Copy Link
Add to Bookmark
Report
Xine - issue #4 - Phile 109
/-----------------------------\
| Xine - issue #4 - Phile 109 |
\-----------------------------/
Crypting datas in order to protect it is like an art, decrypting another.
Crypting datas in order to avoid decryption had been headed for years,
but I think each technique used is due to fail. Like CRC, for example,
all ways used remember the password ( well, also encrypted ) so that it
has already been - or it could be - hacked! But what about encryption that
don't remember passwords? I'm thinking about ^ encryption. Imagine
we make:
for all bytes
byte = byte ^ n
next bytes
file: a b c d e f g h i j
crpt: n n n n n n n n n n
rslt: k l o p q r s t u v
with k = a ^ n, l = b ^ n, o = c ^ n, ...
I remember for those who don't very know XOR that a ^ a = 0
=> b ^ a ^ a = b }=> c ^ a = b
c = b ^ a }
This mean that if u XOR "x" with a number "a", you xor the number u obtain
again with "a" and obtain then "x" back. So, if u wanna decrypt the file,
you only have to crypt it again with the same password...
What's the main default of that ^ encryption? That's, if we know a byte of
that file, we can know "n", so let be imaginative, use several numbers!
Look that example:
file: a b c d e f g h i j
crpt: m n m n m n m n m n
rslt: k l o p q r s t u v
with k = a ^ m, l = b ^ n, o = c ^ m, ...
So, we have to know 2 bytes of that file ( 1 for m and 1 for n, 2 for n is
useless ). That's better but... Let's try with 10 numbers, or more! but all
will have to be remembered! Imagine we use a sentence as password:
"I'm so sick!", so n1 = asc("I"), n2 = asc("'"), n3 = asc("m"), ...
Ok, but if someone know the first 12 bytes of that file!
So, there is the problem: periodicity!
How to avoid periodicity? I think the only way is to make a password longer
than the file. Cool, I'll use my english lessons like passwords ;-).
I won't explain ya how, but I'll show you... imagine we have 2 periodicity,
one of 2 bytes and one of 3 bytes... the "total" periodicity will be of
6 bytes...
With this 2 passwords: mn (2) and opq (3)
file: a b c d e f g h i j
crpt: m n m n m n m n m n
o p q o p q o p q o
rslt: k l r s t u v w x y
with k = a ^ m ^ o, l = b ^ n ^ p, o = c ^ m ^ q, ...
After, 2 periodicity, one of 2 bytes and one of 4 bytes will give a "total"
of 4 bytes! That don't multiply perios, you have to make the LCM ( lower
common multiple ) of all passwords used...
That's easy to imagine a password of 7, one of 13 ( and why limit to 2
pass? ), another of 11... that will give a perio of 1001 bytes )
So, let be imaginative, if e have a file longer that 1001 bytes:
1st - you could add a 5 bytes long password, so that total perio is now 5005.
2nd - imagine that a people have to know 1001 byte of youre file to decrypt
it!
Yeah, he have to know 1001 byte, I tryed to find a system, with 2 passwords
, one of 2 and one of 3, if I only have the total, I won't be able to find
the 2 original pass, so if I miss some ( if I know even 900 of 1001, I won't
be able to find the 101 left ), I'm also not able to know the total perio,
perhaps could I guess it, but...
Ok, here are the sources in C, made for Watcom11:
------------------
void Crypt( char* Data, int DataSize, char** Pws, int NPws )
{
char* DataPtr, **PwsPtr;
int i, j;
PwsPtr = new char*[ NPws ];
for( j=0; j<NPws; j++ )
PwsPtr[j] = Pws[j];
for( i=0, DataPtr=Data; i<DataSize; i++, DataPtr++ )
{
for( j=0; j<NPws; j++ )
{
*DataPtr ^= *(PwsPtr[j]++);
if( *(PwsPtr[j]) == 0 )
PwsPtr[j] = Pws[j];
}
}
delete PwsPtr;
}
------------------
Notes:
1st - That tutorial was made by n0ph on the 18-02-98, for IKX, for XINE4.
2nd - If you find a way to hack that kind of password, write to
n0ph@HotMail.Com...
3rd - Visit "members.xoom.com/n0ph" !
4th - That's all folks!
