ggets
asked on
Crack This Encryption Routine!!
Hi All..
I have written a simple text encryption routine and need to know if its easy or hard to crack. Its not a good idea to assume that you have written a good encryption routine, so would like some people to test it and let me know. I need to be sure its worth more than the paper its written on :-)
Please download the encryption test rountine from this page http://www.greentree.co.za/encrypt.htm
and contact me at ggets@greentree.co.za.
Thanks
PS : the first person to crack the routine and supply details on exactly how they did it will get the points.
I have written a simple text encryption routine and need to know if its easy or hard to crack. Its not a good idea to assume that you have written a good encryption routine, so would like some people to test it and let me know. I need to be sure its worth more than the paper its written on :-)
Please download the encryption test rountine from this page http://www.greentree.co.za/encrypt.htm
and contact me at ggets@greentree.co.za.
Thanks
PS : the first person to crack the routine and supply details on exactly how they did it will get the points.
ASKER
Hi..
Thanks for your input. I do not use the time or date in the algoruthm, but the rest is close.
I am keen to see if someone does crack it.
Again, thanks for the input..
Thanks for your input. I do not use the time or date in the algoruthm, but the rest is close.
I am keen to see if someone does crack it.
Again, thanks for the input..
ASKER
PS : there are some other tricks applied in this routine, otherwise it would only take a few min to crack.
Note that random uses time to generate numbers.
I will try to solve it. Talk to u later.
I will try to solve it. Talk to u later.
When you crypt a text you obtain some chars ranged 0..9 and A..F, so it is normal that encrypted text is larger than the original text, but in looking closer i've seen that wasn't exactly twice the size of the text...
Then i decide to increment the size of the text and i seen that the crypted text increments by 2 in same time.
After that i tried to make some little variations to the text and to the password but the encrypted text always look completely different.
After playing with the prog i notice that encrypting twice the same text, you didn't get the same encrypted text.
So i decide to look the decryption phase that is evidently unique.
After that i noticed that encrypting with the password AAB is the same that with AABAAB.
I thought the password is certainly expanded to the size of the text before crypting it.
Then in manipulating encrypted text i made some remarks :
- changing the first two chars change the first char of the decrypted text and so on.
- some chars aren't useful.
With the password A the two encrypted texts :
1F0CDD1DFD1E4DF1F0
1F0CDD1D---E4-----
give us "Text".
So there is 2 chars of "salt" and 8 other (random or control) chars.
It gives 256 different encrypted texts.
I took different encrypted text :
5B489959---A0-----
584B9A5A---90-----
485B8A4A---91-----
If you compare the two last you easily guess that the first nibble of the salt is XORed to the second nibble of the crypted text.
With the two first and in the same way, the second nibble is XORed to the first nibble of the encrypted text.
So you deduce a encrypted text with a null salt : 51429353---00-----
I changed the encrypted text to 51515050---00-----.
I changed the password to "A" and i obtain "TTDD"
I changed the password to "T" and i obtain "AAQQ".
I changed the password to "Q" and i obtain "DDTT".
It was obvious that the operation used is XOR but how ?
With the password "A" (41h)
51 ---> 54
50 ---> 44
With the password "T" (54h)
51 ---> 41
50 ---> 51
With the password "Q" (51h)
51 ---> 44
50 ---> 54
That is very simple in fact, you swap the two nibbles then you XOR the password.
So to crypt a text :
1. Rotate the password to the left of 1 char.
2. Take the password, expand it to the size of the text by repeating it.
4. Xor all the char of the text with the chars of the password.
5. Choose a number between 0 and 255 (salt) you XOR it with each char of the text.
6. Swap the nibbles of each char of the text.
7. Then add 3 nibbles, the salt, and 5 nibbles.
Example :
Text : This is a text
Password : ABC
Text : 54 68 69 73 20 69 73 20 61 20 74 65 78 74
Password : 41 42 43
1.
Password : ABC
Text : 54 68 69 73 20 69 73 20 61 20 74 65 78 74
Password : 42 43 41
2.
Password : BCABCABCABCABC
Text : 54 68 69 73 20 69 73 20 61 20 74 65 78 74
Password : 42 43 41 42 43 41 42 43 41 42 43 41 42 43
4.
