• FEATURED
• FEATURED
• FEATURED
• FEATURED
• FEATURED

View more

View more

View more

### Image of the Day Submit

IOTD | Top Screenshots

### The latest, straight to your Inbox.

Subscribe to GameDev.net Direct to receive the latest updates and exclusive content.

# What do you think of my encryption algorithm

Old topic!

Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.

30 replies to this topic

### #1Vortez  Members

Posted 19 April 2013 - 02:58 AM

I just wanted to know what you think about this little encryption algorithm i though off by myself last year after discovering that my old one wasen't very secure (encrypting an image in raw form would still leave a recognisable trace of the original image). Basically, it's really simple but effective, and only take about 100 lines of code.

First, i start by creating a 32 bit hash value from a crc32 algorithm using all the chars in the password key. This value is then used to initialise the random number generator (which is the mesmene twister algorithm found on wikipedia). Then, for every byte to encrypt, i xor it with the next random value returned (i know i should use the full 32 bit value instead but for now it make the algo simpler).

I also have an optional bool to encrypt it more times using every letters of the key as a hash to initialise severals more RNGs, then repeat the process above for every letters, but it take more time.

The result is very good, even with one pass. Encrypting an image using this technique generate pure noisy image (every byte from 0 to 255 have about the same distribution with almost no variation; ie. 0.39% or 1 / 256) and is pretty much uncompressable.

Did i just find by accident the best encryption algoritm you can write? And by "find" i dont mean discover because im pretty sure this already been done before...

Edited by Vortez, 19 April 2013 - 03:08 AM.

### #2Brother Bob  Moderators

Posted 19 April 2013 - 03:35 AM

The strength of an encryption algorithm is not how noisy the image is, but how hard it is to reverse the process without knowing the key.

If you have a 32-bit seed, you only have 232 different possible random number sequences to evaluate. If you know or assume, for example, that the image is a sprite sheet with black background, you can just decrypt the first few pixels and see if they are all black. If they are, you can assume you have found a key that can decrypt the whole image and proceed to decrypt the entire image.

Sounds like an extremely weak cryptographic algorithm if you can make just a tiny assumption about the data it contains.

### #3Brother Bob  Moderators

Posted 19 April 2013 - 03:46 AM

Actually, now when I think about it, your algorithm is much worse than that. Since you only encrypt a byte at a time, and the sequence of random numbers is fully known, you effectively only have a 8-bit XOR cipher. Not only is brute force viable, but even manual brute force BY HAND is viable since you effectively only have an 8-bit key and thus 256 combinations to manually examine.

### #4Vortez  Members

Posted 19 April 2013 - 03:47 AM

Yes, that's why i said you can then add more loops by using a hash for every letter in the password, and even more loops if needed.

You would also have to know the algoritmh used by the RGN.

Ex.

The password "password" would give 1 hash value, then every letter of the pw (8 in this case) would give 8 more hash value. For each hash we xor the data using the above algoritmh by initializing the rgn with the said hash value. Then the entire process could be repeated as many time as wanted.

I beleive in this case it would be pretty darn hard to decrypt.

And yes the 8 bit issue is something i plan to resolve when i have the time.

Edited by Vortez, 19 April 2013 - 03:54 AM.

### #5Brother Bob  Moderators

Posted 19 April 2013 - 03:55 AM

Your algorithm to generate the random numbers is trivially known. Not only did you say which one you use in your first post, but one can just examine your code and figure it out.

Making several passes with an XOR algorithm is useless. If you make an XOR pass with key A, and then second XOR pass with key B, and a third XOR pass with key C, and so on for how many times you want, then that would be the same as a single pass with the key (A XOR B XOR C XOR... ). No matter how many XOR passes you do, you can decrypt, and consequently crack it, it with a single XOR pass.

If you use different passwords for the different passes, then that would be equivalent to having a single pass with a longer password (or rather, each additional password adds another 32-bits to the seed; not that the combined passwords would generate a stronger single 32-bit initial seed). But, that also multiple passwords.

Edited by Brother Bob, 19 April 2013 - 03:56 AM.

### #6Vortez  Members

Posted 19 April 2013 - 04:07 AM

Making several passes with an XOR algorithm is useless. If you make an XOR pass with key A, and then second XOR pass with key B, and a third XOR pass with key C, and so on for how many times you want, then that would be the same as a single pass with the key (A XOR B XOR C XOR... ). No matter how many XOR passes you do, you can decrypt, and consequently crack it, it with a single XOR pass.

But shouln't the difficulty increase with each pass??? i mean 2^32 * 2^32 * 2^32 shound't be better than simply 2^32?

### #7Brother Bob  Moderators

Posted 19 April 2013 - 04:17 AM

If you have different keys based on different passwords, then yes, that is what I mentioned in the paragraph below the one you quoted. But my quote still remains a valid concern in that you can combine the keys and decrypt once, so you still have another point of attack; you can focus on the random sequences instead of, or as well as, on the data.

