File security

This is a discussion on File security within the C Programming forums, part of the General Programming Boards category; I have 2 questions : 1) I plan to store some username and password and other information in text files, ...

  1. #1
    Registered User
    Join Date
    Jun 2003
    Posts
    147

    File security

    I have 2 questions :

    1) I plan to store some username and password and other information in text files, i need some advice on how I may encrypt the data through coding so that when someone opens the file, he/she would not be able to decipher wat's written.

    2) Is there anyway to prevent a user from opening a file so as to prevent corruption to the contents of that file?
    Only by the cross are you saved...

  2. #2
    Registered User
    Join Date
    Jul 2002
    Posts
    913
    1)
    theres code right on this site to check out.

    2)
    thats up to the os to handle, unless you hack away a filesystem or just keep the file open(if your os will complain about another program editing a open file).

    now im wondering what people will say about number 2....

  3. #3
    ATH0 quzah's Avatar
    Join Date
    Oct 2001
    Posts
    14,826
    1) There are some libraries out there you could use, such as the 'crypt' library, or something like MD5. Search Google for programming and encryption libraries or something and I'm sure you'll get a number of hits.

    2) This will be OS specific, and there is no way to permanently lock a file so that it is unreadable. You'll want to encrypt it and use a checksum to prevent tampering. Then when you read it, check the checksum to make sure it hasn't been changed. Again, visit google for more info on checksumming.

    [edit] Curses! Foiled again. [/edit]

    Quzah.
    Last edited by quzah; 07-07-2003 at 11:01 PM.
    Hope is the first step on the road to disappointment.

  4. #4
    Registered User datainjector's Avatar
    Join Date
    Mar 2002
    Posts
    356
    if u are developing the app in windows then u can use the Crypto API for windows .... The best materail u should read is the msdn ...
    "I wish i could wish my wishs away"

    "By indirections find directions out" -- William Shakespears

    "Do what thou wilt shall be the whole of the law" -- Crowley "THE BEAST 666"

    Mizra -> love = Death...
    RDB(Rocks yooo)..

    http://www.cbeginnersunited.com

    Are you ready for the Trix ???

  5. #5
    Toaster Zach L.'s Avatar
    Join Date
    Aug 2001
    Posts
    2,686
    Chances are you want to use a one-way hash (MD5 like Quzah mentioned is an example). Here are a few others that come to mind: RIPE-MD, Tiger, SHA-1. Anyways, a search for one-way hash functions will probably find you a few more. The Crypto API is probably a bit much if your not making an encryption program.

    Basically, what you do with a one-way hash is encrypt whatever the user enters, and compare it to the values stored in the file (since the hash function cannot be uniquely reversed).

    2) This will be OS specific, and there is no way to permanently lock a file so that it is unreadable. You'll want to encrypt it and use a checksum to prevent tampering. Then when you read it, check the checksum to make sure it hasn't been changed. Again, visit google for more info on checksumming.
    Check out cyclic-redundancy-checks (CRC). One-way hashes can also be used for that purpose, however.
    The word rap as it applies to music is the result of a peculiar phonological rule which has stripped the word of its initial voiceless velar stop.

  6. #6
    Registered User
    Join Date
    Jun 2003
    Posts
    147
    i see, wow...

    all this encryption thing really scares me...dun really know bout the terms u ppl have just mentioned, will try to check the msdn for more info...

    wat i would need is some tutorials to help me, i think that'll be great for a start...
    Only by the cross are you saved...

  7. #7
    Registered User datainjector's Avatar
    Join Date
    Mar 2002
    Posts
    356
    U can check out the msdn.microsoft.com for more info on the microsoft crypto provider...U can also find out code for MD5 , Rjin etc .. from the neet google.com ...or search for this book Applied cryptography its free and contains the sorce code for quite a few encryption algorithms...
    Last edited by datainjector; 07-11-2003 at 02:09 AM.
    "I wish i could wish my wishs away"

    "By indirections find directions out" -- William Shakespears

    "Do what thou wilt shall be the whole of the law" -- Crowley "THE BEAST 666"

    Mizra -> love = Death...
    RDB(Rocks yooo)..

    http://www.cbeginnersunited.com

    Are you ready for the Trix ???