Text : 16 2B 28 31 63 28 31 63 20 62 37 24 3A 37
4.
Salt : 13
Text : 05 38 3B 22 70 3B 22 70 33 71 24 37 29 24
5.
Text : 50 83 B3 22 07 B3 22 07 33 17 42 73 92 42
6.
Text : 50 83 B3 22 07 B3 22 07 33 17 42 73 92 42 -- -1 3- -- --
Then i decide to increment the size of the text and i seen that the crypted text increments by 2 in same time.
After that i tried to make some little variations to the text and to the password but the encrypted text always look completely different.
After playing with the prog i notice that encrypting twice the same text, you didn't get the same encrypted text.
So i decide to look the decryption phase that is evidently unique.
After that i noticed that encrypting with the password AAB is the same that with AABAAB.
I thought the password is certainly expanded to the size of the text before crypting it.
Then in manipulating encrypted text i made some remarks :
- changing the first two chars change the first char of the decrypted text and so on.
- some chars aren't useful.
With the password A the two encrypted texts :
1F0CDD1DFD1E4DF1F0
1F0CDD1D---E4-----
give us "Text".
So there is 2 chars of "salt" and 8 other (random or control) chars.
It gives 256 different encrypted texts.
I took different encrypted text :
5B489959---A0-----
584B9A5A---90-----
485B8A4A---91-----
If you compare the two last you easily guess that the first nibble of the salt is XORed to the second nibble of the crypted text.
With the two first and in the same way, the second nibble is XORed to the first nibble of the encrypted text.
So you deduce a encrypted text with a null salt : 51429353---00-----
I changed the encrypted text to 51515050---00-----.
I changed the password to "A" and i obtain "TTDD"
I changed the password to "T" and i obtain "AAQQ".
I changed the password to "Q" and i obtain "DDTT".
It was obvious that the operation used is XOR but how ?
With the password "A" (41h)
51 ---> 54
50 ---> 44
With the password "T" (54h)
51 ---> 41
50 ---> 51
With the password "Q" (51h)
51 ---> 44
50 ---> 54
That is very simple in fact, you swap the two nibbles then you XOR the password.
So to crypt a text :
1. Rotate the password to the left of 1 char.
2. Take the password, expand it to the size of the text by repeating it.
4. Xor all the char of the text with the chars of the password.
5. Choose a number between 0 and 255 (salt) you XOR it with each char of the text.
6. Swap the nibbles of each char of the text.
7. Then add 3 nibbles, the salt, and 5 nibbles.
Example :
Text : This is a text
Password : ABC
Text : 54 68 69 73 20 69 73 20 61 20 74 65 78 74
Password : 41 42 43
1.
Password : ABC
Text : 54 68 69 73 20 69 73 20 61 20 74 65 78 74
Password : 42 43 41
2.
Password : BCABCABCABCABC
Text : 54 68 69 73 20 69 73 20 61 20 74 65 78 74
Password : 42 43 41 42 43 41 42 43 41 42 43 41 42 43
4.
Text : 16 2B 28 31 63 28 31 63 20 62 37 24 3A 37
4.
Salt : 13
Text : 05 38 3B 22 70 3B 22 70 33 71 24 37 29 24
5.
Text : 50 83 B3 22 07 B3 22 07 33 17 42 73 92 42
6.
Text : 50 83 B3 22 07 B3 22 07 33 17 42 73 92 42 -- -1 3- -- --
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well done abel....
HOw long did it take you - I hope not more than 5 Min.
Guess I will have to think of something else... I have a few other ideas.
I think that hiding the random number in the text is a bad idea. I also thought that swapping the nibbles would really throw you off - but then again, as I said, never assumen anything.
Maybe I should just use some tried and trusted routines, but I would like to come up with something different, authough using xor and password are not very different.
Still, Thanks a lot for cracking it. I guess :-)
HOw long did it take you - I hope not more than 5 Min.
Guess I will have to think of something else... I have a few other ideas.
I think that hiding the random number in the text is a bad idea. I also thought that swapping the nibbles would really throw you off - but then again, as I said, never assumen anything.
Maybe I should just use some tried and trusted routines, but I would like to come up with something different, authough using xor and password are not very different.
