• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1575
  • Last Modified:

Simple-ish encryption of a String without unicode (using ASCII)

Hi Experts

I'm going to be converting a string of characters into a barcode format. These characters will be your standard ASCII characters, notably A-Z, 0-9 and perhaps a few symbols if possible.
The problem is, I want to encrypt this string, so that even if someone has a barcode scanner, what they scan will be gibberish. But when encrypting the string, I don't want the length of the string to increase too much because the barcode can only support a maximum number of characters. Add to this problem, I think my barcode format (PDF417) can only support ASCII and not unicode (I think a unicode character takes up a lot of space).
I'm NOT saying that the encrypted version should be the exact same length as the decrypted version.

I'm using Delphi, and need a simple encryption and decryption process please.


0
rfwoolf
Asked:
rfwoolf
  • 6
  • 3
  • 3
  • +4
4 Solutions
 
SteveBayCommented:
Free and as simple of complex as you like.
http://sourceforge.net/projects/tplockbox/
0
 
8080_DiverCommented:
Piece of cake.  Here's the basics of the process.
  1. Create a string constant that includes A-Z and 0-9 but in a scrambled order (DecryptStr);
  2. Create a second string that includes all of the characters you will need to encrypt (EncryptStr) ina different scrambled order;
  3. Create a function (EncryptIt)  that accept a string as an input value and return a string as a result value;
  4. In the EncryptIt function, you first create a numeric equivalent of the string to be encrypted by multiplying 1 by the Pos() of the first character in the EncryptStr string then continuing the multiplication  by the Pos() of each of the succeeding characters;
  5. Now that you have a numereric equivalent of the string, all you need to do is reverse the process, using the DecryptStr string and working with the modulus (i.e. the remainder after dividing by) based upon the number of characters in the DecryptStr string (and I would build the resulting string from left to right ;-);
  6. In order to decrypt the string, you build a a similar (DecryptIt) function that also accepts a string parameter and returns a string result;
  7. The DEcryptIt process uses the same processing except it first uses the Decrypt string and then uses the EncryptStr (And the Modulo arithmetic needs to be based on the number of characters in the Encrypt string), again building the string from left to right.
I can supply a basic set of these two functions if you need them (I have used them for various similar task ;-).
0
 
aikimarkCommented:
ROT13 -- expanded to accomodate your alphabet size.
0
Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

 
JohnjcesCommented:
How about something really simple using xor?

unit Crypt32;
interface
 
//const
//  StartKey	= 981;  	{Start default key}
//  MultKey	  = 12674;	{Mult default key}
//  AddKey	  = 35891;	{Add default key}
 
var
  StartKey, MultKey, AddKey : Integer;
 
function Encrypt(const InString:string; StartKey,MultKey,AddKey:Integer): string;
function Decrypt(const InString:string; StartKey,MultKey,AddKey:Integer): string;
 
implementation
 
{$R-}
{$Q-}
{*******************************************************
 * Standard Encryption algorithm - Copied from Borland *
 *******************************************************}
function Encrypt(const InString:string; StartKey,MultKey,AddKey:Integer): string;
var
  I : Byte;
begin
  Result := '';
  for I := 1 to Length(InString) do
  begin
    Result := Result + CHAR(Byte(InString[I]) xor (StartKey shr 8));
    StartKey := (Byte(Result[I]) + StartKey) * MultKey + AddKey;
  end;
end;
{*******************************************************
 * Standard Decryption algorithm - Copied from Borland *
 *******************************************************}
function Decrypt(const InString:string; StartKey,MultKey,AddKey:Integer): string;
var
  I : Byte;
begin
  Result := '';
  for I := 1 to Length(InString) do
  begin
    Result := Result + CHAR(Byte(InString[I]) xor (StartKey shr 8));
    StartKey := (Byte(InString[I]) + StartKey) * MultKey + AddKey;
  end;
end;
{$R+}
{$Q+}
 
end.

Open in new window

0
 
8080_DiverCommented:
XOR can result in some ASCII characters that are not printable and, therefore, probably not going to be within the charactersetof the Bar Codes.
For instance, XOR '0' with '7' results in a BELL character [Hex(07)]  . . . and so does 'P' XOR 'W'.
That's why I proposed an Encrypt and Decrypt string of characters that areprintable and also very probably included in the Bar Code characterset.
0
 
aikimarkCommented:
@Stevebay & Johnces

Since the encrypted string must be supported by the barcode, I don't think these suggested methods would work in this (narrow) case.

From the barcode description, a Base64 encoding wouldn't work.  We would have to take the encrypted output and create a Base36 (approx) code.

