HP Sentry User Manual

SENTRY User’s Guide

Appendix 1 - 3

Fitzgerald & Long

WRITE CRYPT.DATA ON

FILE.VAR, REC.KEY

DISPLAY.DECRYPTED

SENTRY.ENCRYPT = "*SENTRY.ENCRYPT"

READ THE.RECORD FROM FILE.VAR,

REC.KEY ELSE ...

THE.KEY = "Fudge Tastes Good!"

CALL @SENTRY.ENCRYPT(THE.RECORD,

OUT.DATA, THE.KEY)

PRINT OUT.DATA

It is critical that the encryption key be a constant. Without the key, decryption of encrypted data is not
possible. If an incorrect key is used with encrypted data, the data is re-encrypted and will now require two
decryptions to be made readable. For example, suppose that data were encrypted three times with different
keys as follows:

CALL @SENTRY.ENCRYPT(ORIG.DATA, ENCRYPT.DATA, KEYA)

CALL @SENTRY.ENCRYPT(ENCRYPT.DATA, MUDDLED.DATA, KEYB)

CALL @SENTRY.ENCRYPT(MUDDLED.DATA, GARBLED.DATA, KEYC)

To decrypt GARBLED.DATA we'd have to call SENTRY.ENCRYPT three times as follows:

CALL @SENTRY.ENCRYPT(GARBLED.DATA, TEMP.DATA, KEYC)

CALL @SENTRY.ENCRYPT(TEMP.DATA, TEMP.DATA2, KEYB)

CALL @SENTRY.ENCRYPT(TEMP.DATA2, ORIG.DATA, KEYA)

NOTICE: Be extremely careful when you use encryption. Test thoroughly and on a comprehensive set of
data. Once data are encrypted using your own private encryption key, we know of NO technique to decrypt
the data should you overwrite, forget, lose, or destroy the original key. You are completely responsible for
your use of this subroutine. It's POWERFUL and potentially dangerous.

Subroutine: SENTRY.USER.ITEM.CONTROL

SENTRY.USER.ITEM.CONTROL is a subroutine used to determine access rights of a user ID to items
defined by the user with the SENTRY User Item Maintenance Screen (Section 2-6).

Sample:

SENTRY.USER.ITEM.CONTROL = "*SENTRY.USER.ITEM.CONTROL"