Solved

Simple-ish encryption of a String without unicode (using ASCII)

Posted on 2009-07-01
17
1,257 Views
Last Modified: 2012-06-21
Hi Experts

I'm going to be converting a string of characters into a barcode format. These characters will be your standard ASCII characters, notably A-Z, 0-9 and perhaps a few symbols if possible.
The problem is, I want to encrypt this string, so that even if someone has a barcode scanner, what they scan will be gibberish. But when encrypting the string, I don't want the length of the string to increase too much because the barcode can only support a maximum number of characters. Add to this problem, I think my barcode format (PDF417) can only support ASCII and not unicode (I think a unicode character takes up a lot of space).
I'm NOT saying that the encrypted version should be the exact same length as the decrypted version.

I'm using Delphi, and need a simple encryption and decryption process please.


0
Comment
Question by:rfwoolf
  • 6
  • 3
  • 3
  • +4
17 Comments
 
LVL 14

Accepted Solution

by:
SteveBay earned 350 total points
ID: 24756861
Free and as simple of complex as you like.
http://sourceforge.net/projects/tplockbox/
0
 
LVL 22

Assisted Solution

by:8080_Diver
8080_Diver earned 25 total points
ID: 24756954
Piece of cake.  Here's the basics of the process.
  1. Create a string constant that includes A-Z and 0-9 but in a scrambled order (DecryptStr);
  2. Create a second string that includes all of the characters you will need to encrypt (EncryptStr) ina different scrambled order;
  3. Create a function (EncryptIt)  that accept a string as an input value and return a string as a result value;
  4. In the EncryptIt function, you first create a numeric equivalent of the string to be encrypted by multiplying 1 by the Pos() of the first character in the EncryptStr string then continuing the multiplication  by the Pos() of each of the succeeding characters;
  5. Now that you have a numereric equivalent of the string, all you need to do is reverse the process, using the DecryptStr string and working with the modulus (i.e. the remainder after dividing by) based upon the number of characters in the DecryptStr string (and I would build the resulting string from left to right ;-);
  6. In order to decrypt the string, you build a a similar (DecryptIt) function that also accepts a string parameter and returns a string result;
  7. The DEcryptIt process uses the same processing except it first uses the Decrypt string and then uses the EncryptStr (And the Modulo arithmetic needs to be based on the number of characters in the Encrypt string), again building the string from left to right.
I can supply a basic set of these two functions if you need them (I have used them for various similar task ;-).
0
 
LVL 45

Expert Comment

by:aikimark
ID: 24757578
ROT13 -- expanded to accomodate your alphabet size.
0
 
LVL 18

Expert Comment

by:Johnjces
ID: 24758169
How about something really simple using xor?

unit Crypt32;

interface
 

//const

//  StartKey	= 981;  	{Start default key}

//  MultKey	  = 12674;	{Mult default key}

//  AddKey	  = 35891;	{Add default key}
 

var

  StartKey, MultKey, AddKey : Integer;
 

function Encrypt(const InString:string; StartKey,MultKey,AddKey:Integer): string;

function Decrypt(const InString:string; StartKey,MultKey,AddKey:Integer): string;
 

implementation
 

{$R-}

{$Q-}

{*******************************************************

 * Standard Encryption algorithm - Copied from Borland *

 *******************************************************}

function Encrypt(const InString:string; StartKey,MultKey,AddKey:Integer): string;

var

  I : Byte;

begin

  Result := '';

  for I := 1 to Length(InString) do

  begin

    Result := Result + CHAR(Byte(InString[I]) xor (StartKey shr 8));

    StartKey := (Byte(Result[I]) + StartKey) * MultKey + AddKey;

  end;

end;

{*******************************************************

 * Standard Decryption algorithm - Copied from Borland *

 *******************************************************}

function Decrypt(const InString:string; StartKey,MultKey,AddKey:Integer): string;

var

  I : Byte;

begin

  Result := '';

  for I := 1 to Length(InString) do

  begin

    Result := Result + CHAR(Byte(InString[I]) xor (StartKey shr 8));

    StartKey := (Byte(InString[I]) + StartKey) * MultKey + AddKey;

  end;

end;

{$R+}

{$Q+}
 

end.

Open in new window

0
 
LVL 22

Expert Comment

by:8080_Diver
ID: 24758320
XOR can result in some ASCII characters that are not printable and, therefore, probably not going to be within the charactersetof the Bar Codes.
For instance, XOR '0' with '7' results in a BELL character [Hex(07)]  . . . and so does 'P' XOR 'W'.
That's why I proposed an Encrypt and Decrypt string of characters that areprintable and also very probably included in the Bar Code characterset.
0
 
LVL 45

Assisted Solution

by:aikimark
aikimark earned 125 total points
ID: 24758391
@Stevebay & Johnces

Since the encrypted string must be supported by the barcode, I don't think these suggested methods would work in this (narrow) case.

From the barcode description, a Base64 encoding wouldn't work.  We would have to take the encrypted output and create a Base36 (approx) code.

===========
@rfwoolf

Both an alphabetic substitution and a simple rotation will give you an easy, fast and reliable encryption (no change in length) that will still be represented in your barcode.  What you haven't told us is "How secure do you need this?"