Still, Thanks a lot for cracking it. I guess :-)
Oops! I think you awarded the wrong guy. BJZ should have the credits, he was faster than I.
The time I spend cracking was over 8 hours, but I never did anything with encrypting before, so I guess somebody else should've been faster. I was getting close, but missed the Xor operation. I never really cracked it myself.
The time I spend cracking was over 8 hours, but I never did anything with encrypting before, so I guess somebody else should've been faster. I was getting close, but missed the Xor operation. I never really cracked it myself.
As long as somebody doesn't have the password, I don't see how you can get it out. But when people use normal words as passwords and the strings encrypted are "normal' strings, you can easily hack into it.
There is a lot written about encryption. I personnally use a simple encryption technique for hiding not too sensitive data (like semi-public FTP-passwords, they are send unencrypted over the internet anyway).
The functions below can be used in a module in VB, but I think you don't use VB but Delphi or so. But you must be able to easily translate it into any other language. It uses two special key-numbers, and the previously stored character for Xor-ing and a crypt-key (that itself should better be stored encrypted...). You can combine this with a password if you like.
If anybody finds the cryptkey in the executable, a hacker doesn't need to be very smart to figure out the rest, but as long as the cryptkey is not found, it will take a long time (I hope).
Although I altered the code a little, you can find this function explained in detail on devx.com.
Option Explicit
Private Const sCryptKey As String = "kj|^*&(MjR!3(:Qui[8(*$,k|
Public Function Decrypt(CipherText As String) As String
'Wrapper for EncryptDecrypt
Dim sPlainText As String
EncryptDecrypt sPlainText, CipherText, sCryptKey
Decrypt = sPlainText
End Function
Public Function Encrypt(PlainText As String)
'Wrapper for EncryptDecrypt
Dim sCipherText As String
EncryptDecrypt PlainText, sCipherText, sCryptKey
Encrypt = sCipherText
End Function
Public Function BinHex(BinStr As String) As String
'BinHex: convert binary string to base-16
Dim Result As String, i As Integer
For i = 1 To Len(BinStr)
Result = Result & Right("00" & _
Hex(Asc(Mid(BinStr, i, 1))), 2)
Next i
BinHex = Result
End Function
Public Function HexBin(HexStr As String) As String
'HexBin: convert hex pairs to binary string
Dim Result As String, i As Integer
For i = 1 To Len(HexStr) Step 2
Result = Result & Chr(Val("&H" & _
Mid(HexStr, i, 2)))
Next i
HexBin = Result
End Function
Public Sub EncryptDecrypt(PlainText As String, CipherText As String, KeyValue As String)
Dim i As Long, Prev As Integer, Result As String
Dim Char As Integer, KeyIndex As Integer
Dim KeyLen As Integer, TextValue As String
Dim NewChar As Integer, fEncrypting As Integer
Dim KeyChar() As Integer
'Magic values used for en/decryption.
Const MAGIC1 As Byte = 112
Const MAGIC2 As Long = 6
'Determine if we're encrypting or decrypting
If Len(PlainText) > 0 Then
fEncrypting = True
TextValue = PlainText
Else
TextValue = CipherText
End If
'Initialize 'previous character' value, index into key string and length of key
Prev = MAGIC1
KeyIndex = 1
KeyLen = Len(KeyValue)
'Convert key string to array
ReDim KeyChar(KeyLen)
For i = 1 To KeyLen
KeyChar(i) = Asc(Mid(KeyValue, i, 1))
Next i
'Actual en/decryption loop
For i = 1 To Len(TextValue)
Char = Asc(Mid(TextValue, i, 1))
Debug.Assert Char < 255
NewChar = Char Xor KeyChar(KeyIndex) Xor Prev Xor ((i / MAGIC2) Mod 255)
Result = Result & Chr(NewChar)
If fEncrypting Then
Prev = Char
Else
Prev = NewChar
End If
KeyIndex = KeyIndex + 1
If KeyIndex > KeyLen Then
KeyIndex = 1
End If
Next i
'Return result to caller
If fEncrypting Then
CipherText = Result
Else
PlainText = Result
End If
End Sub
There is a lot written about encryption. I personnally use a simple encryption technique for hiding not too sensitive data (like semi-public FTP-passwords, they are send unencrypted over the internet anyway).
