Encryption and XOR

Discuss whatever you want here--both QB and non-QB related. Anything from the DEF INT command to the meaning of life!

Moderators: Pete, Mods

Post Reply
Patz QuickBASIC Creations
Veteran
Posts: 399
Joined: Wed Mar 02, 2005 9:01 pm
Location: Nashville, Tennessee
Contact:

Encryption and XOR

Post by Patz QuickBASIC Creations »

How come in all of the encryption programs I see written in QuickBASIC, none of them include XOR? It seems like an easy and effective way to encrypt a file. Example: (pseudo-code)

Code: Select all

Code% = 145        'Just an example.
DIM GetVar AS STRING * 1
OPEN FILE1$ FOR BINARY ACCESS READ AS #1
OPEN FILE2$ FOR BINARY ACCESS WRITE AS #2
FOR A = 1 TO LOF(FILE1$)
 GET #1, , GetVar
 GetVar = CHR$(ASC(GetVar) XOR Code%)
     'This is what I'm talking about
 PUT #2, , GetVar
NEXT A
CLOSE
This one is not effective, since all bits are XOR'd by the same thing. But, it could be easily modified to parse string passwords and such.


So, why don't I ever see XOR in encryption programs? My only complaint is its speed with bigger files. (yet all encryption routines I see are slow, so this doesn't apply)
Z!re
Veteran
Posts: 887
Joined: Wed Aug 04, 2004 11:15 am

Post by Z!re »

It's easy to crack. See Caesar encryption or rolling addition encryptions.

Simple version is shifting one "letter" to the "right":
Hello becomes: Ifmmp

Also the system is vulnerable to analytic approaches of breaking it.

In any case, any encryption should be able to have it's entire sourcecode distributed without becoming easier to decrypt.
I have left this dump.
Patz QuickBASIC Creations
Veteran
Posts: 399
Joined: Wed Mar 02, 2005 9:01 pm
Location: Nashville, Tennessee
Contact:

Post by Patz QuickBASIC Creations »

So, the following wouldn't be an effective encryption method?

Code: Select all

SUB PatzCrypt (InFile$, OutFile$, Password$)
FirstHandle = FREEFILE
 OPEN InFile$ FOR BINARY ACCESS READ AS #First Handle
SecondHandle = FREEFILE
 OPEN OutFile$ FOR BINARY ACCESS WRITE AS #SecondHandle

DO
 Crypt$ = INPUT$(4096, #FirstHandle)
 FOR A = 1 TO LEN(Crypt$)
  MID$(Crypt$, A, 1) = CHR$(ASC(MID$(Crypt$, A, 1)) XOR ASC(MID$(Password$, 4096 MOD LEN(Password$) + 1, 1)))
 NEXT A
 PUT #SecondHandle, ,Crypt$
LOOP UNTIL LEN(Crypt$) <> 4096

CLOSE #FirstHandle
CLOSE #SecondHandle
END SUB
Z!re
Veteran
Posts: 887
Joined: Wed Aug 04, 2004 11:15 am

Post by Z!re »

Depends on what you define as effective.

I mean it gets the job done, and if your entire goal is protect some.. less than sensitive data, then sure, it's effective.

As a simple and somewhat not accurate example, say you got the string:
11111111111111111111111111

And you encrypt it with the password:
123

And you end up with:
23423423423423423423423423

The repetition gives it away, and thats a simple example, a good crypto breaker can spot patterns even when you try to hide them, such as increasing the encryption value by 1 each cycle:
23434545656767878989090101

But like I said, if you just want to encrypt a highscore table, or some data for a game or other such non-sensitive data, then this is fine.
I have left this dump.
Patz QuickBASIC Creations
Veteran
Posts: 399
Joined: Wed Mar 02, 2005 9:01 pm
Location: Nashville, Tennessee
Contact:

Post by Patz QuickBASIC Creations »

Z!re wrote:Depends on what you define as effective.

I mean it gets the job done, and if your entire goal is protect some.. less than sensitive data, then sure, it's effective.

As a simple and somewhat not accurate example, say you got the string:
11111111111111111111111111

And you encrypt it with the password:
123

And you end up with:
23423423423423423423423423

The repetition gives it away, and thats a simple example, a good crypto breaker can spot patterns even when you try to hide them, such as increasing the encryption value by 1 each cycle:
23434545656767878989090101

But like I said, if you just want to encrypt a highscore table, or some data for a game or other such non-sensitive data, then this is fine.
OK, but it seems much less effective just to shift one letter to the right. And, with those adding ASCII values from passwords to a string seems much less effective. (BTW, I am trying to use this just as a general encryption method. The second method is much more effective than the first, especially since it parses the strings and has a slight defect (if you can spot it). Take that analytical programs!
Z!re
Veteran
Posts: 887
Joined: Wed Aug 04, 2004 11:15 am

Post by Z!re »

Patz QuickBASIC Creations wrote:
Z!re wrote:Depends on what you define as effective.

I mean it gets the job done, and if your entire goal is protect some.. less than sensitive data, then sure, it's effective.

