Quote:I have been sitting here pondering what the best encryption algorithm might be. I am talking about an algorithm that is nearly impossible to decrypt. Anybody have any really good algorithms?[/code]
one way is...get a good (crypto-quality) hash function, and a good (crypto-quality) Pseudo random number generator. Your hash function should have the following characteristics:
low probability of collisions
non-feasable to find data that hashes to a particular value
The PRNG should have the following features:
statistically random output
does not leak internal state at a rate that would be useful for attackers (ie internal state cannot be determined from long runs of output)
once you have good hash and PRNG functions, you could build a system like the following...
to encrypt:
1 get password to encrypt file
2 hash the password
3 hash the file
4 seed the PRNG with 2 & 3
5 encrypt the file by combining file data with PRNG output
6 hash the encrypted file
7 seed a second PRNG with 2 & 6
8 encrypt 3 with 7
9 write the encrypted composit consisting of 8 & 5
To unencrypt...
1 get password
2 hash password
parse the encrypted composit file into:
3 the encrypted hash of the original file
4 the encrypted file
5 hash 4
6 seed a PRNG with 2 & 5
7 unencrypt 3 with 6
8 hash 7
9 seed a second PRNG with 2 & 8
10 unencrypt 4 with 9
Which would offer data integrity and authentication. The security of this type of system rests on the security of the password. If you make it costly to test each password, (eg takes several seconds of processing to seed the PRNG) then you should be pretty good, even if you don't want to use a very long password. Another thing that this kind of scheme does is...even if an attacker has a plaintext/cyphertext pair, he can't recover your password, or attack another file encrypted using the same password.
The pitfalls are many...and the learned folk on the sci.crypt newsgroup generally reccomend against "rolling your own", and reccomend using techniques that are "tried and true". I've rolled one in c++...currently at
<Version 1060> ...that works...it's a console app but it's easy to use in windows...just "drag-n-drop" or "send-to" files to the exe and it launches and prompts for passwords, etc. I've had fun making the system, and have learned tons, but don't expect people to give you praise for your work. Instead, people with knowledge will PooPoo your efforts, call it "snake-oil" and worse, and no one else will care...however, I encourage you to learn about, plan, and implement crypto...it's challenging and interesting.
Good luck.