HP Sentry User Manual

Appendix 1 - 2

SENTRY User’s Guide

Fitzgerald & Long

This is the result of the encryption. If the data string is already encrypted and the encryption key is the

same as was used to encrypt the data, the result will be the decrypted data.

ENCRYPTION.KEY (Input)

This is a character string between 10 and 100 characters long that is to be used as the seed for the
encryption routine. Do not use a variable key. Use only a constant, hard coded in your program.

DATA ENCRYPTION

One of the ultimate means of securing sensitive data is to encrypt it. Encryption is simply transforming the
data according to some code so that it is not intelligible. For example, an encryption technique might be to
assign each letter of the alphabet a number according to its position (A = 1, B = 2, C = 3, etc.). Then to
encrypt the word "INFORMATION" we transform it to "9 14 6 15 18 13 1 20 9 15 14". Someone who
knows the code can decrypt the series of numbers and retrieve the original data.

There are an almost infinite number of encryption techniques. SENTRY uses a method which can be
classified as "private key encryption". The encryption subroutine is SENTRY.ENCRYPT. The subroutine
has three arguments -- DATA.STRING, RETURN.STRING and ENCRYPTION.KEY. The
ENCRYPTION.KEY may be any string between 10 and 100 characters long. The key is used to uniquely
"muddle up" the bits in DATA.STRING. The result is placed into RETURN.STRING. As an example,
suppose the key is "OLDSMOBILE" and the input data in DATA.STRING is "SENTRY works great!"
The encrypted string in RETURN.STRING might look like "zt>a[H =~3A7|-gyI^003W". To decipher the
encrypted data, someone would have to know both the encryption algorithm and the key used.

Decryption works like encryption. If we call SENTRY.ENCRYPT with an encrypted string in the
argument DATA.STRING and with the same key in ENCRYPTION.KEY that was used to encrypt the
data originally, the string returned in RETURN.STRING will be the original, intelligible data.

SENTRY.ENCRYPT will not change any database delimiters (i.e. record mark, text mark, field marks,
value marks, subvalue marks) and will not encrypt other characters into delimiters. Hence, it is perfectly
safe to write encrypted data into data files.

Examples of BASIC code to store encrypted data and display decrypted data are shown below:

STORE.ENCRYPTED

SENTRY.ENCRYPT = "*SENTRY.ENCRYPT"

INPUT THE.DATA

THE.KEY - "Fudge Tastes Good!"

CALL @SENTRY.ENCRYPT(THE.DATA,

CRYPT.DATA,THE.KEY)