# Qbasicnews.com

Full Version: Data Encryption
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3
I have been sitting here pondering what the best encryption algorithm might be. I am talking about an algorithm that is nearly impossible to decrypt. Anybody have any really good algorithms?[/code]
An encryption algo that isn't decryptable sucks!
Take a look at this very *d'Oh* example:
Code:
```INPUT "String to encrypt:", M\$ PRINT "Encrypted: " + CHR\$(186)```

But there are numerous of encryptions that are hard to decrypt. Note that COMPRESSION = a form of ENCRYPTION. So you could search on google for COMPRESSION (you'll turn to LZW probably)
Quote:I have been sitting here pondering what the best encryption algorithm might be. I am talking about an algorithm that is nearly impossible to decrypt. Anybody have any really good algorithms?[/code]

one way is...get a good (crypto-quality) hash function, and a good (crypto-quality) Pseudo random number generator. Your hash function should have the following characteristics:
low probability of collisions
non-feasable to find data that hashes to a particular value

The PRNG should have the following features:
statistically random output
does not leak internal state at a rate that would be useful for attackers (ie internal state cannot be determined from long runs of output)

once you have good hash and PRNG functions, you could build a system like the following...

to encrypt:
1 get password to encrypt file
3 hash the file
4 seed the PRNG with 2 & 3
5 encrypt the file by combining file data with PRNG output
6 hash the encrypted file
7 seed a second PRNG with 2 & 6
8 encrypt 3 with 7
9 write the encrypted composit consisting of 8 & 5

To unencrypt...
parse the encrypted composit file into:
3 the encrypted hash of the original file
4 the encrypted file
5 hash 4
6 seed a PRNG with 2 & 5
7 unencrypt 3 with 6
8 hash 7
9 seed a second PRNG with 2 & 8
10 unencrypt 4 with 9

Which would offer data integrity and authentication. The security of this type of system rests on the security of the password. If you make it costly to test each password, (eg takes several seconds of processing to seed the PRNG) then you should be pretty good, even if you don't want to use a very long password. Another thing that this kind of scheme does is...even if an attacker has a plaintext/cyphertext pair, he can't recover your password, or attack another file encrypted using the same password.

The pitfalls are many...and the learned folk on the sci.crypt newsgroup generally reccomend against "rolling your own", and reccomend using techniques that are "tried and true". I've rolled one in c++...currently at <Version 1060> ...that works...it's a console app but it's easy to use in windows...just "drag-n-drop" or "send-to" files to the exe and it launches and prompts for passwords, etc. I've had fun making the system, and have learned tons, but don't expect people to give you praise for your work. Instead, people with knowledge will PooPoo your efforts, call it "snake-oil" and worse, and no one else will care...however, I encourage you to learn about, plan, and implement crypto...it's challenging and interesting.

Good luck.
RSA and another methods of public/private password are impossible to decrypt without the password.
How about md5 CRCs? Can't it be applied to a larger scale?
The best way to encrypt is similar to winzip and wordperfect, programs that let you password lock a file. What you do is you ask the user for a password. You use this password to do something to the data. You don't store the password in the data at all. So in order to decrypt the data, the user would have to input the correct password. If they enter the wrong one, then what they get is random data based on the password they gave. And of course, the longer the password is, the better. It works well because disassembling the program that you use, will give you no clue either. Well, unless you are psychic and can read the person's mind for the password. So I guess there is no way to encrypt something that would make it impossible to decrypt.
Quote:How about md5 CRCs? Can't it be applied to a larger scale?

MD5 is a summing-up function. It sums up the message, then gets encrypted to create digital signatures or certificates. It is not a crypto-system itself.
... and it's impossible for a computer to decrypt anyway
Yey. I made a crypto function yesterday. Quite pleased with it really. Impossible to crack without the password. When you put the same word and password in to be encrypted twice, you can get different results each time! Very secure.

Method -

-takes a random number
-XORs the random number with each ASCII of the password.
-Then XORs each ASCII Char code of the text to be encrypted with the new password.
-Produces a long number string, different every time.

-can be decrypted fine every time.

What do you guys think of the method?
How do you decrypt the data if you are XOR(ing) your password with random numbers? To decrypt the program would XOR each char of the password that the user enters. How does the program know which random numbers to use?
Pages: 1 2 3