Computer Science Canada Encrypting |
| Author: | TokenHerbz [ Thu Mar 02, 2006 6:59 pm ] |
| Post subject: | Encrypting |
How would you go about encrypting a save file for your pogram... Say you got a user name and password, or RPG info, and save it to a file called... Save.txt what do you do to get both numbers and letters jumbuled so the user can't read it... Also, to unencript it so it is readable.... Also, say you have 2 turing files.. a Main.t and a Data.t in the main.t file you include data.t which holds say, var t: string := "Talk" main file says, put t (this is just for an example) You turn Main.t into .exe so how do you stop users from accessing data.t |
|
| Author: | Martin [ Thu Mar 02, 2006 7:21 pm ] |
| Post subject: | |
Well, the easiest you could do would be to just add n to each letter. a -> c b -> d c -> e ... etc. Or maybe, add 2 * the index in the string. For the password 'abcd', you would get a -> c (a + 2*1) b -> f (b + 2*2) c -> i (c + 2*3) d -> l (d + 2*4) Basically, you can use any obfuscation that is reversible. Or if you want, you could look into using seeded random numbers - this way you just add a random amount to each letter, but you can figure out what those random amounts were later. The pros use http://en.wikipedia.org/wiki/RSA , but that could be overkill |
|
| Author: | md [ Thu Mar 02, 2006 7:48 pm ] |
| Post subject: | |
don't forget xor encryption; or base64 encoding. Both are simple and useful for obfuscation. Really unless your using something more complex then substitution and different bases all your doing is obsucation rather then encrypting. If you're really adventurous though you could try your hand at porting Blowfish to turing  |
|
| Author: | TokenHerbz [ Thu Mar 02, 2006 7:54 pm ] |
| Post subject: | |
Lamer... your suggetion a -> c (a + 2*1) b -> f (b + 2*2) c -> i (c + 2*3) d -> l (d + 2*4) what happends in the word iglooze, where z is the last letter, and cannot grow? Im thinking it will be alot of code to get the z to subtarct yes? Im looking for an effective, easy, and fast way to encripy both numbers and letters... |
|
| Author: | Andy [ Thu Mar 02, 2006 8:03 pm ] |
| Post subject: | |
err of course z works.. z + 2*26 == z |
|
| Author: | MysticVegeta [ Thu Mar 02, 2006 8:09 pm ] |
| Post subject: | |
Cornflake wrote: don't forget xor encryption; or base64 encoding. Both are simple and useful for obfuscation. eh, I doubt the information hes storing inside the file will be "that" important/confidential. lol. |
|
| Author: | Delos [ Thu Mar 02, 2006 8:16 pm ] |
| Post subject: | |
TokenHerbz wrote: Lamer... your suggetion...
Actually, his name is Martin. His title is Lamer. Look again...  |
|
| Author: | TokenHerbz [ Thu Mar 02, 2006 8:43 pm ] |
| Post subject: | |
lol oh yeah, lamer just stood out and stuck in my head.... Um, I will attempt to try the encryption... |
|
| Author: | [Gandalf] [ Thu Mar 02, 2006 9:32 pm ] |
| Post subject: | |
TokenHerbz, there are characters with ASCII values higher than z. After that, it would be: ... x, y, z, {, |, } ... |
|
| Author: | TokenHerbz [ Thu Mar 02, 2006 9:40 pm ] | ||
| Post subject: | |||
Ok here is my test code which seems to work, any ideas to improve will help alot, but im thinking of puting the encryption into a proceadure and call it with EACH variable, cause i dont know how else to make this effective for 50 variables.... Any ideas?