If this is to thwart the mildly curious, then you have two good algorithms.  If you need stronger encryption, you will need to describe the importance/value of this string you are encrypting and to what lengths your 'spys' are willing to go to decrypt this.
0
 
LVL 36

Expert Comment

by:Geert Gruwez
ID: 24760658
the main issue will be the length of your string when encrypting
if you need something that nobody understands ... just use numbers in the barcode
save your texts in a table, a column text, a column id (auto number), and a column barcode number
have a routine to generate such a number
you can even make it simple for people to understand like year/month/day/indexnr

they'll think they have figured it out and say it's the date and a index
and 98% will stop hacking

that's just the start off course, as this is the index of a record in a table
no correlation to any text or string whatsoever
and you won't have any problem with string lengths

you could let the database encrypt the text for you in the text column
0
 
LVL 45

Assisted Solution

by:aikimark
aikimark earned 125 total points
ID: 24762664
this ROT13 code lifted from a nonexistant web page.  Notice that the alphabets have been shifted by 13 positions.
// Perform ROT13 function on a string

function sRot13 (S: string): string;
 

function sRot13 (S: string): string;

const

  upperAZ: array ['A'..'Z'] of Char = 'NOPQRSTUVWXYZABCDEFGHIJKLM';

  loweraz: array ['a'..'z'] of Char = 'nopqrstuvwxyzabcdefghijklm';

var

  i: Integer;

  s1: string;

begin

  s1 := '';

  for i := 1 to Length(S) do

  begin

    if s[i] in ['A'..'Z'] then

      s1 := s1 + upperAZ[s[i]]

    else if s[i] in ['a'..'z'] then

      s1 := s1 + loweraz[s[i]]

    else

      s1 := s1 + s[i];

  end;

  Result := s1;

end;

Open in new window

0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 84

Expert Comment

by:ozo
ID: 24767252
A mod 36 or mod 26 version of RC4 could preserve the length and character set without being quite as obvious as rot13
http://en.wikipedia.org/wiki/RC4#The_pseudo-random_generation_algorithm_.28PRGA.29
0
 
LVL 45

Expert Comment

by:aikimark
ID: 24767714
@ozo

"obvious" is the key word here.  Thus my questions about the value of data being protected and the sophistication level of attackers.  Obvious to us might be sufficiently obscured to the mildly curious.
0
 
LVL 84

Expert Comment

by:ozo
ID: 24767889
I make no claim whether ROt13 is inadequate or RC4 is adequate for this purpose.
The key questions about the value of the data and the types of attacks it might endure are yet to be answered.
0
 
LVL 13

Author Comment

by:rfwoolf
ID: 24867729
I ended up using TPLockBox as recommended by SteveBay.
It isn't ideal however because it does increase my string by about 33% using Blowfish (other encryptions increased the string by even more), but I'm sure if I tinker with it some more I can get this down.
0
 
LVL 45

Expert Comment

by:aikimark
ID: 24868906
@rfwolf

The size increase is probably due to the encoding (Base64?) rather than the encription algorithm.
0
 
LVL 13

Author Comment

by:rfwoolf
ID: 25323730
Okay I need some advice - not sure exactly what to say if I open a new question...
Basically my problem persists - if I take a string and encrypt it using TLockBox II get an inflation of about 27%.
Now somebody said this is because of Base64 -- which I don't really understand, but looking at TLockbox it looks like they all use Base64.
Basically I don't mind an inflation, but maybe of 10%, not 27%.
My INPUT data is a 171-character string. After encryption it is a 236 string.
That's inflation of 65 characters or 27.5%.

Any advice please.
0
 
LVL 13

Author Comment

by:rfwoolf
ID: 25323949
Upon reviewing this question I can see for example ozo's comments may be helpful, but without code I simply can't try it - even pseudo-code from wikipedia.
0
 
LVL 45

Expert Comment

by:aikimark
ID: 25352979
@rfwoolf

It is possible/probable that an encrypted string will contain characters with ASCII values that can not be displayed, such as CR or LF.  Sometimes an ASCII 0 character might appear in the encrypted string, causing problems if stored or passed as PChar.

Base64 encoding results in a string of alphanumeric characters, which eliminates some of the problems I identified in the preceding paragraph.

For more information, see
http://en.wikipedia.org/wiki/Base64
0
 
LVL 22

Expert Comment

by:8080_Diver
ID: 25357247
@rfwoolf ,
Now that you have accepted a solution, this thread should no longer be used.  You would need to open a new question, oribably rephrasing it so that it doesn't duplicate this one.
Over this weekend, I may be able to locate the substitution cypher unit that I used a while back.  There was little, if any, increase in the size of the text but I would need to know the full set of characters that can be represented by your bar-code software and also the full set of characters that you would need to be able to encrypt.  If you need to be able to encrypt more characters than the number available in the barcoding, then things could get somewhat complicated but that can be handled, too.  (Math, as well as SQL, is your friend. ;-)  However, like I said, this is not a 2 minute task. ;-)
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

There are many reasons malware will stay around and continue to grow as a business.  The biggest reason is the expanding customer base.  More than 40% of people who are infected with ransomware, pay the ransom.  That makes ransomware a multi-million…
Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now