355 posts
Germany
Posted 03 April 2013 - 12:51 AM
Edit:
This method is not as 'perfect' as I've described it.
It will protect your files against 98% of attackers. Those who really want to
get the contents will get them if they know how to do it.
If a highly skilled player has access, I would guess he needs about 3 minutes
to figure out what you've done and break it via fs.list from the lua prompt.
(Additionally you could overwrite the fs.list command, but the overwriting process can
be tracked in the startups as everything else too(unless you bytecode it))
The used encryption api is still ok to use, as the work to crack it wouldn't be less as the fs.list backdoor itself.
"If you improve your door lock too much, people will break through the wall next to the door", which basically means
you have to improve your wall, which isn't necassarily possible in computercraft without having a remote service running,
which is 100% secure from unauthorised users.
Prolog:
Welcome to my first tutorial in this forum. Would be nice if you'll give me some suggestions what i should do next or better. So lots of people are working on their own OS. It's a good training to learn to solve all kinds of problems. I think when someone did a complex OS he is able to do whatever he wants to do in Computercraft. Some people are annoyed from all these OS's and how bad they all are and stuff. I'm kind of that guy. But I want to change something instead of just offend the creators. So here a little tutorial of one ADDITIONAL way to protect the OS and the users data.
The way to do it:
I chose the way of encryption. Cryptography is really cool and interresting I thought. And even more, if it's not the "I move every character 3 characters back in the alphabet". Doing it with passwords is a good way. To those that like to script their own encryption should take a look to the string.byte and string.char methods/functions in the string API. Doing your own will increase your skills and causes (in the most cases) more protection.
But here is my encryption/decryption API:
Now the idea:
So, my idea for this tutorial is to protect the main folder of the os and the user documents in it(they should be all in one folder next to the os but not in the root directory). This directory should be in another randomly genarated and invisible(means a . before the name of it) directory. After that the path to the os get encrypted by any password your user chose and saved in some way. A startup with a kind of login can see the encrypted path and trys to decrypt it by the input of the player. it checks the decrypted path after existance and starts the os it self. Now in order for an installer of your OS:
~InDieTasten
This method is not as 'perfect' as I've described it.
It will protect your files against 98% of attackers. Those who really want to
get the contents will get them if they know how to do it.
If a highly skilled player has access, I would guess he needs about 3 minutes
to figure out what you've done and break it via fs.list from the lua prompt.
(Additionally you could overwrite the fs.list command, but the overwriting process can
be tracked in the startups as everything else too(unless you bytecode it))
The used encryption api is still ok to use, as the work to crack it wouldn't be less as the fs.list backdoor itself.
"If you improve your door lock too much, people will break through the wall next to the door", which basically means
you have to improve your wall, which isn't necassarily possible in computercraft without having a remote service running,
which is 100% secure from unauthorised users.
Prolog:
Welcome to my first tutorial in this forum. Would be nice if you'll give me some suggestions what i should do next or better. So lots of people are working on their own OS. It's a good training to learn to solve all kinds of problems. I think when someone did a complex OS he is able to do whatever he wants to do in Computercraft. Some people are annoyed from all these OS's and how bad they all are and stuff. I'm kind of that guy. But I want to change something instead of just offend the creators. So here a little tutorial of one ADDITIONAL way to protect the OS and the users data.
The way to do it:
I chose the way of encryption. Cryptography is really cool and interresting I thought. And even more, if it's not the "I move every character 3 characters back in the alphabet". Doing it with passwords is a good way. To those that like to script their own encryption should take a look to the string.byte and string.char methods/functions in the string API. Doing your own will increase your skills and causes (in the most cases) more protection.
But here is my encryption/decryption API:
Spoiler
function encrypt(sText, sKey)
if #sKey >= #sText then
error("Text needs to be longer than the Passphrase")
end
local tKeyNum = {}
for i = 1, #sKey,1 do
tKeyNum[i] = string.byte(sKey,i,i)
end
local tTextNum = {}
for i = 1, #sText,1 do
tTextNum[i] = string.byte(sText,i,i)
end
local tCryptNum = {}
for i = 1,#sText,1 do
if i <= #sKey then
tCryptNum[i] = tTextNum[i] + tKeyNum[i]
else
if i%(#sKey) == 0 then
tCryptNum[i] = tTextNum[i] + tKeyNum[i%(#sKey)+1]
else
tCryptNum[i] = tTextNum[i] + tKeyNum[i%(#sKey)]
end
end
end
local tEncryptedText = {}
for i = 1,#sText,1 do
tEncryptedText[i] = string.char(tCryptNum[i])
end
local sEncryptedText = ""
for i = 1,#sText,1 do
sEncryptedText = sEncryptedText..tostring(tEncryptedText[i])
end
print(sEncryptedText)
return sEncryptedText
end
function decrypt(sEncryptedText, sKey)
if #sKey >= #sEncryptedText then
error("Passphrase needs to be shorter than Text")
end
local tKeyNum = {}
for i = 1, #sKey,1 do
tKeyNum[i] = string.byte(sKey,i,i)
end
local tEncryptedTextNum = {}
for i = 1, #sEncryptedText,1 do
tEncryptedTextNum[i] = string.byte(sEncryptedText,i,i)
end
local tTextNum = {}
for i = 1,#sEncryptedText,1 do
if i <= #sKey then
tTextNum[i] = tEncryptedTextNum[i] - tKeyNum[i]
else
if i%(#sKey) == 0 then
tTextNum[i] = tEncryptedTextNum[i] - tKeyNum[i%(#sKey)+1]
else
tTextNum[i] = tEncryptedTextNum[i] - tKeyNum[i%(#sKey)]
end
end
end
local tText = {}
for i = 1,#sEncryptedText,1 do
tText[i] = string.char(tTextNum[i])
end
local sText = ""
for i = 1,#sEncryptedText,1 do
sText = sText..tostring(tText[i])
end
print(sText)
return sText
end
Now the idea:
So, my idea for this tutorial is to protect the main folder of the os and the user documents in it(they should be all in one folder next to the os but not in the root directory). This directory should be in another randomly genarated and invisible(means a . before the name of it) directory. After that the path to the os get encrypted by any password your user chose and saved in some way. A startup with a kind of login can see the encrypted path and trys to decrypt it by the input of the player. it checks the decrypted path after existance and starts the os it self. Now in order for an installer of your OS:
1. generate a random path for the main directory of the os and user data
2. get some login details(username & pw) from the user
3. encrypt the path with these logIn details
4. install the os itself at this path
5. generate the startup with the information of the encrypted path
6. have a more secure OS
~InDieTasten
Edited on 11 January 2015 - 02:55 PM
