Solved

Help with my simple encryption code

Posted on 2013-06-17
5
395 Views
Last Modified: 2013-06-18
This is a simple character substitution encryption program I am writing. My main goal is to avoid a cracker from de-compiling and seeing the correct password in the de-compiled code.

Programs such as OLLY and IDA will provide a list of strings used in a program, and I want to avoid this.

My program will ultimately compare the correct password ENCRYPTED to what the user entered. So if decompiled, they will see the ENCRYPTED string, not the correct password.

How my encryption works: Get the user entered character, find it in cypherPhrase. Then user keyPhrase[index of cypherPhrase] as the encrypted character.

That being said, I am getting this error: INVALID TYPES CHAR[INT] FOR ARRAY SUBSCRIPT on line 97:

userCombination[xx] = keyPhrase[found];

Open in new window


My source is commented fairly well, here it is:

#include <windows.h>
#include "resource.h"
#include <string>
// +---------------------------------------------------------------------------+
// | Simple Character Encryption                                               |
// +---------------------------------------------------------------------------+
// | main.cpp                                                                  |
// |                                                                           |
// | This program demonstrates how to encrypt and decrypt using                |
// | simple character substitution                                             |
// +---------------------------------------------------------------------------+
// | Acknowledgements:                                                         |
// |                                                                           |
// | Authors: John                                                   |
// |                                                                           |
// +---------------------------------------------------------------------------+


//---------------------------------------------------------------------------
// Function Protypes Defined
//---------------------------------------------------------------------------

LRESULT CALLBACK DlgProc(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM lParam);

//---------------------------------------------------------------------------
// Define Global Variables
//---------------------------------------------------------------------------

HWND hWnd;

//---------------------------------------------------------------------------
// WinMain: Application Entry Point
//---------------------------------------------------------------------------

INT WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
				   LPSTR lpCmdLine, int nCmdShow)
{
	DialogBox(hInstance, MAKEINTRESOURCE(IDD_DIALOG1),
	          hWnd, reinterpret_cast<DLGPROC>(DlgProc));

	return FALSE;
}
//---------------------------------------------------------------------------
// Dialog Procedure
//---------------------------------------------------------------------------
LRESULT CALLBACK DlgProc(HWND hWndDlg, UINT Msg, WPARAM wParam, LPARAM lParam)
{
        
    /* Local Variables */
    char szbuffer[255], szbuffer2[255];
    char szusercombo[80] = {'/0'};
    
    // This is the word 'crackme' encrypted!!
    std::string encrypted("eeheqij");
    int stringLength;
    
    // The word "crackme" encrypted  = e   e   h   e   q   i   j    
    
    //                               1         2         3        
    //                     01234567890123456789012345678901234
    char keyPhrase[]    = "thequickbrownfoxjumpsoverthelazydog";
    char cypherPhrase[] = "packmyboxwithfivedozenliguorjugs";
    
	switch(Msg)
	{
	case WM_INITDIALOG:
		return TRUE;

	case WM_COMMAND:
		switch(wParam)
		{
		case IDOK:
            // Move users answer to szbuffer 
            GetDlgItemText(hWndDlg, IDC_EDIT1, szbuffer, 80);
            
            // Get length of user string entered
            stringLength = strlen(szbuffer);
            
            // Loop through every character
            for(int xx=0; xx<stringLength; xx++){
                        // Isolate single character
                        char currentCharacter = szbuffer[xx];
                        
                        // Locate character in cypherPhrase
                        std::string strCypherPhrase(cypherPhrase);
                        
                        // Get Position of current character in cypherPhrase
                        // Note: The character should always be found
                        //       because every letter is in cypherPhrase
                        size_t found = strCypherPhrase.find(currentCharacter);
                        
                        // Now get keyPhrase[FOUND] and add to final userCombination buffer
                        userCombination[xx] = keyPhrase[found];
                        
                        // Move current encrypted character to buffer2 ( for MessageBox debugging )    
                        //wsprintf(szbuffer2,"%c", keyPhrase[found]);
                        //MessageBox ( NULL, szbuffer2, "Encrypted Character is...", MB_OK | MB_ICONINFORMATION );
                }
                // Debug Encrypted String
                // Should output: e   e   h   e   q   i 
                MessageBox ( NULL, userCombination, "Encrypted String Debug", MB_OK | MB_ICONINFORMATION );
               
               
               // Now check to see if they entered the correct answer
               // if userCombination == 'eeheqij' 
               //     correct
                
			EndDialog(hWndDlg, 0);
			return TRUE;
		}
		break;
	}

	return FALSE;
}
//---------------------------------------------------------------------------
// Application Functions
//---------------------------------------------------------------------------
// NONE YET

Open in new window

0
Comment
Question by:edvinson
  • 2
  • 2
5 Comments
 
LVL 31

Accepted Solution

by:
Zoppo earned 500 total points
ID: 39255357
Hi edvinson,

how is userCombination declared?

ZOPPO
0
 
LVL 1

Author Comment

by:edvinson
ID: 39255372
WOW I got it!

I added:

char userCombination[80] = {'/0'};

Open in new window


and it works! So cool, my first encryption program! And I decompiled it, and it's perfect. Nowhere in the decompiled dump is the correct password.
0
 
LVL 31

Expert Comment

by:Zoppo
ID: 39255377
Fine, that's great ...

Regards,

ZOPPO
0
 
LVL 40

Expert Comment

by:evilrix
ID: 39255402
This isn't meant to be an answer to your question but just a friendly caution...

This isn't really encryption. At best it is obfuscation and is in no way secure. If this code is meant to secure a password I'm afraid it really won't do what you intend. In general it is a bad idea to try and implement your own "encryption" as it is almost certainly not going to be strong enough.

Why is this obfuscation and not encryption? Simple, your code contains both the algorithm and the key. In other words, everything required to decrypt is available to anyone who has your binary. It's like going out the front door, locking it and putting the key under the mat. Anyone who knows where to look will be able to access your house.

Hope this is helpful.
0
 
LVL 1

Author Comment

by:edvinson
ID: 39255429
Thanks EvilRix,

I appreciate your comments. It makes sense. This is a portion of my program I am writing to submit to a contest, where beginners learning Assembly try to reverse your password algorithm.

I am writing the program to mirror my own abilities in Assembly - I want to be able to decypher my own code, you know. It's a win win, as I get to learn C++ and Assembly at the same time.

As my C++ and Assembly skills grow, my algorithms will undoubtedly get tougher to crack!

This is my first submission, I will let you know how it goes.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When writing generic code, using template meta-programming techniques, it is sometimes useful to know if a type is convertible to another type. A good example of when this might be is if you are writing diagnostic instrumentation for code to generat…
This article shows you how to optimize memory allocations in C++ using placement new. Applicable especially to usecases dealing with creation of large number of objects. A brief on problem: Lets take example problem for simplicity: - I have a G…
The goal of this video is to provide viewers with basic examples to understand how to use strings and some functions related to them in the C programming language.
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question