Crypto Algorithm Question - Using geometric algorithm for one-way encryption

You experts can tell me if something is wrong with my logic, but I had this idea for an algorithm for one-way encryption (for only moderate security such as a password system designed to keep out bots, spammers, non-members, and amateur hackers).

suppose we gave every alphanumeric character a random but unique numeric id. This numeric id would represent height on a graph. So for example, for "post", if p=14 and 0=35 and s=25 and t=15, then we'd plot the x and y axis as (0,14) (1,35) (2,25) (3,15).

It's been umpteen years since I took calculus, but seems that then, based on these coordinates, we could build a curve. (in other words, not just plotting as one straight slope connected to another, but representing a flowing curve as we often do in calculus. Then we could store that curves equation and the area underneath the curve, as the encrypted password.

I would think collision would not be too much of a problem because even if two words have the same area "post" "pots", they would still have different shapes since every word (barring the semantics of multiple meanings) has a unique spelling which is represented by a unique sequence of heights.

As for reverse engineering, seems it might not be impossible, but I think it would be difficult, but like I said, it's been year's since I did any calculus ( I won't say how long, or I'll give away the fact that I'm an old man lol).

I'm not sure I see where you are going with this. From four points, you would get a curve with a fifth order or so formula. Just computing it would be relatively expensive.

Might be fun to hack around with it, but if its a real application, why not just use a HMAC?

You'd have to calculate the curve using your favorite algorithm.

Do you do it all in floating point? fixed point?

Of course, practically, I think there's plenty security options out there, as you suggested HMAC and so forth, even MD5 is good enough if you're not handling sensitive data.

The idea came to me because there's no encryption options in Xforms without going outside of xforms and using javascript or php or something. I wanted to stay client-side with mozilla xforms and also not use javascript so I was just thinking of my options if I were to dare to create a custom function (which I have since discovered is impossible in xpath as its functions are only basic).

I got to thinking back to my calculus classes and realized that if you could represent your data geometrically (or by curve/area) that each data unit (word or what have you) would be entirely unique and this would avoid collision issues.

I was just exercising my creative juices, but I certainly don't have the skills to handle attempting it. And I have no idea whether it'd be fixed or floating.

I did come up with a simple solution in xpath that suits my minimal security needs.

If I were young and had lotsa time, I probably would play around with it, but I can see now, I need some serious edumacation in security matters.

Thanks for your response, fishtoprecords.

cheers

PHP has a SHA1,
string sha1 ( string $str [, bool $raw_output ] )

The idea of doing any serious security in Javascript gives me a headache. Then, doing anything serious in Javascript is terrifying to me.

Love the comment about javascript!

I was aware of PHP's encryption functions. I was trying to stay client side.

On the upside, I just found out that Xforms 1.1 does have a digest function that can implement MD5, SHA-1 and SHA-256. I swear I searched the world over--don't know how I missed this. It may not be implemented in mozilla yet, but if it's in version 1.1, then I know it'll come soon.

Cheers again, fishtoprecords.

It was called LiveScript when it was invented. It had, and has, nothing to do with Java. But at the time, Java and coffee related puns were hot, so it got renamed to be JavaScript.

Much confusion followed.

Its a terrible language, nearly impossible to debug. Its very sad that nothing better has replaced it.

<Insert VBScript joke here.>

Funny guys.

Anyone interested, just found out from the developers that mozilla xforms will suppor the digest() function in the next release or so.
Forgot to mention above, it also supports HMAC.

cheers