by U.S. law;
I will not sell, export or re-export this software and other licensed materials to any prohibited destination, entity or individual without the necessary export license(s) from the U.S. Government.

Getting Started with Krolypto

Krolypto is different than a typical TI-83 Plus flash application, in the interface and the behavior. It was designed with maximum security in mind, and thus you may experience data loss if not properly used. The author of Krolypto is not responsible for any damages resulting from use.

How to Initially Set-Up Krolypto

Get your calculator and run Krolypto from the APPS menu. The first time, it will prompt you to create a password for the application. This password is only used to access Krolypto. Press a key to get past the screen which says "To use Krolypto, you must create a password..." You can now enter a password. Passwords can be up to 8 characters long, and any key combination is valid except using ON. Note that having ALPHA pressed is treated differently from a regular keypress. After you type your password, press Enter (however if your password is the maximum of 8 keystrokes, you do not need to press Enter, it will move on automatically).
You will now need to enter the password you chose again. This is to verify that you typed it correctly. Type it exactly as before and press Enter when done (unless it is 8 characters long).
You will now either see the main Krolypto screen with "KROLYPTO" down the left side of the screen, or a message about how the passwords did not match. If the passwords did not match, you probably mistyped something. Press a key to exit the app, then go back to Step 1 of these instructions and try again. Otherwise, let's move on.
An encryption key is the basis of the security for an encryption system. In the next few steps, we will create a random key for you to use. It is important to generate the key randomly so it is unique, because if someone else has your key, it makes it easier to decrypt your files.
In the Krolypto zip file you downloaded, there was a file named KEYGEN.EXE. Find this file on your computer, and run it. The best way to run it is to browse in My Computer or Windows Explorer, and double-click on the file. You will see some text and then some gibberish-looking lines on a black screen.
On your calculator, you should be at the main Krolypto screen from the prior steps. Using the up and down arrow keys, move the cursor until it is in front of "Create Key", and then press either 2nd or Enter to select it.
After reading the message on the screen, press a key to move on. You should see a blank screen with a cursor that resembles the homescreen. Now look back at your computer, and find the 4 lines of 16 characters each. This is the randomly generated key that you will enter into your calculator. Starting on the first of those 4 lines, type the characters into your calc. For 0 through 9, simply press the corresponding key. For A through F, press the key that has that letter above it. No pressing of ALPHA is required. If you make a mistake, pressing the Del key will back up one character, and pressing Clear will cancel the screen. If you press Clear, you will have to do this step again later.
After you have entered all the characters, the cursor should be blinking at the left side of the screen, underneath 4 rows of text. Press Enter now, and you will see a message about successful key creation.
The key is stored in the archive in the appvar 'krolypto'. This procedure to create a key should only be needed again if you clear your archive and have no backup of the key. You are now ready to use the encryption and decryption features of Krolypto. Please see the appropriate sections below in this document.

Encrypting Files

Start Krolypto from the APPS menu. You will need to enter your application password to run the app, so do so at the prompt.
You should now be at the main Krolypto screen. Scroll to Encrypt and press 2nd or Enter.
In the "Select a file" screen, you can use the up and down arrow keys to scroll to the file to encrypt, then press 2nd or Enter to select it. If you have no unencrypted programs on your calculator, you will see a message, and be unable to encrypt anything.
On the next screen, you will need to select an algorithm to encrypt the program with. There are no practical advantages to one particular algorithm over another. Blowfish and RC6 are probably more secure than GOST. GOST is the fastest for encryption/decryption times, and RC6 is the slowest. Blowfish is in the middle, but it has about a 1 second setup time. Pick whichever one you like best :).
The encryption progress will be shown as the file encrypts. For small files, this may just flash briefly and then return to the main screen when done. If it was a success, then you are done with this section and have successfully encrypted a file. The file has the same name, and is now edit-protected in RAM.

Decrypting Files

From the Krolypto main screen, scroll to Decrypt and press 2nd or Enter.
As you scroll up and down the list of encrypted files on your calculator, the type of encryption used is shown on the right side of the screen. Choose a file and press 2nd or Enter.
You will see the decryption progress meter and then return to the main screen after a decryption. The file has the same name, and if it was editable before encryption, it will be now. You're done with this section.

Using Krolypto with Multiple Calculators and/or People

Files encrypted with Krolypto depend on the key file. The key you entered when first using Krolypto is stored in an appvar titled 'krolypto'. If you wish to send files back and forth with a friend, you will need to use the LINK menu to send the krolypto appvar to his/her calculator. Make sure only friends have this appvar, because it is used to decrypt the file. You can transfer encrypted files to your computer with the TI-GRAPHLINK software, and e-mail them to friends, who can then load it on their calculator and decrypt it. The system is very flexible.

