Simple Encription

I have a login page that uses will be accessing through a Pocket Windows 2003 PDA/Hand Scanner.  I am wanting to make Badges that they can scan to authenticate them.  Right now i have them assigned a username and password.  I want to make a VERY simple encription so they cant easily get others ID and Pass out of these badges.

I want this to contain the username and password. This will be one barcode in a badge (3 of 9 barcode).

I was thinking something like this string here:

BadgeID = Username & "+" & Password

So the final string would look like this:

"kmorris+12345"

i just dont know how i can easily encript this on the badge.

I need to encript this, because they can (if they wanted to) open a notepad on the device, and scan another badge and get their information.

The only way i know how to do this, is get the ASC equvilent, and add like +5 to that...

Any better ideas?
LVL 7
kmorris1186Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jmelikaCommented:
You might want to encrypt that data using something like this:
http://www.4guysfromrolla.com/webtech/010100-1.shtml

Good luck!
JM
0
kmorris1186Author Commented:
I was able to play with that, but it outputs a lot of characters that are not Code 3 of 9 friendly. I need somthing that is just slightly encoded, and not readable by the average user.  Here is what and example of the test data i used is:

á¶Qâ-“—EU£Œv

I am not even sure if this is going to display right on the browser.

Any ideas on simple encryption that is Code 3 of 9 friendly?

These are the only characters that it can support:

Its character set is composed of '0' to '9', 'A' to 'Z', SPACE, '*', '$', '/', '+', '-', '.', '%'
pulled from this page:
http://www.bokai.com/BarcodeActiveX/AllBarcodes.htm#code39
0
kmorris1186Author Commented:
Well, i ended up using the ASC and HEX method as slight encryption.

Function EnCrypt(CryptText)
      ilegnth = Len(CryptText)
      For I = 1 to ilegnth
            EncChar = hex(asc(mid(CryptText, I, 1)))
            EncString = EncString & EncChar & ","
      Next
      If Right(EncString, 1) = "," then
            EncString = Mid(EncString, 1, Len(EncString) - 1)
      End If
      EnCrypt = EncString
End Function

The only thing i have agaisnt this, is the resulting badge would look like this:
6B,6D,6F,72,72,69,73,2B,6B,33,21,74,68,31,32,33
But in Barcode Form.

The hand scanner can only see 55 characters.

That is right borderline with the limit, at 47 chars.

I will leave this question open for a few days to see if i get any more responses.

jmelika  - Thanks for the help, but it just didnt work out correctly.  I may need that in the future though =)


0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

jmelikaCommented:
Not a problem.  We're all here to learn from one another.

How about this idea:

old_string = BadgeID
for i = 0 to len(old_string)
  new_String = new_String & Chr(Asc(Mid(old_string,i,1))+1)
next

The above code will change each character to the next character in the alphabet.  It's not the greatest, but it does the job of hiding the real thing ;).  You can of course get creative and change it to more than just the very next character; for example, make it three characters, or four :)

Good luck!
JM
0
kmorris1186Author Commented:
Thanks! I have seen examples that do this (i actually remember doing this in my VB Step by Step book).
0
jmelikaCommented:
Not really sure if that means it'll work for you :)

Here is a link of another encryption script that can be implemented.  Let us know if it worked for you.
http://divbyzero.com/PHP/view-source.php?s=../ASP/encrypt/encrypt.asp

JM
0
kmorris1186Author Commented:
Well, i have already ran into a problem.  The scanner documentation SAYS it can read a barcode that is 55 chars long, but it doesnt appear that way... Plus, the size of the barcode is too long to fit nicely on a badge..

I may have to dump the encryption all together..
0
kmorris1186Author Commented:
just one problem with the code you linked too... That isnt VBScript!

Looks like Javascript.

Can i call functions between 2 different languages?
0
jmelikaCommented:
when you say it doesn't appear that way, what exactly do you mean?  How many characters did you figure it could handle?

I think you will run into a problem no matter what, if you continue to use username+password as the barcode.  I usually use very long passwords.  If you leave the limit up to the user, you are bound to get hit with an issue later down the road.

Have you considered using a reference in a DB table?  For example, setup a script to select a random number (long number) as the BARCODE column in the profile table.  When you create a new profile, it generates a new BARCODE number for them that you can use to put on the badge.

I have used something like that when I had to randomize filenames.  Here is a sample:

BARCODE = Int((9999999999 * Rnd) + 1)

Good luck!
JM
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
kmorris1186Author Commented:
I havent thought of that.  Each user in the DB does have their own user ID (primary Key, Increment from 1, int).

I could though that into a barcode (with some added junk in the barcode just so it will be a little longer then 2 chars).
0
jmelikaCommented:
Unless the "junk" is static (UserID & 12345), you won't be able to decrypt the badge code.  For example, you'd have to expect every barcode to end with 12345, and the badge is for the UserID with the numbers before the 12345.

I'd put a Barcode column in the database for each user and make it a random number added to the UserID.  That way the badge barcode is stored in your database so you can read it and know whose badge it is.  Makes sense?

JM
0
kmorris1186Author Commented:
yeah, i gotcha.  I will definetly have to implement this.  Thanks!
0
kmorris1186Author Commented:
I accepted your answer, because it was a better solution then what i was trying to do.

I wont be able to implement this until tomorrow though.

I have no doubt that it will work, so i accepted now.

Thanks man!
0
jmelikaCommented:
Thank you and good luck!
JM
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
ASP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.