Solved

encryption algorithm (urgent)

Posted on 2003-11-24
5
407 Views
Last Modified: 2010-04-17
yo im making my own (stream) encryption algorithm which is basically

for 0<=x<=length of text to be encrypted

text character(x) is xored by every pass character in turn

text character(x) is xored by the length of the entire password

text character(x) is xored by 1 pass character which rotates (i.e. the x th pass character mod the length of the password)

my problem is: if the password is longer than the text, the order of the excess of the password does not matter i.e.

text: ab
pass: 12345678

the incorrect pass: 12876543 will sucessfully decrypt the ciphertext :(

plz list ANY ideaz coz i really need to have this finished REALLY soon

thankz

suma
0
Comment
Question by:suma_ds
  • 2
  • 2
5 Comments
 
LVL 22

Expert Comment

by:cookre
Comment Utility
If the text to be encrypted is shorter than the key, why not pad the text out?

Or, consider the following.  So short a piece of plain text, in and of itself, should never carry much import, as a brute force and ignorance attack is quickly successful.  For example, not even the greenest security officer would every condone such a short, say, password for even the least userid.

0
 
LVL 1

Author Comment

by:suma_ds
Comment Utility
ok i have tried padding the text but this does not increase security,  for example

text: abcd

pass: 12345678

padded text abcd0000

incorrect pass: 12348765

plaintext produced from decrypting with incorrect pass: abcdXXXX (X stands for any character)

this does not solve the problem coz it will be very obvious that the X's are just padding

0
 
LVL 22

Accepted Solution

by:
cookre earned 125 total points
Comment Utility
Hence the comment about little security for short plain text.

Now, if the recipient knows the good part is just, in this case, two bytes, and the cracker doesn't, padding with randomized instances of the plain text (e.g., abbbabaa) would make the crackers life a tad more difficult.

<justthinkingoutloud>
I wonder if you'd have the same problem with something like:

taking the stream in chunks of password length (padded if needed):

a <- chunk XOR password
a <- leftcircularshift(a,1)

a <- ak XOR password
a <- leftcircularshift(a,1)

a <- ak XOR password
a <- leftcircularshift(a,1)

with the decrypt being:

a <- rightcircularshift(chunk,1)
a <- a XOR password

a <- rightcircularshift(a,1)
a <- a XOR password

a <- rightcircularshift(a,1)
a <- a XOR password
</justthinkingoutloud>
0
 
LVL 84

Expert Comment

by:ozo
Comment Utility
xoring with a password is a very weak encryption system even whenmodified to avoid the above problems
Here is a list of some stronger encryption algorithms
http://www.ssh.fi/support/cryptography/algorithms/symmetric.html
0
 
LVL 1

Author Comment

by:suma_ds
Comment Utility
thankz cookre... that should work heaps good :)
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

RIA (Rich Internet Application) tools are interactive internet applications which have many of the characteristics of desktop applications. The RIA tools typically deliver output either by the way of a site-specific browser or via browser plug-in. T…
This is about my first experience with programming Arduino.
In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now