134 posts
Salt Lake, UT
Posted 22 June 2012 - 12:02 AM
I am encrypting messages and was wondering how i break up words and such to encrypt them. I am new to encryption and am not exactly all knowledgeable. And suggestions?
This is a read-only snapshot of the ComputerCraft forums,
taken in April 2020.
encrypting
Started by tfoote, 21 June 2012 - 10:02 PM
1604 posts
Posted 22 June 2012 - 12:06 AM
What kind of encryption do you use?
And why do you want to split the words? you should encrypt the whole string.
And why do you want to split the words? you should encrypt the whole string.
134 posts
Salt Lake, UT
Posted 22 June 2012 - 12:19 AM
How? I don't have anything coded yet… I have looked at the keymapper api but i don't think that is it…
1604 posts
Posted 22 June 2012 - 12:27 AM
:P/>/>How? I don't have anything coded yet… I have looked at the keymapper api but i don't think that is it…
Well, first things first, what do you need to encrypt? passwords? network messages? files?
For passwords you should use some hashing algorithm, like md5 or sha.
For network messages, use asymetric key encryption.
And for files and other things, you probably want to use symetric key encryption.
There's a lot of hashing/encryption algorithms, you need to use the one that fits your needs (or create your own).
134 posts
Salt Lake, UT
Posted 22 June 2012 - 12:29 AM
Im setting up a Server inside a server… It composes of firewalls, e-mail, FTP, Chat. I need to know how to encrypt
351 posts
Posted 22 June 2012 - 12:46 AM
Right, how about this… you make the email, ftp, firewall, and chat all work first, and create a dummy encryption function for now (like "function encrypt(str) return str end") and then get to it once you have something to secure.
Encryption is very very very hard to do right. If you want to come up with some random not-very-secure encryption of your own, use string.bytes and string.char to get it in and out of a more easy to use format.
Encryption is very very very hard to do right. If you want to come up with some random not-very-secure encryption of your own, use string.bytes and string.char to get it in and out of a more easy to use format.
134 posts
Salt Lake, UT
Posted 22 June 2012 - 12:49 AM
I like your thinking… I'll do that… But i still want you to post how to encrypt so that when im ready i will have an e-mail from this forum on how to do it.
1604 posts
Posted 22 June 2012 - 01:15 AM
Again, it depends on what you need to encrypt.
I suppose that asymetric key encryption would be the best for network things, but I don't think it's necesary, since with modems you can send messages between two computers and noone else can see it.
If you still want to add encryption, do some research on the existing algorithms and how they work.
I suppose that asymetric key encryption would be the best for network things, but I don't think it's necesary, since with modems you can send messages between two computers and noone else can see it.
If you still want to add encryption, do some research on the existing algorithms and how they work.
92 posts
Posted 22 June 2012 - 05:00 AM
Should be relatively secure, of course if anyone figures out how you're encrypting it, there's a very easy way to decode this.
The way I would encrypt this would be to add another function that breaks down each "line" of output and multiplies each char code by a user-defined number. This number would then be sent at the very beginning of any rednet message so that the receiving computer can decode the message. Any computers spying will only get a string of huge numbers that won't mean anything. I probably will add this and a decoder to bosschat since I've done the legwork already.
To further screw with spy's, reverse each word before encryption, then reverse the entire table. Then laugh as they flip their tables trying to code a way around your encryption.
(╯°□°)╯︵ ┻━┻
Sample output:
term.clear()
term.setCursorPos(1, 1)
local iEncrypt = nil
local sMessage = nil
local tWords = {}
function NULLencrypt(tWords) --tried to encrypt as a whole before I realized I could do it during table.insert
for i = 1, #tWords do --function NULLencrypt is not necessary in program code as it is not used
local sTemp = nil
for i = 1, string.len(tWords[i]) do
if i == 1 then
sTemp = tWords[i]:byte(i)
else
sTemp = sTemp .. " " .. tWords[i]:byte(i)
end
tWords[i] = sTemp
end
end
return true
end
function encrypt(string)
local sTemp = nil
for i = 1, string.len(string) do
if i == 1 then
sTemp = string:byte(i)
else
sTemp = sTemp .. " " .. string:byte(i)
end
end
return sTemp
end
term.write("Enter message: ")
sMessage = tostring(io.read())
for match in string.gmatch(sMessage, "[^ t]+") do
table.insert( tWords, encrypt(match) .. "b" )
end
for i = 1, #tWords do
print(tWords[i])
endThe way I would encrypt this would be to add another function that breaks down each "line" of output and multiplies each char code by a user-defined number. This number would then be sent at the very beginning of any rednet message so that the receiving computer can decode the message. Any computers spying will only get a string of huge numbers that won't mean anything. I probably will add this and a decoder to bosschat since I've done the legwork already.
