I'm looking for a bunch of encryption algorhythms, for:
A) save files for games
B) a general encryption/decription utility
anyone know of any good ones?
Currently I have:
rot13
rot32 (rot13+numbers+some symbols)
rot128 (rot13 on the whole char range)
CSS - decryption only, from DeCSS (is this illegal?!?)
virginere
XOR
Shish
What's your threat model? If you're genuinely worried about people trying to break it, use AES or 3DES - see the Crypto forum for lots of threads on how to set up the JCE. If you're paranoid, use [url http://www.cl.cam.ac.uk/~rja14/serpent.html]Serpent[/url]. Otherwise, I found a site which gives a [url http://www.codesandciphers.org.uk/enigma/index.htm]really good explanation of Enigma[/url]. That should deter your friends from trying to change the hiscore table.
> I'm looking for a bunch of encryption algorhythms,
> for:
>
> A) save files for games
> B) a general encryption/decription utility
>
> anyone know of any good ones?
>
> Currently I have:
> rot13
> rot32 (rot13+numbers+some symbols)
> rot128 (rot13 on the whole char range)
> CSS - decryption only, from DeCSS (is this
> illegal?!?)
> virginere
> XOR
>
although i haven't spent much time with DeCSS or virginere, everything here system to be known for its weakness and easy hackability.
i would recomend as a general solution in this situation using the password based DES from the JCE extention which is included in java 1.4 or using one of the available Blowfish libraries.
because:
they are sufficently secure in this case (if they hack blowfish to make a game cheat they deserve to cheat)
and they are generally free and easy to use.
> i would recomend as a general solution in this
> situation using the password based DES from the JCE
> extention which is included in java 1.4 or using one
> of the available Blowfish libraries.
>
> because:
> they are sufficently secure in this case (if they hack
> blowfish to make a game cheat they deserve to cheat)
>
> and they are generally free and easy to use.
I agree, I'd use Blowfish or IDEA . Blowfish is noted for it's speed, Idea for it's difficulty to crack. DES Isn't a secure as it once was (but still fine for just keeping people from cheating in a game, just not for keeping the NSA from reading your files), but like he said, if they crack your encryption just to make a cheat, then let them cheat.
I don't need something incredibly strong, just enough to keep those with harmful intent and some technical knowledge out, and I'd like somthing that I can do myself instead of relying on external libraries
The enemy is some VB programming friends who can't be bothered to do any work - but I agree if they can get past encryption they deserve to, it's just that currently it's so easy to get past they can write a decryptor and distribute it to the stupid people (who don't deserve to) in a couple of minutes. (They aren't advanced enough to know much of decompilers yet)
Right now my school has a quiz applet to run tests and such, but the question files are plain text. For extra brownie points I've decided to help out by adding some encryption (Which doubles up as writing encryption for game save files, as it's exactly the same process).
I've hacked the applet to load the files through a rot13 decryptor, and made the utility for encryption, but there are some smart people (the above VB programmers) who can get past that with ease (they also know of that you can open .class files to get a hint of the char array rotation tables, so my nonstandard rot32 isn't safe for long), so I need more, but simple enough to fit in an applet without extra JRE libraries (If it wasn't for this I'd use something like rot32 -> GZipStream to ByteArrayStream -> rot13).
And with virgenere, it's possible to get past with lots of example test data and letter frequancy analysis, which 2MB quiz files and a brain can sort out.
But mostly I'm doing this for my own education/fun (not enough in school, we're only just learning about data processing, eg "in -> process -> out")
So I should end up with:
o Better grades
o A handy encryption utility that can be integrated into other projects
o Knowledge of encryption
o Another reason to laugh at my VB rivals
o Something to do in many boring lessons/an excuse for writing games instead of doing spreadsheet work
Anyhow, if I could get somthing like blowfish into an applet, that would be pretty cool, so I'll look up some of the links
thanks
Shish
> I could give you 3-4 lines of code
> and it should do a good job of protecting it :)
I've got the system set up so there are two main methods for each type:
void encryptXXX(InputStream in, OutputStream out)
void decryptXXX(InputStream in, OutputStream out)
with each having as many utility methods as it likes. Currently I'd like to keep it all in one .class but later I'll probably have something like Class.forName("shish.crypto.methods."+method) with the above two specified in an interface
I was also thinking of something like "String encypt(String)" but that got complicated with deciding where line breaks were
So any short & sweet methods that work on streams will be appreciated
Shish
> if you can,
>
> check out the book "Applied Cryptography" by Bruce
> Schneier. (The guy that developed Blowfish) he has a
> web site someplace as well.
>
> it will change the way you thing about encryption
I was about to post this exact message....I just finished that book...
I wasn't thinking of using a stream, but this is what I basically was saying, it's vignere:
import java.util.*;
public class Encrypt
{
public static void main(String[] args)
{
StringBuffer sb = new StringBuffer("Hello, how are you doing?\nGood");
// encrypt
Random r = new Random(32);
for(int i = 0; i < sb.length(); i++)
{
int shift = r.nextInt(32) + 1;
sb.setCharAt(i, (char)(sb.charAt(i) + shift));
}
System.out.println(sb.toString());
// decrypt
Random r2 = new Random(32);
for(int i = 0; i < sb.length(); i++)
{
int shift = r2.nextInt(32) + 1;
sb.setCharAt(i, (char)(sb.charAt(i) - shift));
}
System.out.println(sb.toString());
}
}
So all it'll be doing is shifting a "random" amount. The Random class would be generating the key for you. I don't think this is enough, maybe you could have a system to shuffle the letters after encryption and insert a few other characters in addition to it. It would be simple enough to do. I don't know if that'll help, I guess it's a bit amateurish, but you said they're a couple vb programmers in your class right? :P
> I don't need something incredibly strong, just enough to keep those with harmful intent and some technical
> knowledge out, and I'd like somthing that I can do myself instead of relying on external libraries
> The enemy is some VB programming friends who can't be bothered to do any work <snip> (They aren't advanced
> enough to know much of decompilers yet)
http://www.ftp.cl.cam.ac.uk/ftp/papers/djw-rmn/djw-rmn-tea.html
Your problem, though, whatever you use, is going to be keeping the key secret.
> Your problem, though, whatever you use, is going to be
> keeping the key secret.
This is Very true, especially if you are using something built into the game as opposed to having the key input by a user. Remember, Encryption is the art of protecting big secrets with small ones....
