Jump to content

Sky Slate Blueberry Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate
Photo

Editor/Chat Encryption


  • Please log in to reply
18 replies to this topic
Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005
The original script is useful, for example, when an INI file should be kept secret from prying eyes, in case it contains confidential information. Of course, you don’t want to save the decrypted file on disk, but keep it in an AHK variable, and process the data from there; otherwise the plaintext would be easily accessible by an attacker.

Here is another script, using the same stream cipher, and the assumption, that all parties share a secret key (e.g. agreed over the phone). This is useful to encrypt text in edit controls, like Notepad, email programs or Internet chats. It uses a HotKey: Alt-X, which encrypts the plaintext in the current control (like Edit1), precedes it with a random 8-digit hex initial counter value: IV (Initial Vector), enclosed between _\ and /_, like _\f0123456/_. (If you don’t like the delimiters, it is easy to change them.)

If the file has been encrypted, we find an IV in the beginning. In this case Alt-X replaces the current ciphertext with its decrypted original. This is what we need in editors: encrypt before save, decrypt after load.

In chat programs the decrypted message cannot be written in the control of the received messages, so the location of the output should depend on the circumstances. The easiest was that if some text is marked (selected), only that is processed and the result appears in a MsgBox. If you write a message, pressing Alt-X encrypts and replaces the whole. If you receive several encrypted messages, each starting with an IV, just select the desired one and Alt-X opens up a MsgBox with the decrypted message.

We should never ever use an IV twice, because an attacker gains valuable information about both messages if he subtracts the two ciphertext character codes. Generating a random IV makes it happen with very low probability. In our case, in the average 64K messages have to be sent, before a repetition is expected. This scheme is not meant for military secrets, but for encrypting chats about our girl/boyfriends. It is adequate for that. If you need more security, you could generate longer IV's, like 160-bits. The topmost 128 bits are XOR-ed to the secret key, the remaining 32 bits constitute the initial counter value. In this case 2**80 IV's have to be generated, before a repetition is expected. It would take longer than the age of the Universe even on billions of the fastest computers working in parallel.

The problem of true random number generation remains. Initializing the built in random number generator of AHK with the date, time, up-time of the PC, etc. is bad: an attacker can guess these time values (which was the infamous Netscape bug). I will post some time a Linux entropy pool type true random number generator for AHK (measuring the user’s keystroke time intervals, the mouse movements, microphone, webcam data, network packet time arrivals, etc.). For our purposes encrypting the current time with our secret key is good enough. Before encryption it is recommended that the user checks if the PC clock is roughly accurate (by looking at the tray clock), to make sure that a Trojan or a virus has not reset it.
/*
AutoHotkey Version: 1.0.35+
Language:  English
Platform:  Win2000/XP
Author:    Laszlo Hars <www.Hars.US>

Script to en/decrypt text in edit controls

Plus-minus Counter Mode: stream cipher using add/subtract with reduced range
   (32...126). Characters outside remain unchanged (TAB, CR, LF, ...).

The underlying cipher is TEA, the Tiny Encryption Algorithm
http://www.simonshepherd.supanet.com/tea.htm

   At Alt-X all text from an edit control is got (e.g. Notepad), or the selection
if it exists. If it starts with an IV, decrypt, otherwise encrypt - prepending IV.
   If there was no selection, the text is replaced, otherwise the en/decrypted
text is shown in a MsgBox

Version:   1.0  2005.07.10  First created
*/

SetBatchLines -1                 ; do it fast
StringCaseSense Off
AutoTrim Off

Mark1 = _\                       ; 2-char delimiters
Mark2 = /_
k1 := 0x11111111                 ; 128-bit secret key
k2 := 0x22222222                 ; hard coded or
k3 := 0x33333333                 ; could be user input
k4 := 0x44444444

!x::
   WinGet ID, ID, A              ; use current window
   Selected = 1
   ControlGet T, Selected,,,ahk_id %ID%
   IfEqual T,, {                 ; no selection = all text
      Selected = 0
      ControlGetText T,,ahk_id %ID%
   }