As a simple and somewhat not accurate example, say you got the string:
11111111111111111111111111

And you encrypt it with the password:
123

And you end up with:
23423423423423423423423423

The repetition gives it away, and thats a simple example, a good crypto breaker can spot patterns even when you try to hide them, such as increasing the encryption value by 1 each cycle:
23434545656767878989090101

But like I said, if you just want to encrypt a highscore table, or some data for a game or other such non-sensitive data, then this is fine.
OK, but it seems much less effective just to shift one letter to the right. And, with those adding ASCII values from passwords to a string seems much less effective. (BTW, I am trying to use this just as a general encryption method. The second method is much more effective than the first, especially since it parses the strings and has a slight defect (if you can spot it). Take that analytical programs!
Just because you perceive XOR to generate a harder to follow result than just shifting does not make it so.
And i've also already told you that for non-critical or non-sensitive information go ahead, encrypt it however you want.
If you however plan on using this to encrypt passwords and such i strongly suggest you reonsider.

Not that it really matters as it is highly doubtful any application you make will ever encrypt something sufficiently valuable to even bother looking at (The data that is, not the application itself.)
I have left this dump.
nkk_kan
Veteran
Posts: 57
Joined: Thu Jun 01, 2006 10:45 am
Location: Gujrat,India,Asia
Contact:

Post by nkk_kan »

well...can anyone make something like that "Enigma" code in ww2?
just a suggestion..i don't want it..but i think that's best encryption?
Z!re
Veteran
Posts: 887
Joined: Wed Aug 04, 2004 11:15 am

Post by Z!re »

nkk_kan wrote:well...can anyone make something like that "Enigma" code in ww2?
just a suggestion..i don't want it..but i think that's best encryption?
The Enigma was cracked remember. Also, the enigma was just a beefed up shuffle encryption.
I have left this dump.
Patz QuickBASIC Creations
Veteran
Posts: 399
Joined: Wed Mar 02, 2005 9:01 pm
Location: Nashville, Tennessee
Contact:

Post by Patz QuickBASIC Creations »

Besides, how could the Enigma encrypt

Code: Select all

CHR$(200)
? It doesn't work when you have the whole 256-character ASCII alphabet.
Z!re
Veteran
Posts: 887
Joined: Wed Aug 04, 2004 11:15 am

Post by Z!re »

Patz QuickBASIC Creations wrote:Besides, how could the Enigma encrypt

Code: Select all

CHR$(200)
? It doesn't work when you have the whole 256-character ASCII alphabet.
Why not?
I have left this dump.
Patz QuickBASIC Creations
Veteran
Posts: 399
Joined: Wed Mar 02, 2005 9:01 pm
Location: Nashville, Tennessee
Contact:

Post by Patz QuickBASIC Creations »

The Enigma only encrypts letters, right? (ASCII 65-91) - Therefore, not all 256-characters can't be encrypted, as only 26 are available.

Source: http://en.wikipedia.org/wiki/Enigma_machine
Z!re
Veteran
Posts: 887
Joined: Wed Aug 04, 2004 11:15 am

Post by Z!re »

Patz QuickBASIC Creations wrote:The Enigma only encrypts letters, right? (ASCII 65-91) - Therefore, not all 256-characters can't be encrypted, as only 26 are available.

Source: http://en.wikipedia.org/wiki/Enigma_machine
Yes, the Enigma machine, but stupid as I am I assumed you were talking about the algorithm, and not actually constructing an Enigma machine. Let me know if I was wrong and you are infact constructing an Enigma machine.
I have left this dump.
Patz QuickBASIC Creations
Veteran
Posts: 399
Joined: Wed Mar 02, 2005 9:01 pm
Location: Nashville, Tennessee
Contact:

Post by Patz QuickBASIC Creations »

nkk_kan wrote:well...can anyone make something like that "Enigma" code in ww2?
just a suggestion..i don't want it..but i think that's best encryption?
When I saw this I assumed the Enigma was the machine (hence WW2)
Mac
Veteran
Posts: 151
Joined: Mon Aug 06, 2007 2:00 pm

Post by Mac »

Patz QuickBASIC Creations wrote:
nkk_kan wrote:well...can anyone make something like that "Enigma" code in ww2?
just a suggestion..i don't want it..but i think that's best encryption?
When I saw this I assumed the Enigma was the machine (hence WW2)
The enigma was pretty good, but as a method for computer encryption, it is much too complicated for the security payoff. It was complicated because it was a machine. With computers, you would just take a password and use that - no zillion setting of knobs and wheels.

However to answer the original question "can anyone make something like.." - I have done that!

Enter this
http://www.network54.com/Forum/229185/m ... 104359939/

Lots of goodies. The simplest to play with is probably the "handy-dandy ...". It is a demo with pre-set Reflector, Rotors, Steckers, and Message to be encrypted. You can change those.

Also see "The QBasic Enigma Emulator" which has Function Enigma% (zR$, zW$, zS$, zK$, zM$) which encrypts/decripts and can be easily incorporated by you into your own QBasic program.

Mac
Mac
Veteran
Posts: 151
Joined: Mon Aug 06, 2007 2:00 pm

No reply yet

Post by Mac »

I guess the question got answered?

Mac
User avatar
burger2227
Veteran
Posts: 2466
Joined: Mon Aug 21, 2006 12:40 am
Location: Pittsburgh, PA

I'd assume so................

Post by burger2227 »

LOL
Please acknowledge and thank members who answer your questions!
QB64 is a FREE QBasic compiler for WIN, MAC(OSX) and LINUX : https://www.qb64.org/forum/index.php
Get my Q-Basics demonstrator: https://www.dropbox.com/s/fdmgp91d6h8ps ... s.zip?dl=0
Post Reply