Solved

Help with my simple encryption code

Posted on 2013-06-17
5
394 Views
Last Modified: 2013-06-18
This is a simple character substitution encryption program I am writing. My main goal is to avoid a cracker from de-compiling and seeing the correct password in the de-compiled code.

Programs such as OLLY and IDA will provide a list of strings used in a program, and I want to avoid this.

My program will ultimately compare the correct password ENCRYPTED to what the user entered. So if decompiled, they will see the ENCRYPTED string, not the correct password.

How my encryption works: Get the user entered character, find it in cypherPhrase. Then user keyPhrase[index of cypherPhrase] as the encrypted character.

That being said, I am getting this error: INVALID TYPES CHAR[INT] FOR ARRAY SUBSCRIPT on line 97:

userCombination[xx] = keyPhrase[found];

Open in new window


My source is commented fairly well, here it is:

#include <windows.h>
#include "resource.h"
#include <string>
// +---------------------------------------------------------------------------+
// | Simple Character Encryption                                               |
// +---------------------------------------------------------------------------+
// | main.cpp                                                                  |
// |                                                                           |
// | This program demonstrates how to encrypt and decrypt using                |
// | simple character substitution                                             |
// +---------------------------------------------------------------------------+
// | Acknowledgements:                                                         |
// |                                                                           |
// | Authors: John                                                   |
// |                                                                           |
// +---------------------------------------------------------------------------+


//---------------------------------------------------------------------------
// Function Protypes Defined
//---------------------------------------------------------------------------

LRESULT CALLBACK DlgProc(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM lParam);

//---------------------------------------------------------------------------
// Define Global Variables
//---------------------------------------------------------------------------

HWND hWnd;

//---------------------------------------------------------------------------
// WinMain: Application Entry Point
//---------------------------------------------------------------------------

INT WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance,
				   LPSTR lpCmdLine, int nCmdShow)
{
	DialogBox(hInstance, MAKEINTRESOURCE(IDD_DIALOG1),
	          hWnd, reinterpret_cast<DLGPROC>(DlgProc));

	return FALSE;
}
//---------------------------------------------------------------------------
// Dialog Procedure
//---------------------------------------------------------------------------
LRESULT CALLBACK DlgProc(HWND hWndDlg, UINT Msg, WPARAM wParam, LPARAM lParam)
{
        
    /* Local Variables */
    char szbuffer[255], szbuffer2[255];
    char szusercombo[80] = {'/0'};
    
    // This is the word 'crackme' encrypted!!
    std::string encrypted("eeheqij");
    int stringLength;
    
    // The word "crackme" encrypted  = e   e   h   e   q   i   j    
    
    //                               1         2         3        
    //                     01234567890123456789012345678901234
    char keyPhrase[]    = "thequickbrownfoxjumpsoverthelazydog";
    char cypherPhrase[] = "packmyboxwithfivedozenliguorjugs";
    
	switch(Msg)
	{
	case WM_INITDIALOG:
		return TRUE;

	case WM_COMMAND:
		switch(wParam)
		{
		case IDOK:
            // Move users answer to szbuffer 
            GetDlgItemText(hWndDlg, IDC_EDIT1, szbuffer, 80);
            
            // Get length of user string entered
            stringLength = strlen(szbuffer);
            
            // Loop through every character
            for(int xx=0; xx<stringLength; xx++){
                        // Isolate single character
                        char currentCharacter = szbuffer[xx];
                        
                        // Locate character in cypherPhrase
                        std::string strCypherPhrase(cypherPhrase);
                        
                        // Get Position of current character in cypherPhrase
                        // Note: The character should always be found
                        //       because every letter is in cypherPhrase
                        size_t found = strCypherPhrase.find(currentCharacter);
                        
                        // Now get keyPhrase[FOUND] and add to final userCombination buffer
                        userCombination[xx] = keyPhrase[found];
                        
                        // Move current encrypted character to buffer2 ( for MessageBox debugging )    
                        //wsprintf(szbuffer2,"%c", keyPhrase[found]);
                        //MessageBox ( NULL, szbuffer2, "Encrypted Character is...", MB_OK | MB_ICONINFORMATION );
                }
                // Debug Encrypted String
                // Should output: e   e   h   e   q   i 
                MessageBox ( NULL, userCombination, "Encrypted String Debug", MB_OK | MB_ICONINFORMATION );
               
               
               // Now check to see if they entered the correct answer
               // if userCombination == 'eeheqij' 
               //     correct
                
			EndDialog(hWndDlg, 0);
			return TRUE;
		}
		break;
	}

	return FALSE;
}
//---------------------------------------------------------------------------
// Application Functions
//---------------------------------------------------------------------------
// NONE YET

Open in new window

0
Comment
Question by:edvinson
  • 2
  • 2
5 Comments
 
LVL 31

Accepted Solution

by:
Zoppo earned 500 total points
ID: 39255357
Hi edvinson,

how is userCombination declared?

ZOPPO
0
 
LVL 1

Author Comment

by:edvinson
ID: 39255372
WOW I got it!

I added:

char userCombination[80] = {'/0'};

Open in new window


and it works! So cool, my first encryption program! And I decompiled it, and it's perfect. Nowhere in the decompiled dump is the correct password.
0
 
LVL 31

Expert Comment

by:Zoppo
ID: 39255377
Fine, that's great ...

Regards,

ZOPPO
0
 
LVL 40

Expert Comment

by:evilrix
ID: 39255402
This isn't meant to be an answer to your question but just a friendly caution...

This isn't really encryption. At best it is obfuscation and is in no way secure. If this code is meant to secure a password I'm afraid it really won't do what you intend. In general it is a bad idea to try and implement your own "encryption" as it is almost certainly not going to be strong enough.

Why is this obfuscation and not encryption? Simple, your code contains both the algorithm and the key. In other words, everything required to decrypt is available to anyone who has your binary. It's like going out the front door, locking it and putting the key under the mat. Anyone who knows where to look will be able to access your house.

Hope this is helpful.
0
 
LVL 1

Author Comment

by:edvinson
ID: 39255429
Thanks EvilRix,

I appreciate your comments. It makes sense. This is a portion of my program I am writing to submit to a contest, where beginners learning Assembly try to reverse your password algorithm.

I am writing the program to mirror my own abilities in Assembly - I want to be able to decypher my own code, you know. It's a win win, as I get to learn C++ and Assembly at the same time.

As my C++ and Assembly skills grow, my algorithms will undoubtedly get tougher to crack!

This is my first submission, I will let you know how it goes.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When writing generic code, using template meta-programming techniques, it is sometimes useful to know if a type is convertible to another type. A good example of when this might be is if you are writing diagnostic instrumentation for code to generat…
Templates For Beginners Or How To Encourage The Compiler To Work For You Introduction This tutorial is targeted at the reader who is, perhaps, familiar with the basics of C++ but would prefer a little slower introduction to the more ad…
The goal of this video is to provide viewers with basic examples to understand opening and writing to files in the C programming language.
The goal of the tutorial is to teach the user how to use functions in C++. The video will cover how to define functions, how to call functions and how to create functions prototypes. Microsoft Visual C++ 2010 Express will be used as a text editor an…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question