Jump to content
  • Advertisement
Sign in to follow this  
TheFlea

Password

This topic is 4322 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I have a problem with some password. I have original password: J21/251/1994 and result of encrypt... •db_ejb_csri I think to find code ASCII for all of number/letter but i don't see any similitude I need to find the algoritm whice used for this encrypt. How i think?

Share this post


Link to post
Share on other sites
Advertisement
You could ask the program makers, check the program documentation or, if available, the program source.

Usually, passwords are hashed using hash functions, and not encrypted (that is, you cannot compute the password from the hash).

Share this post


Link to post
Share on other sites
first similitude i see is that / is converted into _
9s are converted into different letters, so the "/"s can be an exception.

but if the password is really encrypted and not hashed, it's definitely not a simple shift in ASCII. each current letter may be based on the code of the previous one, that's what's making similar end different, for example. check out how the german enigma machine worked (on wikipedia, for instance), if you want a basic intro in crypto.

Share this post


Link to post
Share on other sites
good password systems are not reversible. generally the pattern is this:

user enters password
password is encrypted/hashed and stored in encrypted form

user re-enters password
password is encrypted
you compare the encrypted with the stored encrypted version

i.e. you never ever store the original password. and you choose an algorithm that is not reversible.

-me

Share this post


Link to post
Share on other sites
So... i maybe have no chance to find this algoritm... so bad :(. If you have some interesting exmples for encryped a password, tell me.
This problem is not closed, if someone have an idea tell me .

Regards, your flea :)

Share this post


Link to post
Share on other sites
typically people use MD5 or some variant thereof. It offers good hashing with very little chance of a collision. It is also not reversible (although since it is deterministic people have been created databases of hashed words so that you can do reverse lookup)

-me

Share this post


Link to post
Share on other sites
Quote:
Original post by TheFlea
I have a problem with some password.

I have original password:
J21/251/1994
and result of encrypt...
•db_ejb_csri


I think to find code ASCII for all of number/letter but I don't see any similitude
I need to find the algoritm whice used for this encrypt.
How i think?


You can find the algorithm used on your own through brute force along with trial and error. I can already tell you it’s probably some form of a substitution or rotating cipher, it is not hashed. You can tell this by the fact that "/" yields "_" along with "1" yielding "b" and "1" -> "c" The alphabetical characters "b" and "c" along with "d" and "e" are close within the ASCII table with only like 1 letter apart difference so +-1. Chances are it is a cipher that does something like:

int value = (int)password;
value += someNumber; OR value -= someNumber;
char newLetter = (char)value;

It may also add or subtract 1 number from the variable someNumber based on its location within the array. I suggest you start by looking at the difference from the entered value and produced value. Find the numeric value that was added or subtracted that made it reach the second value. int('2') - int('d') and so forth.

That looks like quite a weak cipher to be honest. If you are looking to write your own cipher, use something that has already been made and combine it with a few others.

[Edited by - DevLiquidKnight on November 17, 2006 4:35:16 PM]

Share this post


Link to post
Share on other sites
Problem with fixed-length irreversible encryption (a la MD5) is that all the algorithms I've heard of have things called 'collissions'. Where say in the fictional encryption algorithm FEQ17 the encrypted version of 'cat' is 'ab4df456ab432'. But, the encrypted version of 'dog' may also be 'ab4df456ab432'. Therefore if I make an account with the password 'cat' and you're checking encryptions then I can enter 'dog' and gain access because they have the same encryption.

'Course you have to know the algorithm and the encrypted password before you can do it.

Share this post


Link to post
Share on other sites
Quote:
'Course you have to know the algorithm and the encrypted password before you can do it.

It also has to be an insecure algorithm, OR you have to be willing to spend billions of years searching for collisions.

Share this post


Link to post
Share on other sites
Quote:
Original post by Sneftel
It also has to be an insecure algorithm, OR you have to be willing to spend billions of years searching for collisions.


What about the birthday paradox?

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!