The Password Screen - Changing passwords

From the main Krolypto screen, move the cursor to "Password" and press Enter. Now, if you wish to change your password, make sure the cursor is on "Change password" and press Enter. You will be prompted for the new password, press Enter when done. You will then need to confirm the password by typing it again, again pressing Enter when done. If the passwords do not match, a message will be displayed and you now must try again by entering the new password again. If the passwords did match, then you will be taken to the Krolypto main screen and the password was successfully changed.

Protecting Parts of the OS with Passwords

Krolypto can password protect access to the APPS menu, MEM menu, and turning on the calculator. To enable these features, from the main Krolypto menu select "Password". Move the cursor down and you will notice 3 checkboxes: Apps, Memory, and Startup. By pressing Enter to toggle a checkbox on or off, you can enable password protection. For the Apps and Memory menus, when the corresponding button for them is pressed, a password screen will be shown and a valid password required to open the menus. An incorrect password will take the user back to the homescreen. Note that the memory checkbox also protects from self-tests resetting the memory as well. For Startup, this will cause the calculator to prompt for the password every time it is turned on. If the correct password is not entered, the calculator will not be usable. When done in this screen, press Clear to return to the Krolypto main menu.

Hiding Programs

You can hide programs with Krolypto. From the main Krolypto menu select "Password" and select the checkbox marked Programs. Then by pressing On+Prgm (that's holding down ON, pressing Program, then releasing ON), you can toggle whether all programs are hidden or visible. This is useful in convincing enemies that your calculator is empty. Please note that this affects the memory screen as well; while hidden, programs will not appear there either.

Using with Omnicalc

Krolypto v1.3 is compatible with Omnicalc v1.23 and higher. First, you must run Omnicalc and choose whatever settings you wish. Then, start Krolypto and enter the Password screen from the main Krolypto menu. By entering and exiting the Password screen, Krolypto will install its own key hook that will overwrite Omnicalc's. Krolypto will then pass keys to Omnicalc when it does not need to intercept them. This sequence will allow you to fully use both the features of Krolypto and Omnicalc.

Security Features of Krolypto

Any encryption system needs to have ample security to provide confidence in it's trustworthiness. The following are designed features in Krolypto to maximize security.

The password is stored with a MD5 hash. It is currently computationally unfeasible to reverse this.
When Krolypto executes, interrupts are forced to IM 1, and all hooks are disabled during the running time of the application.
Before Krolypto exits, all temporary RAM areas used by the application are overwritten with streams of 1s and 0s ten times to ensure no revealing data is left for analysis.
The encryption algorithms used by Krolypto are well-known, with papers and security attacks published. None of them is currently able to be attacked without brute-forcing in the implementation. Blowfish is widely used in commercial cryptography programs, RC6 was submitted to the government as a proposal for a new government security standard, and GOST has been used by the Russians for top-level government encryption for decades.
All implementations of the encryption algorithms are utilizing a full 256-bit key, which is currently in excess of any abilities to recover using brute force. While this will undoubtably change in 20 or 30 years, the encryption should outlast the usage of the TI-83 Plus calculator.
To prevent against physical theft of the calculator, the password to run the application is required. Furthermore, this password is encrypted with a secret key and hidden inside the calculator memory.
To prevent against plaintext attacks, cipher block chaining (CBC) is used in all encryption modes. This forces each 4 or 8 byte block of data to become dependent on the values of the prior blocks, ensuring that plaintext patterns do not propagate to the encrypted values.

I forgot one or all of my passwords, what do I do?

Unfortunately, there is no way to recover your password. This is a designed feature of Krolypto, so please do not e-mail me about this. If you have locked yourself out of your calculator in the lockdown feature, you'll have to remove all batteries and wait a while (this will only clear RAM). If you forget your application password to start Krolypto, you will have to reset all memory only if you wish to continue using Krolypto.

Bonus Feature for those who read this far:

To use the lockdown feature (which will secure your calc sort of like the MirageOS password protection, only better), go to the Krolypto main screen and press On+Sto.
Your calculator will turn itself off when it is secured. Upon pressing ON, there is a simulated homescreen.
Enter your application password (the one needed to start Krolypto) and press Enter to exit this screen. A correct password will return you to the Krolypto main screen. Incorrect passwords will turn off the calc, but you can turn it on again and have unlimited tries. Pulling batteries out will not help, either :)

Krolypto is copyright (C) 2003-2006, by Michael Vincent. All rights reserved. The ideas and designs of the algorithms used in this flash application are the copyright and/or property of their respective holders.