September 28th, 2011, 12:03 AM
A good way to do mostly FPE given arbitrary number and key?
Just realized that you could easily brute force the below in checksum*scrambler key iterations, so without a large scrambler key, it's pretty weak ;o.
Anyways, that's something I'll hopefully address in the remake as well ^)^
So this is a description of the current algorithm I'm using
Now, this algorithm appears to work quite well, but it has a massive amount of overhead. When I run it in the environment that it's coded for, the entire application freezes for 1.5ish seconds for a 60 digit base 68 number (yes, the language for this environment is ridiculously slow as well).
My current encryption algorithm takes a set of prime bases to encrypt the number for as well as an amount of shuffles to do in each base. From here, it also uses a unique identifier of the user (like an account name) put together with a private key to generate the scrambling key.
For the cipher, it uses the user's unique id and a second private key to scramble the original cipher into a new cipher using the user id + private key to generate the scrambler key. The scrambling is done in the original cipher's base, so it's like a permutation.
On top of all of this, it also modifies the checksum based on a unique id and a third password as well as a variance value (variance being checksum variance). A value of .85 would give 15% variance. If max checksum was 1,000,000 (excluding 0 since it's easier to visualize then), the range would be 850,000 - 1,000,000.
Anyways, the weak point in all of this (the thing that actually freezes) is the scrambler resource: the thing that does the swapping.
Thank you for taking the time to read this long post =).
Also, given that I'm using a hardly used language, I would have to code any suggested algorithm from scratch, so when suggesting an algorithm, please provide some sort of link that goes over how to do it and why it works. Thanks =).