                          .---------------------.
                           !PGPlock !Help file 
                          '---------------------'

Version: 1.00 (5 August 1998)

Author: Nat Queen <n.m.queen@birmingham.ac.uk>

Primary distribution site: http://web.bham.ac.uk/N.M.Queen/pgp/acorn.html

Software requirements:

  PGP (freeware, available from the same URL)

  !SparkFS

=========================================================================

***WARNING*** This software should not be used on the Phoebe 2100, because
the utility Nuke contained in it may corrupt a disc in the new format.
Sergio Monesi intends to release a new version of Nuke in the near future,
to fix this problem, and at that time a new version of !PGPlock will also be
released.

=========================================================================


What does it do?
================

!PGPlock enables you to use PGP to encrypt all your sensitive data or to
retrieve it, with just one (double) mouse click (plus a pass phrase in
either case!). You can encrypt and decrypt not only single files, as when
using PGP itself, but a whole directory structure in one operation.

The encryption will completely hide not only the data, but also the nature
of the directory structure, the filenames, etc.

Many commercial programs claim to provide 'virtually unbreakable' encryption
without revealing the encryption method. As Phil Zimmermann said in his PGP
manual, "Beware of snake oil." The encryption system in !PGPlock relies
solely on the well established PGP, whose source code is freely available
and has been scrutinised by numerous experts. Moreover, it's free.

As an added bonus, !PGPlock makes use of Sergio Monesi's powerful utility
Nuke to erase all traces of the original files from the disc after they are
encrypted, making it impossible to recover them. When a file is 'deleted' by
RISC OS, only its entry in the directory structure is removed, but all the
data remain on the disc surface and can easily be recovered by means of a
disc editor or an 'undelete' utility. Nuke prevents such data recovery by
overwriting the data with true 'military' security.


How to get started
==================

First, !SparkFS must be loaded. PGP must also be set up.

If you are installing PGP for the first time, it is suggested that you read
the instructions in the file -RiscOS.Install in the PGP distribution.

Now double-click on !PGPlock. A directory window will open. In it you will
see an empty directory 'Data'. 'Data' is the directory in which you can put
any of your sensitive files, directories or applications.

If you want to destroy any sensitive files or directories at any time,
*move* them to the directory 'bin'. When you encrypt the data that you want
to keep, anything in the directory 'bin' will automatically be securely
overwritten on the disc, making its recovery impossible. Be very careful
about what you put in 'bin'. Do *not* simply 'delete' any sensitive data;
anything that is 'deleted' can still be 'undeleted'.


Encryption
==========

To encrypt your data, double-click on the !Lock icon in the !PGPlock
directory window. PGP will then come into action and ask for a pass phrase. 
It is essential that you remember this pass phrase. Bear in mind that PGP
pass phrases are case-sensitive. If you forget the pass phrase with which
you encrypt your data, there will be absolutely no way to recover the data
(unless you used a very weak pass phrase!).

After entering your pass phrase twice for confirmation, the directory 'Data'
will be securely wiped, and its original contents will be replaced by a
single encrypted file Crypt/pgp. At the same time, anything that was in the
directory 'bin' will also be securely overwritten on the disc.


Decryption
==========

Double-click on the !Unlock icon. You will be asked for the pass phrase that
you used for encryption. If you enter the correct pass phrase, the original
contents will reappear in the directory 'Data', and its directory window
will open automatically, ready for you to access your data.

Don't worry if you enter the wrong pass phrase by mistake. In contrast to
some encryption programs, there is no danger that your data will be
corrupted; you may try again, until you get it right.

Don't forget to use !Lock again when you finish your session!


Why is !SparkFS needed?
=======================

When you use !PGPlock, you will never actually see any !SparkFS archives. An
archive containing all the data is used only in an intermediate stage of the
encryption or decryption process.


Are there any security weaknesses?
==================================

There is one possible weakness. If you work with very large files and
!SparkFS does not have enough memory to process them, it uses the scrap
directory on the disc. !PGPlock is unable to trap and securely wipe the
scrap files, which are simply deleted in the ordinary way. Thus, some traces
of the original data may remain on disc. The solution is to ensure that
enough memory is reserved in the !SparkFS configuration.


Legal notice
============

!PGPlock is freeware. The copyright is retained by the author, Nat Queen. 
You may copy and distribute this software freely as long as none of the
files are altered or removed. If you distribute !PGPlock in any PD library,
magazine cover disc or CD, or on any site on the Internet, please drop a
line about it in my mailbox, so that I can keep you informed about possible
future updates. Any distribution method is allowed, provided that you do not
make any profit from it. This software must not be distributed as part of
any other application without my prior permission.

This software has been thoroughly tested, but no guarantee is given as to
its suitability for any purpose. The author accepts no responsibility for
any data loss, crashes or other undesired effects caused directly or
indirectly by using !PGPlock.


Acknowledgments
===============

Thanks to Tony Hopstaken for invaluable help, suggestions, and inspiration.

Thanks to Sergio Monesi for permission to include his Nuke utility in this
software, and for helpful discussions.