   StringGetPos p, T, %Mark1%    ; look for IV
   IfLess     p, 0, GoTo ENCRYPT
   StringGetPos p, T, %Mark2%
   IfNotEqual p,10, GoTo ENCRYPT
   StringMid p, T, 3, 8
   If p is not xdigit            ; if no IV: Encrypt
      GoTo ENCRYPT

DECRYPT:
   StringTrimLeft T, T, 12       ; remove IV from text
   k5 = 0x%p%                    ; set new IV
   i = 9                         ; pad-index, force restart
   p = 0                         ; counter to be encrypted
   L =                           ; processed text
   Loop % StrLen(T)
   {
      i++
      IfGreater i,8, {           ; all 9 pad values exhausted
         u := p
         v := k5                 ; another secret
         p++                     ; increment counter
         TEA(u,v, k1,k2,k3,k4)
         Stream9(u,v)            ; 9 pads from encrypted counter
         i = 0
      }
      StringMid c, T, A_Index, 1
      a := Asc(c)
      if a between 32 and 126
      {                          ; chars > 126 or < 31 unchanged
         a -= s%i%
         IfLess a, 32, SetEnv, a, % a+95
         c := Chr(a)
      }
      L = %L%%c%                 ; attach encrypted character
   }
   IfEqual Selected, 0
      ControlSetText,, %L%, ahk_id %ID%
   Else
      MsgBox %L%
Return

ENCRYPT:
   StringLeft k5, A_NowUTC, 8    ; current time
   StringRight v, A_NowUTC, 6
   v := v*1000 + A_MSec          ; in MSec
   SetFormat Integer, H
   TEA(k5,v, k1,k2,k3,k4)        ; k5 = starting random counter value
   SetFormat Integer, D
   StringTrimLeft u, k5, 2
   u = 0000000%u%
   StringRight IV, u, 8          ; 8-digit hex w/o 0x

   i = 9                         ; pad-index, force restart
   p = 0                         ; counter to be encrypted
   L = %Mark1%%IV%%Mark2%        ; IV prepended to processed text
   Loop % StrLen(T)
   {
      i++
      IfGreater i,8, {           ; all 9 pad values exhausted
         u := p
         v := k5                 ; IV
         p++                     ; increment counter
         TEA(u,v, k1,k2,k3,k4)
         Stream9(u,v)            ; 9 pads from encrypted counter
         i = 0
      }
      StringMid c, T, A_Index, 1
      a := Asc(c)
      if a between 32 and 126
      {                          ; chars > 126 or < 31 unchanged
         a += s%i%
         IfGreater a, 126, SetEnv, a, % a-95
         c := Chr(a)
      }
      L = %L%%c%                 ; attach encrypted character
   }
   IfEqual Selected, 0
      ControlSetText,, %L%, ahk_id %ID%
   Else
      MsgBox %L%
Return


TEA(ByRef y,ByRef z,k0,k1,k2,k3) ; (y,z) = 64-bit I/0 block
{                                ; (k0,k1,k2,k3) = 128-bit key
   IntFormat = %A_FormatInteger%
   SetFormat Integer, D          ; needed for decimal indices
   s := 0
   d := 0x9E3779B9
   Loop 32
   {
      k := "k" . s & 3           ; indexing the key
      y := 0xFFFFFFFF & (y + ((z << 4 ^ z >> 5) + z  ^  s + %k%))
      s := 0xFFFFFFFF & (s + d)  ; simulate 32 bit operations
      k := "k" . s >> 11 & 3
      z := 0xFFFFFFFF & (z + ((y << 4 ^ y >> 5) + y  ^  s + %k%))
   }
   SetFormat Integer, %IntFormat%
   y += 0
   z += 0                        ; Convert to original ineger format
}

Stream9(x,y)                     ; Convert 2 32-bit words to 9 pad values
{                                ; 0 <= s0, s1, ... s8 <= 94
   Local z                       ; makes all s%i% global
   s0 := Floor(x*0.000000022118911147) ; 95/2**32
   Loop 8
   {
      z := (y << 25) + (x >> 7) & 0xFFFFFFFF
      y := (x << 25) + (y >> 7) & 0xFFFFFFFF
      x  = %z%
      s%A_Index% := Floor(x*0.000000022118911147)
   }
}


  • Guests
  • Last active:
  • Joined: --
:) Very nice...

