Some of you may remember
this. I do. I wanted to visit string encryption some more. I've definitely put some work into this one. This is a
reversable string encryption method I've created. Which means you can put in a string, encrypt it with a password, and then decrypt it as long as you have said password. Anyways, I wanted to share my progress with you. I'm still trying to improve it, but I think I've done a pretty good job at masking the original string.
Fun Fact: Back when I managed Decisive Media with Branden, I used a similar method to encrypt Achievement Codes so people couldn't exploit the system into getting every achievement. I based this new one around this and improved on it.
What I'm basically doing is mixing characters together, using factors to decide which character to use, to pretty much mask the original input. The password that gets passed to the method is used to help mask the original string. Each character in the password is used as a factor to to decide which character to use as a mask. So if you try to decrypt a string with a different given password, it's just going to output gibberish. Along with a password, there are two numbers that are also used as a factor. Both these numbers get changed after each character is masked, which prevents consecutive characters from having the same mask. For example, "Hello", the two l's will have different masks, increasing the security. Then of course, each character in the original string is used as a deciding factor as well.
With these factors, characters are chosen from one of two strings which contain a list of characters. Which get mixed together to produce an end result. To try and strengthen encryption even more, I added an extra parameter. You have the option to pass an integer to the encryption method. This parameter is used to mask the length of the original string. For example, say you passed "Hello", which is five characters, you can pass an integer, let's say "32". The output will be 32 characters long and no one would even guess it'd be hello. However, if the integer you pass is less than the number of characters, it pretty much gets ignored. To show an example, here's an input and output. Notice how the password is one character off from the original, the string looks nothing like the original.
Encrypting:
Input: apple
Password: granny smith
Output Length: 16
Output: tnE3 BaN+f& ]7Jc
Decrypting:
Input: tnE3 BaN+f& ]7Jc
Password: granny smit
Output: brspj)*+,-./0123
Now onto the download. I only have a runnable application this time. Didn't want to take the time to port it to PHP.
DownloadIt's pretty difficult to decode the output without the password. In order to do it, you'd need the two unique strings and two unique numbers to start. And even with these, the encryption method itself is still hidden. I think I've created a pretty solid system here. So with this, I leave a challenge. More specifically for ForeverZer0 (but anyone can try it). Only because he decompiled my program from my previous encryption method last time. xD Oh and I've learned from last time. I've obfuscated the hell out of this thing. I've only examined it in .NET Reflector but everything is pretty hidden.
Input: Hello world!
Output Length: 32
Output: eZ4H:<f]9/pj{SqDo9xS&mA`e5G8L#CV
The goal is to figure out the password. This is pretty damn near impossible to do without knowing any of the variables I used. It wouldn't be very fair if I kept those hidden, so here.
String1 = "! #$%&()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[]^_`abcdefghijklmnopqrstuvwxyz{|}~"
String2 = "f^jAE]okIOzU[2&q1{3`h5w_794p@6s8?BgP>dFV=m D<TcS%Ze|r:lGK/uCy.Jx)HiQ!#$~(;Lt-R}Ma,NvW+Ynb*0X"
Integer1 = 1.75 // I know it's "technically" not an integer
Integer2 = 3
Simply changing any one of these variables produces an entirely new output. Props to whomever successfully finds the password. If someone manages to get it (which I'm actually hoping someone does) it just means I need to improve the method even more. And even if someone doesn't I'm still going to try to improve it as much as possible.