12 replies to this topic

[ki4jgt]

I would like some input on this encryption algorithm. What do you think? What are it's weaknesses?
Just BASIC Programming - Message Encryption (Jose's Open Source Encryption)

NOTE: I do not want to write it for the binary level yet. also, it is opensourced and licenced under the gnu gpl v3

[Alexander]

You are implementing a simple ASCII based encryption. With no sort of rounds, a cryptanalysis, or the ability to obtain the original text without the key is extremely successful.

Consider following the mathematical properties of other encryption algorithms (Blowfish, DES) and implement rounds including lookup tables if anything in to your formula (which will require binary operations), this will allow you to produce a binary result completely independent of the original plaintext in any way.

It can be represented then in Base 64 or hexadecimal, so then that the user can transport the result.

[ki4jgt]

Don't want to sound like an idiot, but what are rounds and how can I implement them?

[Alexander]

A great way to understand what you are doing and what can be done is here:
Cipher - Wikipedia, the free encyclopedia

You will notice the sample historical cipher implementation being similar to yours (text replacement), and simple to crack. Implementing ciphers, that use multiple steps (rounds) can achieve a great amount of more complexity in your algorithm. You may wish to look at some of the more modern ciphers (listed on the page as well) to get ideas on what they are and how to form a basic implementation.

There is the standard for data encryption (DES) and the specification can be found here, although it relies on complex mathematical operations, matrices and arrays that may not be able to be ran on BASIC (although I do not know, you can browse the figures and see how rounds are performed in that block cipher)
FIPS 46-2 - (DES), Data Encryption Standard

[sam_l]

Don't write your own encryption algorithm. You do not have the background or the knowledge to do so. The result will be weak and worthless.

[ki4jgt]

Thanks for the over whelming vote of confidence! That has been noted (Statistically), but I am very interested in the ability you posses to foresee the future. As the old proverb goes "anything is possible.You just have to believe." P.S. Please tell me when I'm wrong, but don't tell me I'm wrong simply because you doubt my credentials. If the entire world worked on that philosophy, we would still believe the world was flat.

[Alexander]

You learn a lot about logic, base conversion, and other mathematics not limited to the programming language you are working on, when trying to implement a basic encryption format. It is far a better way to learn about encryption, rather than reading about it. I do not get why it would be "worthless". It may take years to write one that can match a standard, but that is not the point.

If I knew more about this, I would definitely write you pseudocode. :)

[ki4jgt]

Thanks :-) you've already helped so much Alexander :-) Some how every time I visit here you're the first or second to answer my question. Good job. and thanks again.

[Upstream]

I also think that trying to make some basic encryption of your own is a nice and good way to learn. Also trying crack some basic ones (these are mostly not suitable for actual use) can be very helpful to get better an understanding of how and when to use encryption. God only knows the crazy and seemingly useless projects I’ve done like: pixels in img to morse, enigma, text replacement and much more.

It has learned me the basics knowledge about different methods like one way, public key etc. Now I know what to use and when.

[liamzebedee]

Me myself am actually trying to do precisely what you are doing. I advise you investigate into AES, a common encryption algorithm. Its pretty easy to understand and good if you want to use some of the functions from it.

[johnhardy009]

Cryptography is hard. It is hard because there are always smarter people out there who can break your home-made super-duper encryption algorithm. If you are so confident in your abilities, use your own encryption algorithms in your own applications.

[WingedPanther]

ki4jgt said:

I would like some input on this encryption algorithm. What do you think? What are it's weaknesses?
Just BASIC Programming - Message Encryption (Jose's Open Source Encryption)

NOTE: I do not want to write it for the binary level yet. also, it is opensourced and licenced under the gnu gpl v3

It's a lousy encryption method, easily broken. I've run into similar methods of encryption, and easily deduced how to decrypt them just with a little experimenting.