Creating a Good Encryption....
Moderator: General Moderators
-
jclarkkent2003
- Forum Contributor
- Posts: 123
- Joined: Sat Dec 04, 2004 9:14 pm
Creating a Good Encryption....
Hello TO ALL!!!
I would appreciate some help.
I know about ION Cube and Zend, but I am trying to find a way to do this WITHOUT having to have those installed.
What are methods I can use to encrypt ANYTHING, let's just start with encrypting the string:
I want to encode This String and Keep it 100% in tact, including All characters and spaces, nothing changes.
So far, I can encrypt it using base64 encode decode, gzcompress, and gzdeflate.
What else can I do? I wrote a script which allows me to sequence the encryption of data I enter in the choice of my choosing, and it outputs the encrypted code, and also it outputs the php code to decrypt it.
I would really like to know ALL the ways I can encrypt data WITHOUT installing extra stuff FIRST, and then I'd like to know the ways WITH installing extra stuff (BUT I really need the ones without installing things like zend and ion).
I'd like to be able to encrypt all strings, paragraphs, even paste in html characters like < > / \ . !@#$^%&^%*&(* , etc.
If there is a way I can enter a password, such as "TEST123" and it encrypts into a string based on that pass word and needs that password to decrypt that would be AWESOME. I know it exists in JAVASCRIPT, but I really need to stick solely to php for this.
Thanks.
BTW, this is for purposes of encrypting anything from files, to messages where I can tell my friend a password on the phone and anytime we talk online we use my script to encode and decode. the more complex and harder to break the better, cuase I'd like to release this script out as freeware and I don't want people uncompressing it and base64_decoding it and seeing the source.
Thanks again!
I would appreciate some help.
I know about ION Cube and Zend, but I am trying to find a way to do this WITHOUT having to have those installed.
What are methods I can use to encrypt ANYTHING, let's just start with encrypting the string:
I want to encode This String and Keep it 100% in tact, including All characters and spaces, nothing changes.
So far, I can encrypt it using base64 encode decode, gzcompress, and gzdeflate.
What else can I do? I wrote a script which allows me to sequence the encryption of data I enter in the choice of my choosing, and it outputs the encrypted code, and also it outputs the php code to decrypt it.
I would really like to know ALL the ways I can encrypt data WITHOUT installing extra stuff FIRST, and then I'd like to know the ways WITH installing extra stuff (BUT I really need the ones without installing things like zend and ion).
I'd like to be able to encrypt all strings, paragraphs, even paste in html characters like < > / \ . !@#$^%&^%*&(* , etc.
If there is a way I can enter a password, such as "TEST123" and it encrypts into a string based on that pass word and needs that password to decrypt that would be AWESOME. I know it exists in JAVASCRIPT, but I really need to stick solely to php for this.
Thanks.
BTW, this is for purposes of encrypting anything from files, to messages where I can tell my friend a password on the phone and anytime we talk online we use my script to encode and decode. the more complex and harder to break the better, cuase I'd like to release this script out as freeware and I don't want people uncompressing it and base64_decoding it and seeing the source.
Thanks again!
-
jclarkkent2003
- Forum Contributor
- Posts: 123
- Joined: Sat Dec 04, 2004 9:14 pm
another question before I forget, this is for a slightly different purpose, but does anyone know about that UNI-8 encryption-decryption for javascript?
I googled it for days trying to decode someone's javascript script and I got NOTHING, so for me It was pretty hard to crack, cause I haven't found out how to decode it. how do you encode and decode into UNI-8 ?
Thanks.
I googled it for days trying to decode someone's javascript script and I got NOTHING, so for me It was pretty hard to crack, cause I haven't found out how to decode it. how do you encode and decode into UNI-8 ?
Thanks.
-
kettle_drum
- DevNet Resident
- Posts: 1150
- Joined: Sun Jul 20, 2003 9:25 pm
- Location: West Yorkshire, England
-
jclarkkent2003
- Forum Contributor
- Posts: 123
- Joined: Sat Dec 04, 2004 9:14 pm
Hi,
Can you be more specific by " 'php des' 'php crypt' 'php aes' etc.", I am googling them but if you can give as many as you know of that would be perfect.
I CANNOT use Mcrypt, yes I have it installed but it is a ONE way encryption because I have been messing around with it, and it is ONLY two way when you encrypt and decrypt in the same php page LOAD. I don't know what good it does to encrypt and decrypt in the same PAGELOAD,
because I need to encrypt a string like "TEST123" and be able to copy the encrypted version into a text file, and then a month later be able to paste that encrypted version into the decrypter and it be able to show the full unencrypted version.
Can you be more specific by " 'php des' 'php crypt' 'php aes' etc.", I am googling them but if you can give as many as you know of that would be perfect.
I CANNOT use Mcrypt, yes I have it installed but it is a ONE way encryption because I have been messing around with it, and it is ONLY two way when you encrypt and decrypt in the same php page LOAD. I don't know what good it does to encrypt and decrypt in the same PAGELOAD,
because I need to encrypt a string like "TEST123" and be able to copy the encrypted version into a text file, and then a month later be able to paste that encrypted version into the decrypter and it be able to show the full unencrypted version.
