Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

CipherTextI

by Steeeeeve
on Jul 17, 2001 at 06:10 UTC ( #97238=sourcecode: print w/ replies, xml ) Need Help??

Category: Cryptography
Author/Contact Info C. Prichard
Description: Improved string cipher. Useful in protecting content of HTML textareas where a Javascript implementation is used by the client. The algorithm has also been implemented in Visual Basic.

This improved version uses a randomly sorted key domain table to build a modified key used in a second cipher pass. The key domain now includes ASCII values from 32 to 96 decimal. Output domain is 32 to 159 but the values 128 to 159 are shifted so as to be compatible with all ISO-8859-1 implementations in transmission equipment as well as all Windows implementations.

A patent is being sought to protect the author's right to his own innovation which uses a key attribute to articulate shifts applied to the modified key string. Its thought that the implementation demonstrates that there is some cryptographic value of a somewhat unique key attribute. The attribute is used to mask the values in the modified key as they are taken from the randomly sorted domain table. The attribute is also used to articulate shifts applied to the modified key. Applying these shifts is what creates a difference between the resulting cipher bits applied by very similar keys.

Solving a CipherText message is not trivial. To date it has not been done. An attack will require some known plaintext and sufficient data for frequency analysis. Applying a truncated modified keystring of cipher bits in the second pass diffuses the recurring pattern to N*(N-1) message elements. It also serves to mask the actual key in the event that a message is broken and the same key is used to protect other items. The algorithm uses a data-dependent shift based on message length. This results in two different results when ciphering the word "Hello" and the word "Hello ". The feature is desireable for applications that would apply the same key to a series of short strings.

If required, an ASCII compliant version can be obtained.
# CipherTextI.pm
#
# Charles Prichard 6-16-01
#

#
#################################################
package CipherTextI;

use strict;
use integer;
use bytes;
#################################################
#   PUBLIC Subroutine                           #
#################################################
sub new($) {
    
my $class = shift;

    my $self = {};
    
    bless $self, ref $class || $class;


    $self->{xString} = undef;
    $self->{xStr} = undef;

    $self->{R_KEY} = undef;
    $self->{ATT} = undef;
    $self->{S_KEY} = undef;
    $self->{cipher_key} = undef;
    
    $self->{RSORT} = [];
    
    $self->init(@_);
    
    return $self;

}
sub init($){
    
    my $self = shift;
    
    my ($params) = shift;
    
    my @temp1 = split /\;/, $params;
    
        my %params = ();
    
        my @temp2=();
    
        foreach my $x (@temp1){
    
            @temp2 = split /\=/, $x;
    
            $self->{$temp2[0]} = $temp2[1];
       }
    
    $self->{RSORT} = [3,28,7,5,39,62,34,32,56,18,17,6,29,49,63,45,13,1
+3,29,40,2,17,17,9,12,61,56,23,55,37,31,13,27,52,8,23,38,53,9,60,31,30
+,39,27,37,14,14,34,8,29,58,10,25,3,19,37,11,35,52,39,48,24,22,19];
    
    $self->{S_KEY} = $self->Make_shiftedKeys();
    
    return;
}
#################################################
#   PUBLIC Subroutine                           #
#################################################
sub encipher($) {
    
    my $self = shift;
        
    my $MSG = shift;;
        
    $MSG = $self->Encode($self->Encode($MSG,$self->{R_KEY}),$self->{S_
+KEY});    

    return $MSG;     
}
#################################################
#   PUBLIC Subroutine                           #
#################################################
sub decipher {
    
    my $self = shift;
        
    my $MSG = shift;;
       
    $MSG = $self->Decode($self->Decode($MSG,$self->{S_KEY}),$self->{R_
+KEY});
      
    return $MSG;     
}
#################################################
#       PRIVATE Subroutine                      #
#################################################
sub Make_shiftedKeys(){
    
    my $self = shift;
    
    my $shift = $self->setAttribute();
    
    $self->{S_KEY} = $self->modifyKeys();

    if (($shift % 2) == 1){$self->{S_KEY} = (substr($self->{S_KEY},1,(
+length $self->{S_KEY})));}
    
    else {$self->{S_KEY} = (substr($self->{S_KEY},0,(length $self->{S_
+KEY}) - 1));}

    my $key;
    my $v;
    
    for (my $i=0; $i <= ($shift - 1) % length $self->{S_KEY}; $i++){  
+           
            
            my $key = substr($self->{S_KEY},0,1);
            
            $v = ord($key) - 32;
            
            $self->{S_KEY} = (substr($self->{S_KEY},1,(length $self->{
+S_KEY}) - 1));

