
encpw.exe Windows command
-------------------------

                                       This file:  encpw.txt
                                       Original:  Apr 5, 2006
                                       Updated:  Apr 5, 2006

(c) Copyright Dave Edwards 2006. All rights reserved.

Encpw generates an encrypted password string (printable) to
send to a server, from: (1) client's password PW, (2) shared secret
SECRET known to both client and server, (3) client's IP address
in dotted decimal form "n1.n2.n3.n4" IPADDR, (4) current date and
time as "yyyymmddhhmm" DATETIME.  If necessary, these input items
are obtained by prompting the user.  They are used to encrypt the
PW into a binary string, which is then converted to Base-64 form
to give a printable string, which the user sends to the server
in the password field of a server sign-on dialog.  The server
(e.g. the DECPW routine, $sub:decpw.s, of MUSIC/SP) reverses the
process, to decode the PW from the string.  The aim is to prevent
a 3rd-party attacker from seeing the password in transit and from
being able to replay the encrypted password string later.

This program runs as a Windows Console application.
It is normally run by typing the command in a Command window
(Start --> Programs --> Accessories --> Command Prompt).

Notes:
- See encpw command usage below.
- This protocol can be used with CMDUI (MUSIC/SP web command
  interface) sign-on. See MUSIC/SP file $tcp:cmdui.txt .
  The shared secret (SECRET) is defined to the server by the
  mpw=xxx option in the CMDUI user table file.

Parameters for the method:

   Encryption algorithm:  RC4 stream cypher (implied).
                The bytes of the encryption key are used to
                initialize the RC4 random number generator,
                the first 256 bytes of the generator are discarded,
                then the next bytes from the generator are
                XOR'd with the plain-text bytes to give the
                cypher-text bytes.  Cypher text is the same length
                as the plain text input.  RC4(x,k) denotes
                the encryption of plain text x via key k.
   Length of random key KEY1:  LKEY1=12.
                MUSIC/SP routine DECPW requires LKEY1 to be 1 to 32.
   Maximum length of actual password:  MAXPW=32.
                For MUSIC/SP routine DECPW, MAXPW must not exceed
                about 150.
         Note: Normally LKEY1 and MAXPW are chosen so that
         LKEY1+MAXPW+1 is a multiple of 3, so that the Base-64
         encoding of the encrypted password data does not have
         any "=" chars at the end.  E.g. LKEY1=12, MAXPW=32
         gives a Base-64 final length of ((12+32+1)/3)*4 = 60.
   The server assumes that the actual password PW consists only of
                Ascii printable characters, in the range hex 20
                to hex 7F inclusive.  This allows the server to
                check that it used the right current time.
                This is important in case the client and server
                clocks are not exactly synchronized, or the
                operation is done very close to a minute boundary.
   MD5BIN(x) denotes the 16-byte binary MD5 digest of x.

Client (this program) does:

(1) Generate a random binary key KEY1 of length LKEY1 bytes.
    (This ensures that the same PW generates a different PWDATA
    each time, even if done during the same minute.)

(2) Calculate XKEY1 = RC4(KEY1, MD5BIN(SECRET) )

(3) Form the concatenation  STR = KEY1 || IPADDR || "-" || DATETIME
    (The IP addr and date/time are included to prevent a replay
    attack by a 3rd party.)

(4) Calculate KEY2 = MD5BIN(STR)

(5) Generate a random string PAD of length MAXPW-length(PW),
    with the first char (if PAD is not null) being "m".
    The other chars can be anything.  (This is to hide the
    length of PW. The "m" allows the server to check the
    decryption, and try again with a slightly different time if
    the server and client clocks are not synchonized.)

(6) Calculate DATA = XKEY1 || RC4( LPW || PW || PAD, KEY2)
    where LPW is 1-byte length of PW (binary 0 to MAXPW).

(7) Send to server: PWDATA = Base-64 encoding of DATA

Command usage:       encpw
                 or  encpw x

       where x is a single character (default: 1).
       x specifies the file, encpwx.dat, that contains the
       default input.  The first record of the file is the
       default IP address. The second record (if any) is the
       default shared SECRET password.
       If a record is of 0 length, it is not used for the
       corresponding input item, i.e. no default value.
       Reading of the file stops on EOF or an error.

       The file encpwx.dat is looked for first in directory
       c:\misc, then in directory c:\, then in the current
       directory.  If the file cannot be found or cannot be
       opened, no defaults are used.

Example:

    C:\misc>type encpw3.dat
    135.46.220.45
    jT-89572$bwp+47

    C:\misc>encpw 3
    Encrypts a password into a printable string.
    Enter your IP address: 135.46.220.45
    Using shared SECRET string from file
    Enter date/time as yyyymmddhhmm: 200604050846
    Enter user password (max len 32): ************
    Password string for sign-on:
    KltY0yAorab58A4H60F/D9Yb/nS+WWOJZcchd2E3ie4L0QOtIPojOkdcXPNW

Note that the IP address and the date/time are supplied by
the encpw program (the IP address from the .dat file), and do
not need to be typed by the user.  However, the user can backspace
and change them before pressing Enter.  If a .dat file is set up,
the user only has to type the encpw command and the user password.

Additional notes:

- In the Command window, you can use the mouse to copy the
  60-character encrypted password to the Clipboard. In the
  Properties screen of the Command Window, select the option
  "QuickEdit Mode".  Then, to copy the text, highlight it on
  the screen and press Enter.  To paste it into the password
  field of the sign-on dialog (e.g. the password field of a
  web page), press Ctrl+V.

- As part of the process of generating the random key KEY1,
  the encpw program creates or updates two small files named
  sysrand1.bin and sysrand2.bin in the root directory of the
  c: drive.  Use of these files increases the randomness of KEY1.
  The program creates the files if they do not exist. You can
  delete them if necessary, but it is best to leave them as is.