  8. #8
    Registered User
    Join Date
    Jun 2003
    Posts
    147
    okay, i've done a bit of reading and have decided to use some basic form of encryption for that purpose...

    now wat i would like to know is about CRC, how should it be implemented to check if a file has been tampered with or not?
    Only by the cross are you saved...

  9. #9
    Registered User
    Join Date
    Jun 2003
    Posts
    147
    okay, but is it possible to implement it? or how difficult is it?
    Only by the cross are you saved...

  10. #10
    Registered User
    Join Date
    Jun 2003
    Posts
    147
    i see, u done it b4?
    Only by the cross are you saved...

  11. #11
    Pursuing knowledge confuted's Avatar
    Join Date
    Jun 2002
    Posts
    1,916
    Salem has probably either done it or could do it. If you decide to go ahead with CRC, Google around a bit and then ask specific questions here.
    Away.

  12. #12
    Nor
    Nor is offline
    h ֆhr s Nor's Avatar
    Join Date
    Nov 2001
    Posts
    299
    here are some links

    googles has it all...
    http://directory.google.com/Top/Scie...hy/Algorithms/

    if you live in north america look here. if not your prohibited from viewing this page.
    http://cryptography.org/

    crc
    http://www.sewelld.com/CppSourceCode.asp\

    md5 one way hash
    rfc1321
    ftp://ftp.rfc-editor.org/in-notes/rfc1321.txt

    http://www.counterpane.com/blowfish-download.html
    blowfish. easy, simple, secure. its a simple block cipher.
    from Applied Crytography
    symmetric algorithms can be divided into two categories. Some operate on the plaintext a single bit at a time; these are called stream algorithms or stream ciphers. Others operate on plaintext in groups of bits. The group of bits are called blocks, and the algorithms are called block algorithms or block ciphers.
    basicly the above say that stream ciphers can encrypt any number of bites and block ciphers can encrypt only full blocks of data.
    so you'll need to create a buffer of blocks and fill it with your data.
    see the below code.

    i dont know if i'm using bytes and bits in the right spots.

    Code:
    cpp code
    //you'll need something like this.
    //returns a pointer to an array of 64-bite blocks.
    //this pointer needs to be 'delete[]' ed when your finished
    unsigned long* blf_padData( void* data, const unsigned int len, int &NumofBlocks){
        unsigned long* pdata = 0;//pointer to the padded data.
        unsigned long  temp;
            
        if (!data)
            return NULL;
        
        //get the size of the buffer needed
        NumofBlocks = len/8;    //64-byte blocks == 8 bits
        if (0 != len%8)         //if it doesnt fit perfect then add a block
            NumofBlocks++;                             
        
        //make the buffer
        pdata = new unsigned long[NumofBlocks*2];    //8 = sizeof(unsigned long)*2 = 64-bit block
        
        if (!pdata)
            return NULL;
       
        memset(pdata, 0, sizeof(pdata));
        memcpy(pdata, data, len);
        
        return pdata;
    }
    Last edited by Nor; 07-28-2003 at 03:20 AM.
    Try to help all less knowledgeable than yourself, within
    the limits provided by time, complexity and tolerance.
    - Nor

  13. #13
    Registered User
    Join Date
    Jul 2002
    Posts
    913
    if not your prohibited from viewing this page.
    They should really come up with something better than that.

    Its going to be broken either way but there barely trying....

  14. #14
    Nor
    Nor is offline
    h ֆhr s Nor's Avatar
    Join Date
    Nov 2001
    Posts
    299
    they are trying and thats all it takes to make it legal
    just like my fav link. "click here if your over 18. and here if your not"
    Try to help all less knowledgeable than yourself, within
    the limits provided by time, complexity and tolerance.
    - Nor

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Data Structure Eror
    By prominababy in forum C Programming
    Replies: 3
    Last Post: 01-06-2009, 09:35 AM
  2. Encryption program
    By zeiffelz in forum C Programming
    Replies: 1
    Last Post: 06-15-2005, 04:39 AM
  3. System
    By drdroid in forum C++ Programming
    Replies: 3
    Last Post: 06-28-2002, 11:12 PM
  4. Hmm....help me take a look at this: File Encryptor
    By heljy in forum C Programming
    Replies: 3
    Last Post: 03-23-2002, 10:57 AM
  5. Need a suggestion on a school project..
    By Screwz Luse in forum C Programming
    Replies: 5
    Last Post: 11-27-2001, 02:58 AM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21