#1
  1. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2001
    Posts
    11
    Rep Power
    0

    Simple 2-way encryption


    I'm looking for a 2-way algorithm that can convert a string into an alphanumeric string that doesn't resemble the original. Can this be done?

    (This is for a PHP script)

    Basically what I want to do is take a few pieces of information such as the below, related to an error message, and put them together so it can be transmitted easily through a URL. It would be an added bonus to keep this data fairly secure.

    4.2.1
    3.23.49
    Apache
    The database could not connect.
  2. #2
  3. Banned ;)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Nov 2001
    Location
    Woodland Hills, Los Angeles County, California, USA
    Posts
    9,638
    Rep Power
    4247
    Maybe you can use some prewritten modules for PHP, such as the Mcrypt module. http://www.onlamp.com/pub/a/php/2001...pt.html?page=3

    If you want the algorithm descriptions for the sake of learning, I'd recommend buying a copy of Bruce Schneier's "Applied Cryptography" where he discusses the relative strengths and weaknesses of many cryptographic algorithms.

    Hope this helps.
  4. #3
  5. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2002
    Location
    a northern town
    Posts
    74
    Rep Power
    13
    Hi,

    I did an 2 way encryption algorith class for php and a vbscript sub a while back. If it is of use to you let me know and I will dig it out?

    Regards, Ed.
    /* measure twice, cut once */
  6. #4
  7. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2001
    Posts
    11
    Rep Power
    0
    Basically I need something to obscure data and make it transmittable by URL, where it can then be unobscured. Encryption would be a plus but basically I need something simpler.
  8. #5
  9. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2002
    Location
    a northern town
    Posts
    74
    Rep Power
    13
    Hi MercuryBoard,

    No problem. If you don't get sorted and need the code let me know.

    Regards, Ed.
    /* measure twice, cut once */
  10. #6
  11. No Profile Picture
    Junior Member
    Devshed Newbie (0 - 499 posts)

    Join Date
    Sep 2001
    Posts
    11
    Rep Power
    0
    I'm interested... Send me the code
  12. #7
  13. Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2002
    Location
    a northern town
    Posts
    74
    Rep Power
    13
    Hi,

    Sorry for the delay, I couldn't remember where I had put it?
    I think it will be secure enough if the data is not too critical

    The Class...

    PHP Code:
    <?
    //Encryption class
    Class cls_encrypt{

    var 
    $s_array = array();
    var 
    $K_array = array();
    var 
    $return_val;
    var 
    $num_count;
    var 
    $alp_count;
    var 
    $lwr_count;

        
    //Function to return the decimal value of an ascii character...
        
    function get_ascii_val($passed_val){
            
    //This assigns all the ascii vals to the $asc_chars() array...
            
    for($x_val 0$x_val <= 255$x_val $x_val 1){
                
    $asc_chars[chr($x_val)] = $x_val
            }
            return 
    $asc_chars[$passed_val];
        } 

        
    //Basic function to encrypt/decrypt. Input_val gets crypted/decrypted using key_val... 
        
    Function encrypt_value($input_val$key_val){
            
    //Create an array of 0 - 255 and initialise 
            
    for ($i 0$i <= 255$i $i 1){
                
    $s_array[$i] = $i;
            }  

            
    //
            
    $j 1;
            
    //Create an array of 0 - 255 and initialise with a calculated chr value...
            
    for ($i 0$i <= 255$i $i 1){
                if (
    $j strlen($key_val)){
                    
    $j 1;
                }
                
    $K_array[$i] = $this -> get_ascii_val(substr($key_val$j1));
                
    $j $j 1;
            }
            
            
    //Shuffle the array values around to give a 'random' value...
            
    $j 0;
            for (
    $i 0$i <= 255$i $i 1){
                
    $j = ($j $s_array[$i] + $K_array[$i]) % 256;
                
    $temp_var $s_array[$i];
                
    $s_array[$i] = $s_array[$j];
                
    $s_array[$j] = $temp_var;
            }
            
            
    //Create the 'encrypted' string from the 2 initialised arrays...
            
    $i 0;
            
    $j 0;
            for (
    $x 0$x strlen($input_val); $x++){
                
    $i = ($i 1) % 256;
                
    $j = ($j $s_array[$i]) % 256;
                
    $temp_var $s_array[$i];
                
    $s_array[$i] = $s_array[$j];
                
    $s_array[$j] = $temp_var;
                
    $t = ($s_array[$i] + ($s_array[$j] % 256)) % 256;
                
    $y $s_array[$t];
                
    $comp_val $this -> get_ascii_val(substr($input_val$x1)) ^ $y;
                
    $calc_val Chr($this -> get_ascii_val(substr($input_val$x1)) ^ $y);
                
    $return_val $return_val.$calc_val;
            }
            return 
    $return_val;
        }
    }
    ?>
    ... And something to test it with (gives an idea of what it does...