Would it be too much asked to build in a pass/passphrase to hash conversion, to get the 128-bit key? Maybe with help of the RC4 script by Rajat?

1 - get pass/passphrase

e.g. abc

2 - convert to 128 bit/16 byte string (hexadecimal)

abc -> 61 62 63 00 00 00 00 00 00 00 00 00 00 00 00 00

3 - compute the hash (RC4 or RC5, a 128 bit hash), and repeat this y times -> iteration (to get them insecure zeros - in case of a short pass - out of the way)

61 62 63 00 00 00 00 00 00 00 00 00 00 00 00 00 ->

something like: 0E 8B AA EB 3C ED 73 CB C9 BF 49 64 F3 21 82 4A

This final hash can then be used as the key for the TEA function

Can this be combined to a includeable script, with a simple callable function, something like:

CRYPTO_(Data, Pass) ; en/decrypts the passed data with the provided pass(phrase)

So, one can do stuff like:

IniWrite, CRYPTO_(aString, myPass), aFile.ini, aSection, aKey

or

IniRead, aString, aFile.ini, aSection, aKey
aString := CRYPTO_(aString, myPass)

or

FileAppend, CRYPTO_(myData, myPass), aFile.txt

etcet...

8)

Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005
We don’t need another cipher or dedicated hash function for passphrase handling. If in a loop its 64-bit chunks are encrypted after XOR-ing the previous result (CBC = Cipher Block Chaining), the final result is a secure hash function of the (padded) pass phrase.
CBC(ByRef u, ByRef v, x, k0,k1,k2,k3)
{
   u = 0
   v = 0
   Loop % Ceil(StrLen(x)/8)
   {
      p = 0
      StringLeft  c, x, 4
      Loop Parse, c
         p := (p<<8) + Asc(A_LoopField)
      u := u ^ p
      p = 0
      StringMid   c, x, 5, 4
      Loop Parse, c
         p := (p<<8) + Asc(A_LoopField)
      v := v ^ p
      TEA(u,v,k0,k1,k2,k3)
      StringTrimLeft x, x, 8
   }
}
It provides half of the derived key. The other half could be obtained the same way, using a different fixed key.

Here is a simple GUI for the user to enter a pass phrase.
!z::                             ; GUI for pass-phrase
   WinGet ID, ID, A              ; note current window
   Gui Font, s8, MS Sans Serif
   Gui Add, Edit,  x16  y14 w250 h20 Password vPW
   Gui Add, Button,x16  y54 w100 h30 Default, &OK
   Gui Add, Button,x166 y54 w100 h30,         &Cancel
   Gui Show, x558 y112 Center, Enter your passphrase
Return

GuiClose:
GuiEscape:
ButtonCancel:
   Gui Destroy
   WinActivate ahk_id %ID%       ; get back to caller window
Return

ButtonOK:
   Gui Submit                    ; assign gui variables (PW)
   Gui Destroy
   IfEqual PW,, Return
   PW = %PW%1234567              ; pad PW
   WinActivate ahk_id %ID%       ; get back to caller window
   CBC(k1,k2, PW, 1,2,3,4)
   CBC(k3,k4, PW, 4,3,2,1)
Return
The original script was meant to be a proof of concept only. There are many things you can make fancier. For example, for security you could warn the user if the pass phrase is not long enough or easy to guess.
Edit 2005.12.18: Fixed CBC (ceil instead of floor, simplified code)

Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005
Here are two functions, which en/decrypt AHK *variables*, easy to include in your scripts. The secret key can be hard coded or user supplied, e.g. with the script of my previous posting (need to rename the keys to k0, k1, k2 and k3).