%%look in the file... to see it work... |
|||
| Author: | TokenHerbz [ Fri Mar 03, 2006 12:25 am ] |
| Post subject: | |
Alright, lets say i have a basic encryption... I wish to make a brief case to which i can *hide* files in, where you need a password to access it... lets say i want to put some good old .exe's and movies of sorts, perhaps pics too... Is turing able to act like a folder?? with a password ability?? I would like some help on this, as i have not learned anything on this yet... |
|
| Author: | TokenHerbz [ Fri Mar 03, 2006 12:28 am ] |
| Post subject: | |
Edit:: i cant find the edit button I forgot to mention... if it can hold and secure files, can it block searches aswell, saying acees is needed, or better yet, not being able to detect it on the comp? |
|
| Author: | [Gandalf] [ Fri Mar 03, 2006 12:33 am ] |
| Post subject: | |
The edit button was removed some time ago. Basically, the answer to all those questions is no. You would probably need access to the Windows API for all those things, which Turing doesn't have. The only thing you can do is encrypt/obfusciate the files in those folders. |
|
| Author: | TokenHerbz [ Fri Mar 03, 2006 2:42 am ] |
| Post subject: | |
Can anyone help me creat an effective encrytion code? I want to lots of info into here, threw serveral variables of all types... Booleans / Ints / strings :etc: and i cant encrypt each variable at a time... |
|
| Author: | codemage [ Fri Mar 03, 2006 8:57 am ] |
| Post subject: | |
I'm surprised that nobody has mentioned changing the file postfix. If your data file is named *.txt, you're just begging someone to start editing values & seeing what happens. If you rename it to a non-editable type (it's ok to lie with filenames) like .dll or .ifo or .sys, you'll scare off 90% of would-be hackers. |
|
| Author: | TokenHerbz [ Fri Mar 03, 2006 10:49 am ] |
| Post subject: | |
are those files editable in the same way? how do i creat a file of these types? |
|
| Author: | TokenHerbz [ Fri Mar 03, 2006 11:05 am ] |
| Post subject: | |
ok i figured it out, and you cant open .dll files direct right? |
|
| Author: | Delos [ Fri Mar 03, 2006 11:19 am ] |
| Post subject: | |
Note that this method is purely superficial. There is nothing stopping anyone from opening a .dll with notepad and realizing it's not really a Linked Library. Indeed, anyone who is after the contents of your file will likely be going through a Hex Editor, which would tip them off straight away that your 'dlls' are fake. Think about it this way: if you had a bottle of water, and you changed its label from 'H2O' to 'C6H5CHO', you'd probably deter a lot of people from drinking it...since benzaldehyde is not really something you'd want to drink. However, any chemist worth their grain in salt, would simply take a sample, mix up a little Tollen's reagent and know straight away that they're not dealing with an aldehyde. (Indeed, a simple IR spectra would show the presence of water right away...really broad signal at ~3200 cm-1). Ok, maybe that wasn't the most applicable of examples, but you get the point. |
|
| Author: | TokenHerbz [ Fri Mar 03, 2006 11:25 am ] |
| Post subject: | |
then perhaps you can tell me how to protect my code? All of it. |
|
| Author: | codemage [ Fri Mar 03, 2006 2:27 pm ] |
| Post subject: | |
Rename the file *as well as* encrypting it. Another good social engineering method of defeating crackers is create a dummy save file with all the actual info in it, and name it something obvious. Crackers will try to edit the dummy file, when the actual data is being loaded from your stealth file. You could probably even hide the file among your images, if you want to be nasty. If you know how graphics files break down (the information is public), you could actually hide your save data *inside* a valid picture file. (See steganography). For simple purposes, you'll get quick results if you cast each variable as a string, and then do a few weak reversible encryptions on each: XOR is fantastic, as already stated You can flip characters, (1<->2, 3<->4, etc.) You can reverse each string (ABC -> CBA) You can increment (ABCD -> BCDE) You can Caesar cipher (ABCCA -> XUEEX) according to a preset key. |
|
| Author: | MysticVegeta [ Fri Mar 03, 2006 3:30 pm ] |
| Post subject: | |
TokenHerbz, your topic inspired me to write this -> http://www.compsci.ca/v2/viewtopic.php?t=11466 |
|
| Author: | md [ Fri Mar 03, 2006 4:32 pm ] |
| Post subject: | |