    PHP Code:
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
    <html>
    <head>
        <title>Encrypt...</title>
    </head>

    <body>
    <? 
    if (isset($_POST[submit])){
        include(
    "addEncryptClasses.inc.php");
        
    $my_obj = new cls_encrypt();
        
    $obscure_text $my_obj -> encrypt_value($_POST[enctext], $_POST[enckey]);
        echo 
    "Text is : ".$_POST[enctext]."<br>";
        echo 
    "Key is : ".$_POST[enckey]."<br>";
        echo 
    "Obscured Text is : ".$obscure_text."<br><br>";
        echo 
    "Re-enter the key to un-obscure the text!<br><br>";
    }
    ?>

    <table cellspacing="2" cellpadding="2" border="0">
    <form action="" method="post">
    <tr>
        <td>
            Enter the text to be obscured or unobscured 
        </td>
    </tr>
    <tr>
        <td><input type="text" name="enctext" value="<? echo $secure_text?>" size="100"></td>
    </tr>
    <tr>
        <td>Enter the key</td>
    </tr>
    <tr>
        <td><input type="text" name="enckey"></td>
    </tr>
    <tr>
        <td><input type="submit" name="submit"></td>
    </tr>
    </form>
    </table>

    </body>
    </html>
    I used it originally for storing values in a db as encrypted strings, then used it to store stuff in sessions etc.

    It is probably a little hungry for day to day use if there is a lot of data but I think you could easily reduce the number of chars in the encryption routine from 256 to say 40 or 50. If I get a bit of time this week I will sort it out and let you know.

    The other reason to reduce the amount of chars used it that this currently uses *ALL* the ascii char set, as opposed to just alphanumeric chars which would be a load better for passing in the URL.

    Hope it helps you out anyway.

    Regards, Ed.
    /* measure twice, cut once */
  14. #8
  15. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Dec 2000
    Posts
    452
    Rep Power
    14
    heres one that ive used before, i'm not sure where i got it but it seems to work pretty well

    PHP Code:
    class rc4crypt {
        function 
    endecrypt ($pwd$data$case='') {
            if (
    $case == 'de') {
                
    $data urldecode($data);
            }

            
    $key[] = "";
            
    $box[] = "";
            
    $temp_swap "";
            
    $pwd_length 0;

            
    $pwd_length strlen($pwd);

            for (
    $i 0$i <= 255$i++) {
                
    $key[$i] = ord(substr($pwd, ($i $pwd_length), 1));
                
    $box[$i] = $i;
            }

            
    $x 0;

            for (
    $i 0$i <= 255$i++) {
                
    $x = ($x $box[$i] + $key[$i]) % 256;
                
    $temp_swap $box[$i];

                
    $box[$i] = $box[$x];
                
    $box[$x] = $temp_swap;
            }

            
    $temp "";
            
    $k "";

            
    $cipherby "";
            
    $cipher "";

            
    $a 0;
            
    $j 0;

            for (
    $i 0$i strlen($data); $i++) {
                
    $a = ($a 1) % 256;
                
    $j = ($j $box[$a]) % 256;

                
    $temp $box[$a];
                
    $box[$a] = $box[$j];

                
    $box[$j] = $temp;

                
    $k $box[(($box[$a] + $box[$j]) % 256)];
                
    $cipherby ord(substr($data$i1)) ^ $k;

                
    $cipher .= chr($cipherby);
            }

            if (
    $case == 'de') {
                
    $cipher urldecode(urlencode($cipher));

            } else {
                
    $cipher urlencode($cipher);
            }

            return 
    $cipher;
        }
    }

    ####### USAGE ###########

    $thestring "the quick brown fox";
    $thepasswd "mypassword";

    $rc4 = new rc4crypt;

    $thestring $rc4->endecrypt($thepasswd,$thestring);
    ## $thestring is now encrypted

    $thestring $rc4->endecrypt($thepasswd,$thestring,'de');
    ## $thestring is now decrypted 
  16. #9
  17. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2011
    Posts
    1
    Rep Power
    0

    Thank You


    Dingle,

    I registered on forum JUST to say to Thank you! The code is pretty old and working pretty good.

IMN logo majestic logo threadwatch logo seochat tools logo