The functions below can be used in a module in VB, but I think you don't use VB but Delphi or so. But you must be able to easily translate it into any other language. It uses two special key-numbers, and the previously stored character for Xor-ing and a crypt-key (that itself should better be stored encrypted...). You can combine this with a password if you like.
If anybody finds the cryptkey in the executable, a hacker doesn't need to be very smart to figure out the rest, but as long as the cryptkey is not found, it will take a long time (I hope).
Although I altered the code a little, you can find this function explained in detail on devx.com.
Option Explicit
Private Const sCryptKey As String = "kj|^*&(MjR!3(:Qui[8(*$,k|
Public Function Decrypt(CipherText As String) As String
'Wrapper for EncryptDecrypt
Dim sPlainText As String
EncryptDecrypt sPlainText, CipherText, sCryptKey
Decrypt = sPlainText
End Function
Public Function Encrypt(PlainText As String)
'Wrapper for EncryptDecrypt
Dim sCipherText As String
EncryptDecrypt PlainText, sCipherText, sCryptKey
Encrypt = sCipherText
End Function
Public Function BinHex(BinStr As String) As String
'BinHex: convert binary string to base-16
Dim Result As String, i As Integer
For i = 1 To Len(BinStr)
Result = Result & Right("00" & _
Hex(Asc(Mid(BinStr, i, 1))), 2)
Next i
BinHex = Result
End Function
Public Function HexBin(HexStr As String) As String
'HexBin: convert hex pairs to binary string
Dim Result As String, i As Integer
For i = 1 To Len(HexStr) Step 2
Result = Result & Chr(Val("&H" & _
Mid(HexStr, i, 2)))
Next i
HexBin = Result
End Function
Public Sub EncryptDecrypt(PlainText As String, CipherText As String, KeyValue As String)
Dim i As Long, Prev As Integer, Result As String
Dim Char As Integer, KeyIndex As Integer
Dim KeyLen As Integer, TextValue As String
Dim NewChar As Integer, fEncrypting As Integer
Dim KeyChar() As Integer
'Magic values used for en/decryption.
Const MAGIC1 As Byte = 112
Const MAGIC2 As Long = 6
'Determine if we're encrypting or decrypting
If Len(PlainText) > 0 Then
fEncrypting = True
TextValue = PlainText
Else
TextValue = CipherText
End If
'Initialize 'previous character' value, index into key string and length of key
Prev = MAGIC1
KeyIndex = 1
KeyLen = Len(KeyValue)
'Convert key string to array
ReDim KeyChar(KeyLen)
For i = 1 To KeyLen
KeyChar(i) = Asc(Mid(KeyValue, i, 1))
Next i
'Actual en/decryption loop
For i = 1 To Len(TextValue)
Char = Asc(Mid(TextValue, i, 1))
Debug.Assert Char < 255
NewChar = Char Xor KeyChar(KeyIndex) Xor Prev Xor ((i / MAGIC2) Mod 255)
Result = Result & Chr(NewChar)
If fEncrypting Then
Prev = Char
Else
Prev = NewChar
End If
KeyIndex = KeyIndex + 1
If KeyIndex > KeyLen Then
KeyIndex = 1
End If
Next i
'Return result to caller
If fEncrypting Then
CipherText = Result
Else
PlainText = Result
End If
End Sub
ASKER
Applogies BJZ
I will email EE and ask then to reverse the answer and award it to you.
Thanks again
I will email EE and ask then to reverse the answer and award it to you.
Thanks again
BJZ: Please see this: https://www.experts-exchange.com/jsp/qManageQuestion.jsp?ta=progsoftgen&qid=20129423
* You are "adding" the password during the encryption, after moving around the "digits". During the decryption, you are undoing this action...
* The password is not contained in the encrypted value itself.
* You are using some hex representation of the caracters, thus every character needs 2 characters for the encrypted version.
* You are using the time (probably seconds/milliseconds) to encrypt your data, which can be easily seen when you click several times on the encrypt button without changing the data nor the password.
* You use 10 characters for overhead, most probably to store the timestamp and "hide" the encrypted data.
Given that i do not consider myself a "hacker", you can throw your encryption away, as the rest will only take few time to find the full algorythm.
Sorry