This is a discussion on Bitshift Crypt within the C++ Programming forums, part of the General Programming Boards category; Hi guys, when you have to crypt a password a way that it can be decrypted by another algorithm (no ...
Hi guys,
when you have to crypt a password a way that it can be decrypted by another algorithm (no hashsums - no one way password) would you probalby use c bitshifts?
What way would you prefer?
Do you know any short sample functions? How would you do?
Thanks a lot in advance.
rat
You can use any sequence of operations you like, so long as you can also find a sequence which reverses it.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
I support http://www.ukip.org/ as the first necessary step to a free Europe.
I wouldn't do that at all. What for? I might encrypt a whole message, but a small password?
But most symmetric ciphers come down to XORing, in the end, preceded or followed by mixing the data up a bit.
All the buzzt!
CornedBee
"There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
- Flon's Law
The simplest and most common encryption using bitwise operations uses XOR.
The use of left and right shift (if you take care not to lose bits) might be possible for a simple encryption, but if you plan to use a constant shift all the way, it will just be a variant of Caesar cypher which can be effortlessly cracked by a child. If you use some sort of a key, there are still very few different shifts you can use.
None of these encryptions are particularly secure but if you have relatively unsensitive data and want to keep off casual users, XOR might be fine.
If you have very sensitive data, one-way encryption might offer more security.
I might be wrong.
Quoted more than 1000 times (I hope).Thank you, anon. You sure know how to recognize different types of trees from quite a long way away.
asymetric key pairs are probably the most secure and simplest to implement. Just make sure you pick a large enough key strength. 32 bit is trivial to implement, but also trivial to crack. 64 bit is a bit harder to implement but nearly impossible for anyone short of the NSA to crack. International banks use 4096 bit which is still pretty easy to implement and retardedly difficult to break. Million bit encryption is doable on a desktop, but it takes a significant itme (about an hour) to encrypt a single block.
Until you can build a working general purpose reprogrammable computer out of basic components from radio shack, you are not fit to call yourself a programmer in my presence. This is cwhizard, signing off.
I would use a library like Crypto++ to do the dirty work for me, since I am too lazy/incompetent to implement the functions correctly myselfWhat way would you prefer?
Do you know any short sample functions? How would you do?. Exactly what cryptographic primitive is selected depends on the protocol and other requirements. If we're talking about password storage, it seems to me that hashing the user supplied password is still good practice.
I think your key size figures of 32 and 64 apply more to symmetric key ciphers, but even then AES uses key sizes of at least 128 bits. I note that a 512 bit RSA key (or rather, number that could have been used for RSA) was factored by a team not from the NSA in 1999. It seems to me that 1024 bits is a more common minimum key size for public key cryptography.asymetric key pairs are probably the most secure and simplest to implement. Just make sure you pick a large enough key strength. 32 bit is trivial to implement, but also trivial to crack. 64 bit is a bit harder to implement but nearly impossible for anyone short of the NSA to crack.
Then again, all this would not matter if ratte is not actually interested in using strong encryption and more interested in learning how to implement simple home-brewed encryption with bit shifts and such.
C + C++ Compiler: MinGW port of GCC
Version Control System: Bazaar
Look up a C++ Reference and learn How To Ask Questions The Smart Way
thanks a lot for all your replies.
I need to store the password a user needs to have acccess to a database. so i can't do the asymetric way 'cause there's no hash to compare with.
If I got it right a bitshift, XOR or something, with a keyword (not like caesar) would be the best for my problem.
If you can store a password, you can store a hash of the password. The "asymetric key pairs" that abachler wrote about refers to public key cryptography, not cryptographic hashes.I need to store the password a user needs to have acccess to a database. so i can't do the asymetric way 'cause there's no hash to compare with.
Is this for a school project, or is this for real?If I got it right a bitshift, XOR or something, with a keyword (not like caesar) would be the best for my problem.
C + C++ Compiler: MinGW port of GCC
Version Control System: Bazaar
Look up a C++ Reference and learn How To Ask Questions The Smart Way
it's for real.
can you please show me an example crypt/encrypt my password with "asymetric key pairs"?
Is it professionally/commercially real or just-for-fun real?
Have you tried using Google?
I might be wrong.
Quoted more than 1000 times (I hope).Thank you, anon. You sure know how to recognize different types of trees from quite a long way away.
the former one, yes i tried to use google - but i couldn't find a sample of code for that.
Please tell us the name of this broken product so we know to avoid it's use in future.
http://www.interhack.net/people/cmcu...e-oil-faq.html
Perhaps you should describe the problem, not how to implement your solution.
Things like key exchange, shared secrets etc have already been solved. Perhaps we could suggest alternatives which reveal less information at critical times.
You're not going to implement a secure trivial crypto system which isn't going to be trivial to break. This is going to take a lot of work and careful thought, not 5 lines of code hastily grabbed from a forum.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
I support http://www.ukip.org/ as the first necessary step to a free Europe.
LinkBack URL
About LinkBacks
