This is a read-only snapshot of the ComputerCraft forums, taken in April 2020.
awsmazinggenius's profile picture

[fixed - Thanks]what's The Best Way To Encrypt Text For Rednet Transmission?

Started by awsmazinggenius, 23 October 2013 - 05:16 PM
awsmazinggenius #1
Posted 23 October 2013 - 07:16 PM
EDIT: Fixed. Thanks!

I have been wondering how to go about encrypting text, client-side, before transmission via Rednet to a password server. What I want to achieve is this but to have the passwords encrypted on the user's computer before sent to the server, which can decrypt the password. I do not need something super-complex, but something that would not be super easy to crack on a public ComputerCraft server. I am able to use the HTTP API, if you wanted to use an online encryption service.
jay5476 #2
Posted 23 October 2013 - 07:47 PM

function encrypt(string)
   local out = ""
   for i = 1, #string do
      local char = string:sub(i,i)
      local sNum = char:byte()
      local oNum = sNum + 47
      if oNum > 127 then
         oNum = oNum - 94
      end
      out = out .. string.char(oNum)
   end
   return out
end
function decrypt(string)
   local out = string.gsub(encrypt(string),"~"," ")
   return out
end

-- use like
a = encrypt("string to encrypt here")
print(a)
print(decrypt(a))
that is a pretty simple process not the best though search through the Apis and utilities and you should find a few
Engineer #3
Posted 23 October 2013 - 07:51 PM
-snip-

ehh.. thats not encrypting. Have a read of the wiki page: http://en.wikipedia.org/wiki/Encryption
jay5476 #4
Posted 23 October 2013 - 08:03 PM
In an encryption scheme, the message or information (referred to as plaintext) is encrypted using an encryption algorithm, turning it into an unreadable ciphertext (ibid.).
awsmazinggenius #5
Posted 23 October 2013 - 10:56 PM
I do not need something super-complex, but something that would not be super easy to crack on a public ComputerCraft server.

All I need is something to stop the reading of passwords as they are transmitted via Rednet to a password server, so it works fine,
jay5476 #6
Posted 23 October 2013 - 11:56 PM
I do not need something super-complex, but something that would not be super easy to crack on a public ComputerCraft server.

All I need is something to stop the reading of passwords as they are transmitted via Rednet to a password server, so it works fine,
my way will work all you need to do is this to implement it
client code

local text = read("*")
rednet.send(serverID, encrypt(text) )
text = nil
server code

local id,message,distance = rednet.receive()
if id == clientId then
message = decrypt(message)
end
print(message)
now this isnt as secure because if someone knew you were using this method they could easily get the decrypt function from this thread and use it on the message they receive
if you want to be more secure see these:
http://www.computerc...tion-functions/
http://www.computerc...ft-crypto-rev1/
http://www.computercraft.info/forums2/index.php?/topic/8836-rc4-encryption-api/
http://www.computercraft.info/forums2/index.php?/topic/4030-working-password-based-encryption/
as they are password dependent and aslong as only you know the password then its safe
theoriginalbit #7
Posted 24 October 2013 - 12:24 AM
In an encryption scheme, the message or information (referred to as plaintext) is encrypted using an encryption algorithm, turning it into an unreadable ciphertext (ibid.).
Exactly encryption algorithm, what you've made is an encoding algorithm you're just swapping from one encoding scheme (ASCII) to another, that in no way infers that it is an encryption scheme, since an encryption requires a key, and the same key to reverse the process. There are 3 forms of obfuscation, encryption, hashing, and encoding. You've made the latter.
Bomb Bloke #8
Posted 24 October 2013 - 07:42 AM
All I need is something to stop the reading of passwords as they are transmitted via Rednet to a password server, so it works fine,
Bear in mind that if all you're obfuscating is the passwords, then you're not really achieving much.

All rednet communications can be tapped. There's nothing to stop someone intercepting an encoded password transmission, then later passing that intercepted copy of the encoded password to your server machine - which'll of course accept it as-is. People don't even need to work out what the actual passwords look like.

And of course, if you're not encoding other communications then anyone can simply read them.
awsmazinggenius #9
Posted 26 October 2013 - 12:37 PM
I read the Login with Roaming Profiles page on the CC wiki and wanted something like it. I needed something to obfuscate the password as it is sent via Rednet so that it cannot be read. For now I will use Jay5476's encoder, but I will take a look at the links. Once I find something I like I will implement it as I write programs on a main computer and transfer them over a floppy, but if I encrypt them so that people can't see them, I could just wirelessly send programs over, which is a better alternative in my opinion.

EDIT: I have chosen to use PixelToast's encryption API (the bottom link) as it is easy enough to use while still providing some security. Thanks for the help!