===========
@rfwoolf

Both an alphabetic substitution and a simple rotation will give you an easy, fast and reliable encryption (no change in length) that will still be represented in your barcode.  What you haven't told us is "How secure do you need this?"

If this is to thwart the mildly curious, then you have two good algorithms.  If you need stronger encryption, you will need to describe the importance/value of this string you are encrypting and to what lengths your 'spys' are willing to go to decrypt this.
0
 
Geert GOracle dbaCommented:
the main issue will be the length of your string when encrypting
if you need something that nobody understands ... just use numbers in the barcode
save your texts in a table, a column text, a column id (auto number), and a column barcode number
have a routine to generate such a number
you can even make it simple for people to understand like year/month/day/indexnr

they'll think they have figured it out and say it's the date and a index
and 98% will stop hacking

that's just the start off course, as this is the index of a record in a table
no correlation to any text or string whatsoever
and you won't have any problem with string lengths

you could let the database encrypt the text for you in the text column
0
 
aikimarkCommented:
this ROT13 code lifted from a nonexistant web page.  Notice that the alphabets have been shifted by 13 positions.
// Perform ROT13 function on a string
function sRot13 (S: string): string;
 
function sRot13 (S: string): string;
const
  upperAZ: array ['A'..'Z'] of Char = 'NOPQRSTUVWXYZABCDEFGHIJKLM';
  loweraz: array ['a'..'z'] of Char = 'nopqrstuvwxyzabcdefghijklm';
var
  i: Integer;
  s1: string;
begin
  s1 := '';
  for i := 1 to Length(S) do
  begin
    if s[i] in ['A'..'Z'] then
      s1 := s1 + upperAZ[s[i]]
    else if s[i] in ['a'..'z'] then
      s1 := s1 + loweraz[s[i]]
    else
      s1 := s1 + s[i];
  end;
  Result := s1;
end;

Open in new window

0
 
ozoCommented:
A mod 36 or mod 26 version of RC4 could preserve the length and character set without being quite as obvious as rot13
http://en.wikipedia.org/wiki/RC4#The_pseudo-random_generation_algorithm_.28PRGA.29
0
 
aikimarkCommented:
@ozo

"obvious" is the key word here.  Thus my questions about the value of data being protected and the sophistication level of attackers.  Obvious to us might be sufficiently obscured to the mildly curious.
0
 
ozoCommented:
I make no claim whether ROt13 is inadequate or RC4 is adequate for this purpose.
The key questions about the value of the data and the types of attacks it might endure are yet to be answered.
0
 
rfwoolfAuthor Commented:
I ended up using TPLockBox as recommended by SteveBay.
It isn't ideal however because it does increase my string by about 33% using Blowfish (other encryptions increased the string by even more), but I'm sure if I tinker with it some more I can get this down.
0
 
aikimarkCommented:
@rfwolf

The size increase is probably due to the encoding (Base64?) rather than the encription algorithm.
0
 
rfwoolfAuthor Commented:
Okay I need some advice - not sure exactly what to say if I open a new question...
Basically my problem persists - if I take a string and encrypt it using TLockBox II get an inflation of about 27%.
Now somebody said this is because of Base64 -- which I don't really understand, but looking at TLockbox it looks like they all use Base64.
Basically I don't mind an inflation, but maybe of 10%, not 27%.
My INPUT data is a 171-character string. After encryption it is a 236 string.
That's inflation of 65 characters or 27.5%.

Any advice please.
0
 
rfwoolfAuthor Commented:
Upon reviewing this question I can see for example ozo's comments may be helpful, but without code I simply can't try it - even pseudo-code from wikipedia.
0
 
aikimarkCommented:
@rfwoolf

It is possible/probable that an encrypted string will contain characters with ASCII values that can not be displayed, such as CR or LF.  Sometimes an ASCII 0 character might appear in the encrypted string, causing problems if stored or passed as PChar.

Base64 encoding results in a string of alphanumeric characters, which eliminates some of the problems I identified in the preceding paragraph.

For more information, see
http://en.wikipedia.org/wiki/Base64
0
 
8080_DiverCommented:
@rfwoolf ,
Now that you have accepted a solution, this thread should no longer be used.  You would need to open a new question, oribably rephrasing it so that it doesn't duplicate this one.
Over this weekend, I may be able to locate the substitution cypher unit that I used a while back.  There was little, if any, increase in the size of the text but I would need to know the full set of characters that can be represented by your bar-code software and also the full set of characters that you would need to be able to encrypt.  If you need to be able to encrypt more characters than the number available in the barcoding, then things could get somewhat complicated but that can be handled, too.  (Math, as well as SQL, is your friend. ;-)  However, like I said, this is not a 2 minute task. ;-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 6
  • 3
  • 3
  • +4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now