The initial counter value (IV) is needed as extra parameter. The encryption function generates it, the decryption function uses it. It can be prepended to the ciphertext, as in the original script and in the examples below. If you want to save parameters, the key array name is enough to pass, like "key", assuming that the four 32-bit subkeys are key0, key1, key2 and key3. (Converting them to hex, removing 0x from their beginning and concatenating them looks like more work.)
decrypt(T,key)                   ; Text, key-name
{
   Local p, i, L, u, v, k5, a, c

   StringLeft p, T, 8
   If p is not xdigit            ; if no IV: Error
   {
      ErrorLevel = 1
      Return
   }
   StringTrimLeft T, T, 8        ; remove IV from text (no separator)
   k5 = 0x%p%                    ; set new IV
   p = 0                         ; counter to be encrypted
   i = 9                         ; pad-index, force restart
   L =                           ; processed text
   k0 := %key%0
   k1 := %key%1
   k2 := %key%2
   k3 := %key%3
   Loop % StrLen(T)
   {
      i++
      IfGreater i,8, {           ; all 9 pad values exhausted
         u := p
         v := k5                 ; IV
         p++                     ; increment counter
         TEA(u,v, k0,k1,k2,k3)
         Stream9(u,v)            ; 9 pads from encrypted counter
         i = 0
      }
      StringMid c, T, A_Index, 1
      a := Asc(c)
      if a between 32 and 126
      {                          ; chars > 126 or < 31 unchanged
         a -= s%i%
         IfLess a, 32, SetEnv, a, % a+95
         c := Chr(a)
      }
      L = %L%%c%                 ; attach encrypted character
   }
   Return L
 }

Encrypt(T,key)                   ; Text, key-name
{
   Local p, i, L, u, v, k5, a, c, IV

   k0 := %key%0
   k1 := %key%1
   k2 := %key%2
   k3 := %key%3

   StringLeft k5, A_NowUTC, 8    ; current time
   StringRight v, A_NowUTC, 6
   v := v*1000 + A_MSec          ; in MSec
   SetFormat Integer, H
   TEA(k5,v, k0,k1,k2,k3)        ; k5 = IV: starting random counter value
   SetFormat Integer, D
   StringTrimLeft u, k5, 2
   u = 0000000%u%
   StringRight IV, u, 8          ; 8-digit hex w/o 0x

   i = 9                         ; pad-index, force restart
   p = 0                         ; counter to be encrypted
   L = %IV%                      ; IV prepended to processed text
   Loop % StrLen(T)
   {
      i++
      IfGreater i,8, {           ; all 9 pad values exhausted
         u := p
         v := k5                 ; IV
         p++                     ; increment counter
         TEA(u,v, k0,k1,k2,k3)
         Stream9(u,v)            ; 9 pads from encrypted counter
         i = 0
      }
      StringMid c, T, A_Index, 1
      a := Asc(c)
      if a between 32 and 126
      {                          ; chars > 126 or < 31 unchanged
         a += s%i%
         IfGreater a, 126, SetEnv, a, % a-95
         c := Chr(a)
      }
      L = %L%%c%                 ; attach encrypted character
   }
   Return L
 }
Test it with
k0 := 0x11111111                 ; 128-bit secret key
k1 := 0x22222222                 ; hard coded default
k2 := 0x33333333                 ; user input overwrites
k3 := 0x44444444

e := encrypt("I love you!","k")
d := decrypt(e,"k")
MsgBox %e%`n%d%


  • Guests
  • Last active:
  • Joined: --
:) Thank you! Very good!

I encountered a 'problem' though... It seems the code 'forgets' the spaces in the data...

If I try your example:

I love you! -> Iloveyou!

