EvilZone
Programming and Scripting => C - C++ => : NHAS April 05, 2014, 06:59:42 AM
-
Well at the moment I'm making a small message server/client that you can also pass remote commands to through the messaging interface.
And I needed to get some type of encryption that is hopefully secure enough for local lan use at the moment. But I'm probably going to use it over the internet once I get it working correctly.
At the moment I'm toying around with using srand() and rand() in conjunction a simple XOR cipher to do the job.
Just wanted to hear another person's ideas about what else I could do or if this is good enough.
The attachment is the .cpp file that contains what I've got so far in the ways of encryption.
-
Use a one-time pad. End of story. It's simple and it's unbreakable if you use it once. Also, never use rand() etc. for encryption. Use your own algorithm for randomness you can verify. If you really want to use rand(), don't, use the C++11 equivalent, uniform_int_distribution.
-
Yeah, Ive thought about using the one time pad. But for this messaging/remote control program its impractical because for the OTP to work its needs a key as long as the message and it cant be used twice which makes sharing and using keys very hard.
Also I agree about not using rand(), this was just an example for what I was thinking of doing.
Any other encryption types you can thing of that I could use?
-
Use ROT26 and you'll be ok :P
Also you might wanna try TEA (Tiny Encryption Algorithm). It's tiny, fast and simple.
-
Use ROT26 and you'll be ok :P
Also you might wanna try TEA (Tiny Encryption Algorithm). It's tiny, fast and simple.
Hmm havent seen ROT26 I'll have a look. Ive seen an implementation of TEA in C but I wasnt sure how to recreate it in C++.
Thanks for the reply/s
EDIT: Hahaha ROT26, hilarious.
-
Yeah, Ive thought about using the one time pad. But for this messaging/remote control program its impractical because for the OTP to work its needs a key as long as the message and it cant be used twice which makes sharing and using keys very hard.
Also I agree about not using rand(), this was just an example for what I was thinking of doing.
Any other encryption types you can thing of that I could use?
What's the problem with the key being as long as the message?
That's why they invented RC4. You give it one key (no matter how long) and it produces random numbers based on that key. That's exactly what you need.
If you use XOR encryption with a key twice it is vulnerable to the keystream reuse attack. So there is no way around it. You either use XOR with a one time pad or you use another encryption; otherwise it is not safe at all.
-
Thanks Deque I'll give that a go, and tell you how that works out.
-
Well ive been working on it today and this is what ive got so far.
What do you guys think about it ?
Just for credit I didn't make the pseudo random string generator but I did modify it to my needs. I found the prsg here: http://bradconte.com/rc4_c