But your additional passes based on the individual letters are not very strong. If you have a text password, each letter only contributes with roughly 6 bits of entropy assuming upper and lower letters and some common symbols. In your case, 8 XOR passes with a 6-bit key is not a lot.

### #8Vortez  Members

Posted 19 April 2013 - 04:30 AM

I think i see what you mean. so 6 bits * 8 chars in this case would give 48 bit of entropy for the key?

I also read somewhere in an encryption book that it dosen't matter if an attacker know your algoritm as long as your data is well encrypted with a proper key, it should't be crackable.

Edited by Vortez, 19 April 2013 - 04:31 AM.

### #9dave j  Members

Posted 19 April 2013 - 04:31 AM

POPULAR

The golden rule for programmers producing their own encryption algorithms is "DON'T". Anything you produce is likely to provide very poor security. Just pick one of the established algorithms designed by cryptography experts that's easy to implement (like XTEA).

Unless of course you're interested in cryptography. In which case you're better off studying the existing algorithms and what makes them effective rather than trying to come up with something new from scratch.

### #10Brother Bob  Moderators

Posted 19 April 2013 - 04:46 AM

I think i see what you mean. so 6 bits * 8 chars in this case would give 48 bit of entropy for the key?

Effectively, yes. You also have to remember that you lose entropy because of the fact that the first 32-bit key uses the same password source as the subsequent passes. In fact, it may even render the initial pass useless if I'm thinking correctly about this, since, given a set of 8-bit keys, there can only be one initial 32-bit key.

### #11TechnoGoth  Members

Posted 19 April 2013 - 07:32 AM

As you said for encryption to be secure you have to assume that the attacker knows the algorithm.

Also 32 bit sounds like an awful trivial secure key.  Considering something like RSA which has been around for over 35 years uses keys over 1024 bit in length.

### #12Vortez  Members

Posted 19 April 2013 - 08:13 AM

Well, as i said i use multiples 32 bits hash keys (that i get from 1 string and n number of bytes making the string), so that must help i guess, im not trying to make a flawless encryptor, just something to prevent most people to intercept and decrypt my data and files, it dosen't need to be "military" strong encryption. I just find the algorithm pretty cool, work way better than my old add, shift rotate ect cypher which was flawed(since you could still guess what was in a picture after encrypting it), and can't find anything similar on the internet either. What i love about it is that it produce, for the first time, truly random data that i believe cannot be deciphered without knowing the algorithm. Im sure nobody except people with good knowledge of cryptanalist could decipher it using brute force alone. Of course, if the algorithm is known, then it's another story...

I'll try to post some pictures if i can find the old algorithm later to show what i mean.

Edited by Vortez, 19 April 2013 - 08:26 AM.

### #13Brother Bob  Moderators

Posted 19 April 2013 - 08:28 AM

You have to keep one thing in mind; it's not the bit length of the hash that is relevant, but the entropy of its source. If the source has less than 32 bits of entropy, then so will the hash. If you take the hash of every character of your password individually to get a set of keys, then each key has no more than 6 bits of entropy even if you calculate a 32-bit hash from it, since those 6 bits can only possibly generate 64 of the roughly 4.2 billion possible 32-bit hashes. One possible idea here could be to split the password into sets of 6 characters (6 characters then providing 36 bits, just above 32-bits for a hash), and do as many passes as you have 6-character sets.

If all you are after is a simple protection from the average user, then a single XOR pass with a PRNG seeded by a 32-bit hash of the password is probably more than enough for what you need. Who knows, it may even be enough to just rename your image.png to image.whatever and skip encryption entirely and get away with it.

You also have to be aware of one more thing if the intent is to protect game assets. If you, for example, upload your image as a texture, then it is quite a trivial task to intercept the data itself as you pass it to, say, OpenGL. No amount of encryption will help you here, since the OpenGL API provides only unencrypted data transfer.

Edited by Brother Bob, 19 April 2013 - 08:30 AM.

### #14Álvaro  Members

Posted 19 April 2013 - 08:39 AM

and can't find anything similar on the internet either.

You must not be very good at searching the Internet. It took me about 20 seconds: http://en.wikipedia.org/wiki/Stream_cipher

### #15Álvaro  Members

Posted 19 April 2013 - 08:44 AM

Oh, there is also a Wikipedia page on the weaknesses of this type of encryption scheme: http://en.wikipedia.org/wiki/Stream_cipher_attack

### #16Vortez  Members

Posted 19 April 2013 - 08:57 AM

You have to keep one thing in mind; it's not the bit length of the hash that is relevant, but the entropy of its source. If the source has less than 32 bits of entropy, then so will the hash. If you take the hash of every character of your password individually to get a set of keys, then each key has no more than 6 bits of entropy even if you calculate a 32-bit hash from it, since those 6 bits can only possibly generate 64 of the roughly 4.2 billion possible 32-bit hashes. One possible idea here could be to split the password into sets of 6 characters (6 characters then providing 36 bits, just above 32-bits for a hash), and do as many passes as you have 6-character sets.