changing the extension is pointless. If your running oh say linux then most of the file managers actually try and decode the file a bit for you and shou you a preview. And it's still text afterall. Your going about encrypting a file entirely wrong. What you need to do is save all your data to a string or sequence of strings; then encrypt the entire string. To decode you just decrypt the string, and then parse it to get your variable data. |
|
| Author: | [Gandalf] [ Sat Mar 04, 2006 8:11 am ] |
| Post subject: | |
Another reason changing the suffix is quite pointless: Turing can't handle .dlls, or much else. Unless you want to pretend your file is actually an image or sound file, but that would be quite obvious to anyone. Encrypt? Well... Use write instead of put. |
|
| Author: | TokenHerbz [ Sat Mar 04, 2006 10:48 am ] |
| Post subject: | |
what does write accomplish which put does not? |
|
| Author: | [Gandalf] [ Sat Mar 04, 2006 10:56 am ] |
| Post subject: | |
Try it out. put to a file, and then write the same data. Now open up the files, and compare what you see. write outputs the data in binary format, not in ASCII. Only problem you may experience is that strings will appear as they are. There are solutions to that, which I will leave you to figure out. |
|
| Author: | TokenHerbz [ Sat Mar 04, 2006 11:04 pm ] | ||
| Post subject: | |||
ok.... say we have variables:
How do i effectivly encrypt them, and write them in 1 file called data.txt Thats my last question on this topic, and i would like it answered please! Bits to who comes up with a working answer! |
|||
| Author: | Delos [ Sun Mar 05, 2006 11:36 am ] |
| Post subject: | |
Your last question is also your first question. Have you not read all the replied regarding ASCII conversions? Really, you're going around in circles right now. Take each value, convert it to a string if necasarry. Perform encryption tasks on said string. These tasks could range anywhere from a simple Caesar cypher (A->B, B->C, etc) to something far more complicated like the key-based encryption mentioned earlier. Now put/write this to a file, for instance "tommydata.prb". What does .prb stand for? Absolutely nothing. It's just a random ending I felt like giving the file. I could have used ".txt, .xyz, .veniceinspringtime" or nothing at all. When the time comes, read this file back in, parse it according to how it was written, then decode accordingly. In essence, this post is a summary of everything that has been said so far - I get the feeling that you're trying to get someone else to write the code for you. What would be the point of that? You would learn nothing. Now go ahead and get coding, I promise you it's completely do-able. |
|
| Author: | MysticVegeta [ Sun Mar 05, 2006 12:22 pm ] |
| Post subject: | |
Also changing an extension maybe useful but remember, if you save it to extention .asdf and it has text in it and I open it with notepad, I can still see whats inside it that you wrote, so thats why encryption is more useful than changing the file names. |
|
| Author: | TokenHerbz [ Sun Mar 05, 2006 4:08 pm ] |
| Post subject: | |
I CAN encrypt my variables, but just one at a time, thus my question was on how can i do this EFFECTIVLY, thus meaning i dont have to encrypt 1 variable at a time. |
|
| Author: | Delos [ Sun Mar 05, 2006 5:55 pm ] |
| Post subject: | |
... "Effectively" vs. "Efficiently". Two very different things. Effectiveness in this case is based upon how complex your cypher is. Efficiency, on the other hand, is based upon how quickly your programme runs - with minimum debauchery of system resources. You say you don't want to encrypt one var at a time. This concept is a little beyond me right now. Why?!. Start grouping your variables together and you will end up with a toxic slew of utter chaos. One at a time allows you maximum control over how they are placed in your file, which are encrypted, which keys are used for which, etc etc. If you *must* find a more 'efficient' method, then you could always run through all your available variables, store them in an array (of strings, just convert), then encrypt and write that array to file. Utterly pointless though, since you still end up listing all your variables. Perhaps you can be a little more lucid in exactly why you would want to do this. You seem to have formed a habit of being as vague as possible, yet at the same time putting far too much faith in our clairvoyence (as I've alluded to so many times in the past). |
|
| Author: | codemage [ Mon Mar 06, 2006 9:43 am ] |
| Post subject: | |
MysticVegeta wrote: Also changing an extension maybe useful but remember, if you save it to extention .asdf and it has text in it and I open it with notepad, I can still see whats inside it that you wrote, so thats why encryption is more useful than changing the file names.