:(

Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005
It might be the AutoTrim. You need the settings from the original
SetBatchLines -1

StringCaseSense Off

AutoTrim Off


  • Guests
  • Last active:
  • Joined: --
Yes, that was it :?

Now this: I tried to create a TEA.ahk file to be included. I wanted it to automagically encode/decode, so only one function -> Crypt()

This is the first attempt of my merger, but it doesn't work :( What did I do wrong?

The TEA.ahk file:

; *** TEA_Init() - Initialisation function ***
; You need to call this function once for every new pass(phrase)
; you want to use for en/decrypting. This function not only sets
; the new pass, but also some other variables.
TEA_Init(TEAPW)
{
	global

	TEABLines = %A_BatchLines%
	TEASCaseSense = %A_StringCaseSense%
	TEAATrim = %A_AutoTrim%

	SetBatchLines, -1 
	StringCaseSense, Off 
	AutoTrim, Off

	if TEAPW =
	{
		Msgbox, TEA Error!, The pass(phrase) you provided is empty!
		Exit 
	}

	TEAMark1 = _\                       ; 2-char delimiters 
	TEAMark2 = /_

	TEAPW = %TEAPW%1234567              ; pad PW 
	CBC(k0,k1, TEAPW, 1,2,3,4) 
	CBC(k2,k3, TEAPW, 4,3,2,1)
}

; *** TEA_Cleanup() - Cleanup function ***
; Needs to be called only once after processing, to reset
TEA_Cleanup()
{
	SetBatchlines, %TEABLines%
	StringCaseSense, %TEAStringCaseSense% 
	AutoTrim, %TEAATrim%
}

; *** Crypt() - The en/decryption ***
;
Crypt(T)                   ; Text, key-name 
{ 
	global
   Local p, i, L, u, v, k5, a, c, IV, ToEnc
   key = k
   StringGetPos p, T, %TEAMark1%    ; look for IV 
   IfLess p, 0, SetEnv, ToEnc, 1
   StringGetPos p, T, %TEAMark2% 
   IfNotEqual p,10, SetEnv, ToEnc, 0
   StringMid p, T, 3, 8 
   If p is not xdigit            ; if no IV: Encrypt 
      SetEnv, ToEnc, 1

	if ToEnc = 1 ; encryption
	{
		k0 := %key%0 
		k1 := %key%1 
		k2 := %key%2 
		k3 := %key%3 
		StringLeft k5, A_NowUTC, 8    ; current time 
		StringRight v, A_NowUTC, 6 
		v := v*1000 + A_MSec          ; in MSec 
		SetFormat Integer, H 
		TEA(k5,v, k0,k1,k2,k3)        ; k5 = IV: starting random counter value 
		SetFormat Integer, D 
		StringTrimLeft u, k5, 2 
		u = 0000000%u% 
		StringRight IV, u, 8          ; 8-digit hex w/o 0x 
		i = 9                         ; pad-index, force restart 
		p = 0                         ; counter to be encrypted 
		L = %IV%    

	}
	else ; decryption
	{
		StringLeft p, T, 8 
		If p is not xdigit            ; if no IV: Error 
		{ 
			ErrorLevel = 1 
			Return 
		} 
		StringTrimLeft T, T, 8        ; remove IV from text (no separator) 
		k5 = 0x%p%                    ; set new IV 
		p = 0                         ; counter to be encrypted 
		i = 9                         ; pad-index, force restart 
		L =                           ; processed text 
		k0 := %key%0 
		k1 := %key%1 
		k2 := %key%2 
		k3 := %key%3
	}