Yea, i agree this should be improved, i wrote this thing in a day, about a year ago, so i might need to fiddle with it a little more. And the only 2 things i could think of to use it would be for files and network encryption.

And thx for the link Alvaro.

Here's the examples pics i was talking about:

This is the original image

This is the encrypted image using my old code (this is the best i could get before, and the first version was wayyy worst)

And this is the encrypted one using the new algo descripted above

hehe you could see the patern in the old code pretty well, at the time i tough it was fine... until i checked it out this way.

Still pretty good for something home made i guess.

Edited by Vortez, 19 April 2013 - 09:18 AM.

### #17Bluefirehawk  Members

Posted 19 April 2013 - 09:49 AM

Did i just find by accident the best encryption algoritm you can write?

No.

@Avaro or Vortez: also Block Cipher Chaining is also something very similar.

If you are really that interested, I can ask my Cryptology professor (I hope that's the word in english and not some strange religion) how breakable your algorithm is, but I would guess that it is pretty bad even compared to RSA. (Today, nobody would be using RSA encryption, there are just too many problems with it. But it is widely used, so until somebody comes up with the death strike for RSA. That happens as soon as the quantum computers can factorize bigger numbers).

Let's examine quickly where your cryptographic power lies: You generate a hash from your password. No power is hidden here, it is the same as if you would use a random 32 bit value.
Then you create a pseudo random number with the Mersenne Twister. After that you make an XOR operation with the pseudo random number. So your whole power lies in the strenght of Mersenne Twister. I don't now much about it, but it isn't used in cryptography because the next pseudo number can easily be guessed when you have some.
Plus as the link suggests, when you reuse a password, you are pretty much done, which isn't a very useful cipher in the modern age.

There is a reason why you tend to have a bachelor in mathematics before you specialize in Cryptography. While it can happen that you find the next super cipher, the chances that you do are very slim.

There are a LOT of ciphers out there that can fit your need, RSA, modern DES algos, even modified Vignere Ciphers may be more secure. For a Programmer, there is absolutely NO reason to not use a standard cipher. They have been very well researched and are VERY secure ("the hidden world" may know how to break it, but that is always a chance for people like us).

Edited by Bluefirehawk, 19 April 2013 - 09:51 AM.

Project: Project
Setting fire to these damn cows one entry at a time!

### #18wintertime  Members

Posted 19 April 2013 - 12:44 PM

Getting the numbers from a pseudo-random number generator and using it for an endless xor "encryption" is pretty much the first thing ANY novice programmer comes up with(because the is no complicated algorithm involved) and it is bad because these numbers are not truely random (just barely random enough for feeding them into a game).

I get the feeling this thread was probably made to show how clever a technique that is, which it is not and OP is more focused on defending it than listening to better alternatives people repeatedly told. Its a weak cipher and you cannot improve on it much. Please do yourself a favor and find a real encryption algorithm thats tested already and use that.

### #19Promit  Senior Moderators

Posted 19 April 2013 - 01:01 PM

Having sat through a course and done all the math and derivations for graduate level cryptography, I strongly suggest you learn the basics of cryptographic functions and how to reason about them in a rigorous way. The symmetric stuff isn't that difficult. There are a lot of issues even in the responses here; I don't want to call anybody out in particular but there are way more fundamental issues involved than entropy. Consider something like Bruce Schneier's Applied Cryptography as a good introduction to the field that can be had for cheap.

Some basic problems that are notable immediately:

* We don't have a working definition of what constitutes secure.

* Mersenne Twister isn't a cryptographically secure RNG and is thus highly inappropriate for this type of use.

* The mathematical properties of XOR make the multi-pass thing totally ineffective, as mentioned previously.

* XOR the whole message against some value is guaranteed to return some correct bytes of the message.

Edited by Promit, 19 April 2013 - 02:51 PM.

SlimDX | Shark Eaters for iOS | Ventspace Blog | Twitter | Proud supporter of diversity and inclusiveness in game development

### #20wack  Members

Posted 19 April 2013 - 01:07 PM

As you said for encryption to be secure you have to assume that the attacker knows the algorithm.

Also 32 bit sounds like an awful trivial secure key.  Considering something like RSA which has been around for over 35 years uses keys over 1024 bit in length.

It's not really comparable that way, RSA is an asymmetric cipher. The thread is about a stream cipher. Apples to oranges.

But I agree that the security of the discussed cipher is trivial.

Old topic!

Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.