Beefy Boxes and Bandwidth Generously Provided by pair Networks vroom
We don't bite newbies here... much
 
PerlMonks  

Re: Encryption using perl core functions only

by Porculus (Hermit)
on Nov 25, 2007 at 23:01 UTC ( #652885=note: print w/ replies, xml ) Need Help??


in reply to Encryption using perl core functions only

You could take advantage of Perl's Bitwise String Operators to XOR your data against a shared key. This is completely useless against any hacker with half a clue, but is a popular method for obfuscation where true security is not critical. It's marginally more secure than ROT-N, and arguably simpler to implement -- I suspect it may be more efficient too, though I haven't bothered to benchmark anything.


Comment on Re: Encryption using perl core functions only
Re^2: Encryption using perl core functions only
by neosamuri (Friar) on Nov 25, 2007 at 23:58 UTC

    If your shared key is significantly larger then the plain text and the key is sufficiently random than using the key as a rotating shared key is non trivial or nearly impossible to break.

    http://en.wikipedia.org/wiki/One_time_pad is a similar choice which you may want to look at, the advantage for these is that they require little processing power to compute.

      It's not that simple, unfortunately. If you re-use the key, then you lose that security (the hacker can simply think of a large number of messages as a single large message with a key shorter than the message, at which point you're back where you started); and if you don't re-use the key, you have the problem of getting the new key to the client device securely.

Re^2: Encryption using perl core functions only
by ad1mt (Initiate) on May 08, 2012 at 17:21 UTC

    Hi Porculus - apologies for replying to such an old thread...

    A few years I invented a home-grown encryption for a application I wrote, and used a scheme like you describe. Following your comment, I am concerned about the security of my encryption (which is still in use).

    I am XOR'ing the plaintext against a shared secret "random" key, where the key is approx 50 thousand bytes (compared to a typical plaintext length of 10-500 bytes). The XOR starting position within the key is "random" for each encryption/call (and is then embedded within the encrypted data so the decryption algorithm can find it). The encryption program code and plaintexts are guaranteed to be private, and only the encrypted data is ever made public.

    Can you briefly explain to me how an attacker would break this?

    Many thanks for your help.

      Can you briefly explain to me how an attacker would break this?

      Pretty much the same way you would break rot 13 or any other substitution cipher, easily

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://652885]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others musing on the Monastery: (14)
As of 2014-04-23 09:53 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (541 votes), past polls