995 posts
Location
Canada
Posted 23 October 2013 - 07:16 PM
EDIT: Fixed. Thanks!I have been wondering how to go about encrypting text, client-side, before transmission via Rednet to a password server. What I want to achieve is
this but to have the passwords encrypted on the user's computer before sent to the server, which can decrypt the password. I do not need something super-complex, but something that would not be super easy to crack on a public ComputerCraft server. I am able to use the HTTP API, if you wanted to use an online encryption service.
331 posts
Posted 23 October 2013 - 07:47 PM
function encrypt(string)
local out = ""
for i = 1, #string do
local char = string:sub(i,i)
local sNum = char:byte()
local oNum = sNum + 47
if oNum > 127 then
oNum = oNum - 94
end
out = out .. string.char(oNum)
end
return out
end
function decrypt(string)
local out = string.gsub(encrypt(string),"~"," ")
return out
end
-- use like
a = encrypt("string to encrypt here")
print(a)
print(decrypt(a))
that is a pretty simple process not the best though search through the Apis and utilities and you should find a few
1522 posts
Location
The Netherlands
Posted 23 October 2013 - 07:51 PM
-snip-
ehh.. thats not encrypting. Have a read of the wiki page:
http://en.wikipedia.org/wiki/Encryption
331 posts
Posted 23 October 2013 - 08:03 PM
In an encryption scheme, the message or information (referred to as plaintext) is encrypted using an encryption algorithm, turning it into an unreadable ciphertext (ibid.).
995 posts
Location
Canada
Posted 23 October 2013 - 10:56 PM
I do not need something super-complex, but something that would not be super easy to crack on a public ComputerCraft server.
All I need is
something to stop the reading of passwords as they are transmitted via Rednet to a password server, so it works fine,
331 posts
Posted 23 October 2013 - 11:56 PM
I do not need something super-complex, but something that would not be super easy to crack on a public ComputerCraft server.
All I need is
something to stop the reading of passwords as they are transmitted via Rednet to a password server, so it works fine,
my way will work all you need to do is this to implement it
client code
local text = read("*")
rednet.send(serverID, encrypt(text) )
text = nil
server code
local id,message,distance = rednet.receive()
if id == clientId then
message = decrypt(message)
end
print(message)
now this isnt as secure because if someone knew you were using this method they could easily get the decrypt function from this thread and use it on the message they receive
if you want to be more secure see these:
http://www.computerc...tion-functions/http://www.computerc...ft-crypto-rev1/http://www.computercraft.info/forums2/index.php?/topic/8836-rc4-encryption-api/http://www.computercraft.info/forums2/index.php?/topic/4030-working-password-based-encryption/as they are password dependent and aslong as only you know the password then its safe
7508 posts
Location
Australia
Posted 24 October 2013 - 12:24 AM
In an encryption scheme, the message or information (referred to as plaintext) is encrypted using an encryption algorithm, turning it into an unreadable ciphertext (ibid.).
Exactly
encryption algorithm, what you've made is an
encoding algorithm you're just swapping from one encoding scheme (ASCII) to another, that in no way infers that it is an encryption scheme, since an encryption requires a key, and the same key to reverse the process. There are 3 forms of obfuscation, encryption, hashing, and encoding. You've made the latter.
7083 posts
Location
Tasmania (AU)
Posted 24 October 2013 - 07:42 AM
All I need is something to stop the reading of passwords as they are transmitted via Rednet to a password server, so it works fine,
Bear in mind that if all you're obfuscating is the passwords, then you're not really achieving much.
All rednet communications can be tapped. There's nothing to stop someone intercepting an encoded password transmission, then later passing that intercepted copy of the encoded password to your server machine - which'll of course accept it as-is. People don't even need to work out what the actual passwords look like.
And of course, if you're not encoding other communications then anyone can simply read them.
995 posts
Location
Canada
Posted 26 October 2013 - 12:37 PM
I read the Login with Roaming Profiles page on the CC wiki and wanted something like it. I needed something to obfuscate the password as it is sent via Rednet so that it cannot be read. For now I will use Jay5476's encoder, but I will take a look at the links. Once I find something I like I will implement it as I write programs on a main computer and transfer them over a floppy, but if I encrypt them so that people can't see them, I could just wirelessly send programs over, which is a better alternative in my opinion.
EDIT: I have chosen to use PixelToast's encryption API (the bottom link) as it is easy enough to use while still providing some security. Thanks for the help!