Solved

Encrypting a binary file

Posted on 2004-08-18
8
559 Views
Last Modified: 2013-11-15
Hi all:

I was trying to secure data going through the wire so I put the data in binary format. Now thats not secure enough....you can still see the values that noody should see so I am now trying first steps of encrypting it.

I have the following code on a windows C compiler this has to be on Linux please keep this in mind:

unsigned char aByte;

while(!feof(fptr4)){
 FilePrev = fptr4;
noofbytesread = fread(&aByte, 1, 1, fptr4);
convertedvalue = aByte ^ 189;
noofbyteswrote = fwrite(&convertedvalue, 1, 1, FilePrev);
printf("The converted value is %d\n", convertedvalue);
 }
 fclose(fptr4);
This goes into infinte loop and also on Linux compiler it complains not proper args to ^ operator.

The basic idea is right and it works. It is in the file manpulation it goes into an infinite loop. It is a simple 2 byte exclusive or.

Please help me out.

Best Regards

Sunnybrad
 
0
Comment
Question by:sunnybrad
8 Comments
 
LVL 16

Expert Comment

by:PaulCaswell
ID: 11830299
You are trying to write back to the same file you read from. You are therefore growing the file as you read it.

Try encrypting the file to a new file and then delete the old and rename the new. Its easier and quicker than trying to encrypt in-place.

Secondly, you can use:

while ( (noofbytesread = fread(&aByte, 1, 1, fptr4)) > 0 )
{
convertedvalue = aByte ^ 189;
noofbyteswrote = fwrite(&convertedvalue, 1, 1, newFile);
};

Paul
0
 

Expert Comment

by:sachin_chatekar
ID: 11831344
I agree with the above suggestion.
but what i would like to add here is that if you want to send the data over the wire..then why to store it in a file after encrypting it.
there is osmething called as runlength coding, wherein you code as you transmit the data, thats saves your memory.
so you can directly write the converted byte onto wire and save a loads of code and memory.
0
 
LVL 22

Expert Comment

by:grg99
ID: 11832354
How secure does this data have to be?

A simple xor encoding is VERY easy to break.

For example, many binary files have at least a few bytes of consecutive zeros.   Anybody looking at that will see a sequence of "189"'s and go AHA!

If the data is of any importance at all I'd suggest using some really secure encryption, like DES.

0
 
LVL 45

Expert Comment

by:sunnycoder
ID: 11838381
Paul is right on pointing out the error in your code and grg99 is spot on in pointing out the weakness.

You are currently using a very trivial encryption with a very small key. For real encryption, you need good encryption algorithm with a long key.

If you are interested in moving on to more secure methods, post back and we will try to help further
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 16

Expert Comment

by:PaulCaswell
ID: 11839147
Sunnycoder!!! Have you been on holiday?? We missed you..

I agree with sunnycoder about the depth of encryption. The point he might have missed is that there are encoding strategies that will take no more time than yours and will be MUCH more secure.

One of the classic methods of cracking codes is to count the occurrences of each code. With just this information and the assumption that you are transmitting ascii is enough to rebuild a perfect original from your scheme. Even using a different code to xor with for alternate bytes will increase your security a phenomenal amount.

Paul
0
 
LVL 45

Expert Comment

by:sunnycoder
ID: 11839236
Hi Paul,

Yes I was on vacation for a few days :-) thanks ...

Also, I feel that it is not wise to violate the first law of encryption ... Security by keeping the algorithm secret is hardly secure. And if algorithm like xoring alternate bytes is known, it is a matter of minutes before it is broken.

cheers
0
 

Author Comment

by:sunnybrad
ID: 11870868
Hi all:

I am taking the first steps towards encryption. I move to better encryption algorithms once I have this working.

I read a byte at a time from the a binary file:

noofbytesread = fread(&myByte, 1, 1, fptr4);
convertedvalue = myByte ^ 176;
noofbyteswrote = fwrite(&convertedvalue, 1, 1, fptr5);

Now once I try to decrypt the newly generated file it does on work on RadHat 7.2

Best Regards

Sunnybrad

0
 
LVL 16

Accepted Solution

by:
PaulCaswell earned 500 total points
ID: 11870909
1. What type are 'myByte' and 'convertedvalue'? They must be either 'char' or 'unsigned char'. They must have a 'sizeof' of 1.
2. Did you open fptr4 and fptr5 as binary? fptr4 = fopen ( filename, "rb" ); fptr5 = fopen ( filename, "wb" );

Paul
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Article by: Rob
Notes 8.5 Archiving Steps and Tips This article covers setting up a Notes archive, and helps understand some of the menu choices making setting up and maintaining a Notes archive file easier.
I previously wrote an article addressing the use of UBCD4WIN and SARDU. All are great, but I have always been an advocate of SARDU. Recently it was suggested that I go back and take a look at Easy2Boot in comparison.
The goal of this video is to provide viewers with basic examples to understand and use switch statements in the C programming language.
An overview on how to enroll an hourly employee into the employee database and how to give them access into the clock in terminal.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now