   Loop % StrLen(T) 
   { 
      i++ 
      IfGreater i,8, {           ; all 9 pad values exhausted 
         u := p 
         v := k5                 ; IV 
         p++                     ; increment counter 
         TEA(u,v, k0,k1,k2,k3) 
         Stream9(u,v)            ; 9 pads from encrypted counter 
         i = 0 
      } 
      StringMid c, T, A_Index, 1 
      a := Asc(c) 
      if a between 32 and 126 
      {                          ; chars > 126 or < 31 unchanged 

			if ToEnc = 1 ; encryption
			{
				a += s%i% 
				IfGreater a, 126, SetEnv, a, % a-95 
			}
			else ; decryption
			{
				a -= s%i% 
				IfLess a, 32, SetEnv, a, % a+95 
			}
         c := Chr(a) 
      } 
      L = %L%%c%                 ; attach encrypted character 
   } 
   Return L 
}

CBC(ByRef u, ByRef v, x, k0,k1,k2,k3) 
{ 
   u = 0 
   v = 0 
   Loop % Floor(StrLen(x)/8) 
   { 
      p = 0 
      Loop 4 
      { 
         StringLeft  c, x, 1 
         StringTrimLeft x, x, 1 
         p := 256*p + Asc(c) 
      } 
      q = 0 
      Loop 4 
      { 
         StringLeft  c, x, 1 
         StringTrimLeft x, x, 1 
         q := 256*q + Asc(c) 
      } 
      u := u ^ p 
      v := v ^ q 
      TEA(u,v,k0,k1,k2,k3) 
   } 
}

TEA(ByRef y,ByRef z,k0,k1,k2,k3) ; (y,z) = 64-bit I/0 block 
{                                ; (k0,k1,k2,k3) = 128-bit key 
   IntFormat = %A_FormatInteger% 
   SetFormat Integer, D          ; needed for decimal indices 
   s := 0 
   d := 0x9E3779B9 
   Loop 32 
   { 
      k := "k" . s & 3           ; indexing the key 
      y := 0xFFFFFFFF & (y + ((z << 4 ^ z >> 5) + z  ^  s + %k%)) 
      s := 0xFFFFFFFF & (s + d)  ; simulate 32 bit operations 
      k := "k" . s >> 11 & 3 
      z := 0xFFFFFFFF & (z + ((y << 4 ^ y >> 5) + y  ^  s + %k%)) 
   } 
   SetFormat Integer, %IntFormat% 
   y += 0 
   z += 0                        ; Convert to original ineger format 
} 

Stream9(x,y)                     ; Convert 2 32-bit words to 9 pad values 
{                                ; 0 <= s0, s1, ... s8 <= 94 
   Local z                       ; makes all s%i% global 
   s0 := Floor(x*0.000000022118911147) ; 95/2**32 
   Loop 8 
   { 
      z := (y << 25) + (x >> 7) & 0xFFFFFFFF 
      y := (x << 25) + (y >> 7) & 0xFFFFFFFF 
      x  = %z% 
      s%A_Index% := Floor(x*0.000000022118911147) 
   } 
}

and the test script:

#include TEA.ahk

aPass=a pass phrase to test with
someData=this is the text I'm trying to crypt

TEA_Init(aPass)

1stResult := Crypt(someData) 
2ndResult := Crypt(1stResult) 
MsgBox,0, Test TEA, From:`n`n%1stResult%`n`nTo:`n`n%2ndResult%

TEA_Cleanup()

Must be a small thing I overlooked, but what?

Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005
A couple of things: at the end of the 8th line in the Crypt function there should be 1, not 0.
The beginning of the function uses delimiters, but the part after "else ; decryption" assumes no delimiters around the IV (first 8 chars are used instead of 12).

  • Guests
  • Last active:
  • Joined: --
Ok, I changed the 0 to 1 in line 8, but the part about the delimiters? Can you show me what to change then? I literally used your code... :?

Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005
There are two flavors of the scripts I posted: The control/selection encryption uses markers around the IV, because its presence indicates, that we have encrypted text (and so plaintexts must not start with _\8-digit hexnum/_). En/decrypting AHK variables don’t need this, because there are separate functions for encryption and for decryption. You have to choose one policy in your unified function: with or w/o markers around the IV. You have a mixture.