            $self->{S_KEY} .= chr($v ^ $self->{RSORT}[$v] + 32);
    
        }
        
        return $self->{S_KEY};
}
#################################################
#       PRIVATE Subroutine                      #
#################################################  
sub setAttribute(){
    
    my $self = shift;
    
        $self->{ATT} = 0x00;
        
        for (my $i=0; $i < (length $self->{R_KEY}); $i++){
    
        $self->{ATT} = $self->{ATT} ^ (ord(substr($self->{R_KEY},$i,1)
+) - 0x20);  
      } 
        
        return $self->{ATT};
}
#################################################
#       PRIVATE Subroutine                      #
#################################################
sub modifyKeys(){
    
    my $self = shift;
    my S_KEY = "";
    my $i, $x;
    
    For $x = 1 To length($self->{R_KEY})
    
        $i = ord(substr($self->{R_KEY}, $x, 1)) - 32
        
        S_KEY = S_KEY + Chr(($i ^ $self->{RSORT}[$i] ^ $self->{ATT}) +
+ 32)
    
    Next x
    
    return S_KEY;

}
#################################################
#       PRIVATE Subroutine                      #
#################################################
sub Encode($$){
    
    my $self = shift;
    
        $self->{xString} = shift;
    
        $self->{cipher_key} = shift;
    
        $self->cipher();
    
        return $self->{xStr};

}
#################################################
#       PRIVATE Subroutine                      #
#################################################
sub Decode($$){
    
    my $self = shift;
    
    $self->{xString} = shift;
    
        $self->{cipher_key} = shift;
    
        $self->cipher();
    
        return $self->{xStr};

}
#################################################
#       PRIVATE Subroutine                      #
#################################################
sub cipher(){
    
    my $self = shift;

        $self->{xStr} = "";
     
        my $keyval;
     
        my $xch;
     
        my @akeys = split "",$self->{cipher_key};
     
        my $keylen = length $self->{cipher_key};
     
        my $i = (length $self->{xString} % $keylen); # DATA DEPENDENT 
+SHIFT 
    
        for(my $x=0; $x < length ($self->{xString}); $x++){
            
              $keyval = ord($akeys[$i]) - 0x20;
              
              $xch = ord(substr($self->{xString},$x,1));
              
              if ($xch > 0x7f){ $xch = $xch - 0x21;}
              
            if ($xch > 0x1f){
                

                 $xch = ($keyval ^ ($xch - 0x20)) + 0x20; # Apply ciph
+er
               
                 
              }
             
             if ($xch > 0x7f){ $xch = $xch + 0x21;}
        
        $self->{xStr} .= chr($xch);                           
     
            $i++;
     
            if ($i == $keylen){$i = 0;}
     
        }         

        return;
}

1;

Comment on CipherTextI
Download Code
Re (tilly) 1: CipherTextI
by tilly (Archbishop) on Jul 17, 2001 at 07:49 UTC
    Here are my objections to this post.
    1. This isn't valid Perl. It won't run.
    2. Even if it was, you are failing to achieve the basic level of encryption taken for granted decades ago. This is an improvement on the xor nonsense that you had previously. But it isn't much of an improvement.
    3. The fact that you are trying to get a patent is but another reason to avoid this. It is possible that you might get a patent. But that is IMO due to how broken the patent system is, and not to the merits of your case.
    4. A basic rule in cryptography is to never trust the crypanalysis of the author of the code. This applies when the author is widely recognized as a competent researcher. It applies doubly when the author is an amateur.
    5. There are widely available free alternatives which are much more trustworthy. For instance RSA is no longer encumbered by a patent, has been analyzed intensely, and can be used for the application that you mention by the simple expedient of putting your website on an https server. That takes care of the details on the server's end, and the browser will do the rest.
    6. You still have not realized that your prototypes are completely being ignored? We went through this before and I know you didn't believe us then, but it is true. You would be better off just removing them all because they are not used on method calls.
    In short, I am actively recommending that people not try to use this.
      I'm about 3/4ths of the way through The Code Book, and I'm even more amazed at how interesting the task of cryptohacking is, and how much easier it is for the experts to break things than I had ever imagined. Sure, some of it is brilliant strokes, and some of it is dumb luck, but the account of snapping the Enigma machines is a definite page-turner.