Heck yes - but change the filename as well. It takes zero more coding effort, and you'll turn away any noob that notices that your file opens with notepad by default. When was the last time anyone on this board opened a JPEG or DLL in a text/hex editor while looking for game data? I'm willing to bet pretty much nobody. Will it keep away release-group-quality-crackers? No. But none of them are interested in cracking your program. This is not 100% effective (so encrypt as well), but it's insanely efficient. |
|
| Author: | Mazer [ Mon Mar 06, 2006 12:23 pm ] |
| Post subject: | |
Even better is if you have your encrypted data stored as a comment in a valid JPG image! If they can view the image without errors, they're less likely so suspect that you're hiding something (as long as your encrypted data isn't too large). |
|
| Author: | md [ Mon Mar 06, 2006 2:09 pm ] |
| Post subject: | |
If your going to so that there are all sorts of interesting things you can do. Like say break the data into 2 bit chucks and store the chunks in the last two bits of the pixel data. The image will look a little funky; but it's the simplest aproach (there are many more complex ones). |
|
| Author: | TokenHerbz [ Tue Mar 07, 2006 12:03 am ] | ||
| Post subject: | |||
I am actually going to use a fcn. Ex.
But... Now im having troubles "reversing" this... |
|||
| Author: | [Gandalf] [ Tue Mar 07, 2006 12:13 am ] | ||||
| Post subject: | |||||
Ehm... What's the opposite of adding 5? Subtracting 5, right? So:
Becomes:
|
|||||
| Author: | TokenHerbz [ Tue Mar 07, 2006 12:23 am ] |
| Post subject: | |
yeah i figures it out, i was trying to "get uncode (variable)" when it should be get variable, then variable := uncode variable:: But.. coding the "numbers" and "booleans" are proven to be harder then i have antisipated. |
|
| Author: | MysticVegeta [ Tue Mar 07, 2006 10:52 am ] |
| Post subject: | |
To tell you the truth this thread shouldnt have gone more than 1 page. But I still agree with Cornflake, whats the point of all that encrypting when you can just compile the exe... I am sure wtd would also agree to this. |
|
| Author: | TokenHerbz [ Tue Mar 07, 2006 3:28 pm ] |
| Post subject: | |
the encoding is not for the game but for the save file of the game, i want to prevent users from changing information  Besides, its a feature i want to add for practice, but yeah, its for the .txt file which is saved into. |
|
| Author: | Delos [ Tue Mar 07, 2006 4:06 pm ] |
| Post subject: | |
TokenHerbz wrote: yeah i figures it out, i was trying to "get uncode (variable)" when it should be
get variable, then variable := uncode variable:: But.. coding the "numbers" and "booleans" are proven to be harder then i have antisipated. This is getting ridiculous. If you have numbers, convert them to strings and perform your transformations on them. Convert back to numbers (real/int) when you read them back in. For your booleans, convert them to a string (eg, true = "yes", false = "no") and do the same. |
|
| Author: | md [ Tue Mar 07, 2006 8:47 pm ] |
| Post subject: | |
if your just protecting high scores all you need to do is store teh high score data and a hash of some kind. If they change the high scores data then the hash would show it was changed and you can drop that score. Easy as pie. |
|