But, why do you want to bring these into one function and control it with global variables? So the user needs to include only one function? But it will be slower, having an extra if statement in the innermost loop, or larger than the two original functions, if you separate the code for encryption and decryption. Also, global variables are confusing, error prone and considered bad style. I would instead add an extra parameter, default to 0. If it is nonzero, perform encryption, otherwise decryption (and this way there is no need for the markers around the IV). A global key is dangerous: somebody might try to use that variable for something else. You have to use as awkward key names as possible, but still, it is avoidable with parameters, as my functions are written.

To fix your code as it is now, just leave out 6 lines after "else ; decryption`n {", since you already checked the validity of the IV. The next line should trim 12 chars instead of 8.

Also the second line above "else ; decryption" should initialize L with the markers araound it, because when you check the presence of the IV, you assume that the markers are there.

  • Guests
  • Last active:
  • Joined: --
No, you convinced me, but the reason I wanted the pass conversion and use seperate from the function(s), was that I wanted to change this:

e := encrypt("I love you!","k") 
d := decrypt(e,"k")

Into this:
setpass("k")
e := encrypt("I love you!") 
d := decrypt(e)

which seamed safer to me, since in the script there would only be a call for the pass once, instead of everytime as it is now, so the script that borrowed it as an inclusion could be scattered with the pass.

but this would ofcourse be best:

setpass("k")
e := crypt("I love you!",1) 
d := crypt(e)

I'll see if I can get it to work, thanks for your script!

  • Guests
  • Last active:
  • Joined: --
Hmm after rereading, ok this one it will be then :? (someday)

setpass("a very long and unbreakable passphrase -not like this one-")
e := encrypt("I love you!") 
d := decrypt(e)

:?: How about it? Now I like this one the best... just encrypt/decrypt is easier to use then crypt and than a 0 or anything else

(ow, and unicode and binary support ofcourse too, and a binary/text checksum function library)

:p

Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005
That is fine, with a very awkward global name for the key. If someone includes this in her/his script (is Serenity the only girl in this forum?), s/he won’t accidentally use the key for something else, which is the danger with using k or key. Also, it is possible that someone reads an encrypted ini file and secure chats in the same time. Then two keys are needed, and changing the global key is more of a trouble than including the current one as a parameter.

  • Guests
  • Last active:
  • Joined: --
hmm, ok...

multiple - true, hadn't thought of that :oops: ok, forget everything I said.... :p

Ok, then how about adding the randomization of the keyname (which is a global variable, a threat, like you stated) to the script, with your true-random-from-diff-sys-variables function to come? This is a function that is needed anyway, since the system time alone is not enough. Moreover, if you need multiple passes, you also need multiple keys, the ones in global memory, so, good randomization of their names would add to the security.

What would the chance be if someone would do an encrypted compilation of a script with your function included, that it could be cracked (practically zero I think)...

But that it could be read out of memory, or other leaks?

Total errorproving the functions would be necessary too, for, if a (compiled) script can be fed 'illegal' data that can be used to crash it could give away vital information.

Laszlo
  • Moderators
  • 4713 posts
  • Last active: Mar 31 2012 03:17 AM
  • Joined: 14 Feb 2005
Random key name? It is an interesting idea. However, if it is not long enough, there still could be a collision. If it is long, I think a name like Don’t_mess_with_me, or Hands_off_this_name or $_$key#name, etc. might be sufficient. Or just prefix the module name, like TEAtext_encryptor_key_1.

This kind of encryption assumes your PC is safe. Otherwise a simple key logger gets your key. Nothing protects against HW key loggers, but thorough and frequent inspections. For SW pests TCG might offer help if your motherboard includes a TPM chip. Newer VIA processors have crypto circuits, equally good. Secure disk drives, authenticated from BIOS at boot up could provide an alternative, but in any case you need some extra HW. Without that, your crypto is only secure until some malware gets in the system. Use firewall, virus checker, spy removers, etc. and always have the latest security patches for all of your programs, not only Windows. (Recent news: Acrobat Reader opens a door for attackers.)