      The CiperTextI looks like the stuff these guys solve as entrance exams in first year crypto. {grin}

      -- Randal L. Schwartz, Perl hacker

        For all interested people I thought I'd add The Codebreakers by David Kahn, the first 'popular-scientific' work in that field (originally from 1967 iirc). I don't know how much overlap there is between this book and The Code Book mentioned by merlyn. But it's a good read - that's what I meant by popular-scientific ;)

        -- Hofmator

        To get the facts, the Code book was a facinating read (particularly for its nice links back to historic events).

        To wet the tastebuds (and pass the hours quite nicely) I've always enjoyed Cryptonomicon by N.S. Its link to reality is a little cloudy at times but it certainly fires up the imagination.
(Ovid - I think Steeeeeve is lying)
by Ovid (Cardinal) on Jul 17, 2001 at 23:01 UTC

    Why are you posting this? It won't run. It's poorly structured and it demonstrates that you don't understand some basics about Perl. Ordinarily, I would not be so harsh, but you've been here before and ignored advice from some people you should definitely be paying attention to (merlyn, tilly and others).

    Here are a few comments for you:

    • You wrote, in response to those who claim that breaking your system should be trivial:
      At present the world is working on it, largely because of the most disturbing way it has been implemented.

      Yup. Saw it on CNN last night. HEADLINE: "NSA works furiously to break Steeeeeve's encryption algorithm."

      Please, credit us with some intelligence. If you want us to believe that the "world is working on it", provide some evidence.

    • This ain't Perl:
      For $x = 1 To length($self->{R_KEY})

      If you are going to lie to us, at least be a bit more clever about it. Your program won't run.

      HEADLINE 2: "NSA stops work on Steeeeeve's encryption algorithm after determining that it won't run."

    • If you are so good at crypto, could you give us some credentials? Heck, at least provide us with some mathematical evidence that suggests your routine is worth something.
    • As tilly has pointed out more than once, prototypes will not work on method calls. Prototypes are checked at compile time. The actual subroutine called by a method call is not determined until run time - too late for the prototype.

    I am usually known for being a nice guy. However, I don't appreciate what appears to be someone lying (that someone is you, if it's not perfectly clear), nor do I particularly care for someone who completely fails to learn from his or her mistakes.

    Cheers,
    Ovid

    Vote for paco!

    Join the Perlmonks Setiathome Group or just click on the the link and check out our stats.

Hot hot cipher action (boo)
by boo_radley (Parson) on Jul 18, 2001 at 00:51 UTC
    uh, in other news, this same topic is appearing on perl.com : ciphers and perl.
    Interestingly, all of this hoohah may be reduced to
    use Crypt::CBC; $cipher = new Crypt::CBC ($key, 'Twofish'); undef $/; $plaintext = <PLAINTEXT>; print CIPHERTEXT $cipher->encrypt($plaintext);
    I think that cryptography will join CGI as "modules to not reinvent" as far as I'm concerned.
Re: CipherTextI
by MeowChow (Vicar) on Jul 18, 2001 at 03:14 UTC
    For those who wish to satisfy their misplaced curiousity or boredom, what Ste+ve meant was:
    ## replace modifyKeys with below code sub modifyKeys { my $self = shift; my $S_KEY = ""; my ($i, $x); for my $x (0..length($self->{R_KEY})-1) { $i = ord(substr($self->{R_KEY}, $x, 1)) - 32; $S_KEY .= chr(($i ^ $self->{RSORT}[$i] ^ $self->{ATT}) + 32) } return $S_KEY; } ## fix up the following line in sub cipher() ## my $i = (length ($self->{xString}) % $keylen); # DATA DEPENDENT SHIF +T
       MeowChow                                   
                   s aamecha.s a..a\u$&owag.print
Re: CipherTextI
by tadman (Prior) on Jul 24, 2001 at 00:52 UTC
    How do you rocket to a high post on the Worst Nodes listing? I think Steeeeeve has the answer. You post something that doesn't parse, make huge claims about its functionality that can't be substantiated, and hint that you are going to patent it. One of the very few things that could make this any worse were if it looked like a posted homework assignment.

    "Solving a CipherText message is not trivial. To date it has not been done."
    Perhaps no "CipherTextTM" message has been cracked, if only because nobody felt motivated to do so, but this CipherTextI program uses very rudimentary XOR encryption which is virtually trivial to crack, as evidenced by the recent effort to examine the ActiveState Perl compiler and rescue some source code. This makes it only slightly more difficult than cracking, say, ROT-13.

    Sorry, Steeeeeve, but arrogance and ignorance are not desirable traits in this particular community.

Back to Code Catacombs

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: sourcecode [id://97238]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (9)
As of 2014-08-30 19:35 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best computer themed movie is:











    Results (293 votes), past polls