-
kettle_drum
- DevNet Resident
- Posts: 1150
- Joined: Sun Jul 20, 2003 9:25 pm
- Location: West Yorkshire, England
-
jclarkkent2003
- Forum Contributor
- Posts: 123
- Joined: Sat Dec 04, 2004 9:14 pm
-
kettle_drum
- DevNet Resident
- Posts: 1150
- Joined: Sun Jul 20, 2003 9:25 pm
- Location: West Yorkshire, England
yes and use the commands to run encryption programs such as openssl and others.
Do you want to encode or encrypt? Why do you want it to be monster to decrypt? Encryption needs to be as strong as the information is valueable. Encrypting data will take some time and resources - the stronger the encryption the more time and resources it will use. Without knowing what kind of data you are encryption, its hard to know what the best method would be.
If you want to use a 128 or 256bit encryption then it would be far better to call openssl to encode it from the shell im sure it would be vastly faster than any php implementation.
Do you want to encode or encrypt? Why do you want it to be monster to decrypt? Encryption needs to be as strong as the information is valueable. Encrypting data will take some time and resources - the stronger the encryption the more time and resources it will use. Without knowing what kind of data you are encryption, its hard to know what the best method would be.
If you want to use a 128 or 256bit encryption then it would be far better to call openssl to encode it from the shell im sure it would be vastly faster than any php implementation.
-
jclarkkent2003
- Forum Contributor
- Posts: 123
- Joined: Sat Dec 04, 2004 9:14 pm
ok, well like I said earlier, the purpose is for MANY uses.
The FIRST purpose, is to encryrpt a free php script I wrote and give it to my friend, who is VERY VERY VERY good at decrypting but doesn't have much patience, so I'd like to encrypt it, not with zend or ion cube, but with as many different encryptions as possible so he has to decrypt each one so there is many levels and they repeat at different intervals, right now I have a script that does this as many times as I want:
base64_encode(gzcompress(base64_encode(gzdeflate(base64_encode(base64_encode("TEST123"))))))); = This gives a SERIOUSLY jumbled string, but to decode, I have to put the order in the script so it can run. I want to encrypt it over and over again so it makes it really hard to get to the actual "TEST123" segment or whatever I put in there.
and it does as many mixes as I want and is still reverseable. I want to put more than just 3 in there, I'd like to put more functions even encrypted that he would have to decode and work through to understand how to decrypt.
First thing I am going to use it for is a PHP SPIDER that crawls a url /script.php?url=http://www.proxysite.com/proxies.php and GRABS ALL proxies and outputs them in a format IP:PORT in a text file they can then download.
I want to release this script to EVERYONE free, no ads or anything but I don't want people taking off my copyright at the bottom which I have had done MANY times before. It's a habbit, people take off my copyright and then put theirs and re release it on their BIGGER and MORE known website and <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> me off.
The FIRST purpose, is to encryrpt a free php script I wrote and give it to my friend, who is VERY VERY VERY good at decrypting but doesn't have much patience, so I'd like to encrypt it, not with zend or ion cube, but with as many different encryptions as possible so he has to decrypt each one so there is many levels and they repeat at different intervals, right now I have a script that does this as many times as I want:
base64_encode(gzcompress(base64_encode(gzdeflate(base64_encode(base64_encode("TEST123"))))))); = This gives a SERIOUSLY jumbled string, but to decode, I have to put the order in the script so it can run. I want to encrypt it over and over again so it makes it really hard to get to the actual "TEST123" segment or whatever I put in there.
and it does as many mixes as I want and is still reverseable. I want to put more than just 3 in there, I'd like to put more functions even encrypted that he would have to decode and work through to understand how to decrypt.
First thing I am going to use it for is a PHP SPIDER that crawls a url /script.php?url=http://www.proxysite.com/proxies.php and GRABS ALL proxies and outputs them in a format IP:PORT in a text file they can then download.
I want to release this script to EVERYONE free, no ads or anything but I don't want people taking off my copyright at the bottom which I have had done MANY times before. It's a habbit, people take off my copyright and then put theirs and re release it on their BIGGER and MORE known website and <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span> me off.
-
kettle_drum
- DevNet Resident
- Posts: 1150
- Joined: Sun Jul 20, 2003 9:25 pm
- Location: West Yorkshire, England
Well that is just a form of encoding and not encryption and because of that its very easy to break, base_64 doesnt really hide anything. Then because you are handing out the script, you also need to hand out the code that decodes it so that it can be run on the users server - so you are infact giving them the key to decode it.
If your handing out your code for free, then yes people shouldnt just say that its theirs - but you have to live with that sometimes. If you dont want that to happen then you will have to sell the code. I also doubt that your friend can easily break ION Cube.
If you so scared of people copying your code then you can always make it harder for people to want to use the code, by adding fake functions that dont do anything, renaming all variables to some similar name thats like 30 chars long so its hard to see what is what, removing all white space and new lines etc.
Just think about adding something that will stop people wanting to use your code as it looks like a pile of mess.
If your handing out your code for free, then yes people shouldnt just say that its theirs - but you have to live with that sometimes. If you dont want that to happen then you will have to sell the code. I also doubt that your friend can easily break ION Cube.
If you so scared of people copying your code then you can always make it harder for people to want to use the code, by adding fake functions that dont do anything, renaming all variables to some similar name thats like 30 chars long so its hard to see what is what, removing all white space and new lines etc.
Just think about adding something that will stop people wanting to use your code as it looks like a pile of mess.