To further screw with spy's, reverse each word before encryption, then reverse the entire table. Then laugh as they flip their tables trying to code a way around your encryption.
(╯°□°)╯︵ ┻━┻
Sample output:
Spoiler
Enter message: HEY, I JUST MET YOU, AND THIS IS CRAZY. BUT HERE'S MY NUMBER, SO CALL ME MAYBE. --' Now may this song be stuck in your head forever.
72 69 89 44b
73b
74 85 83 84b
77 69 84b
89 79 85 44b
65 78 68b
84 72 73 83b
73 83b
67 82 65 90 89 46b
66 85 84b
72 69 82 69 39 83b
77 89b
78 85 77 66 69 82 44b
83 79b
67 65 76 76b
77 69b
77 65 89 66 69 46b
496 posts
New Zealand
Posted 22 June 2012 - 05:32 AM
Should be relatively secure, of course if anyone figures out how you're encrypting it, there's a very easy way to decode this.term.clear() term.setCursorPos(1, 1) local iEncrypt = nil local sMessage = nil local tWords = {} function NULLencrypt(tWords) --tried to encrypt as a whole before I realized I could do it during table.insert for i = 1, #tWords do --function NULLencrypt is not necessary in program code as it is not used local sTemp = nil for i = 1, string.len(tWords[i]) do if i == 1 then sTemp = tWords[i]:byte(i) else sTemp = sTemp .. " " .. tWords[i]:byte(i) end tWords[i] = sTemp end end return true end function encrypt(string) local sTemp = nil for i = 1, string.len(string) do if i == 1 then sTemp = string:byte(i) else sTemp = sTemp .. " " .. string:byte(i) end end return sTemp end term.write("Enter message: ") sMessage = tostring(io.read()) for match in string.gmatch(sMessage, "[^ t]+") do table.insert( tWords, encrypt(match) .. "b" ) end for i = 1, #tWords do print(tWords[i]) end
The way I would encrypt this would be to add another function that breaks down each "line" of output and multiplies each char code by a user-defined number. This number would then be sent at the very beginning of any rednet message so that the receiving computer can decode the message. Any computers spying will only get a string of huge numbers that won't mean anything. I probably will add this and a decoder to bosschat since I've done the legwork already.
To further screw with spy's, reverse each word before encryption, then reverse the entire table. Then laugh as they flip their tables trying to code a way around your encryption.
(╯°□°)╯︵ ┻━┻
Sample output:Spoiler
Enter message: HEY, I JUST MET YOU, AND THIS IS CRAZY. BUT HERE'S MY NUMBER, SO CALL ME MAYBE. --' Now may this song be stuck in your head forever. 72 69 89 44b 73b 74 85 83 84b 77 69 84b 89 79 85 44b 65 78 68b 84 72 73 83b 73 83b 67 82 65 90 89 46b 66 85 84b 72 69 82 69 39 83b 77 89b 78 85 77 66 69 82 44b 83 79b 67 65 76 76b 77 69b 77 65 89 66 69 46b
That is not encryption nowhere near it.
Not even remotely secure.
92 posts
Posted 22 June 2012 - 09:20 AM
No, that is just a basic way to prepare a message for encryption. I've left plenty for OP to code on his own. He asked how to break up words which would be
local tWords = {}
for match in string.gmatch(sMessage, "[^ t]+") do
table.insert( tWords, match .. "b" )
end-Taken from wikipedia, this is exactly what my code does. The special knowledge or 'key' would be being able to tell that it's just character codes, which a lot of us can tell. So no, you're right, it's not secure. But it is encryption.In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key.
496 posts
New Zealand
Posted 22 June 2012 - 09:33 AM
No, that is just a basic way to prepare a message for encryption. I've left plenty for OP to code on his own. He asked how to break up words which would beTechnically, it is still encryption because…I can't read it, can you?local tWords = {} for match in string.gmatch(sMessage, "[^ t]+") do table.insert( tWords, match .. "b" ) end-Taken from wikipedia, this is exactly what my code does. The special knowledge or 'key' would be being able to tell that it's just character codes, which a lot of us can tell. So no, you're right, it's not secure. But it is encryption.In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key.
Your not using an algorithm are you?
And the special knowledge/key would be if you knew the key you need to decrypt it like in symmetrical / asymmetrical encryption or the decryption algorithm.
//EDIT: This is the encryption api from my string utils api, I'm not saying it is extremely secure but it does require you to know the key for encryption/decryption i.e. symmetrical, EncryptionUtils.lua
351 posts
Posted 22 June 2012 - 02:35 PM
Until we can get lockable bootloader, there is no security. You can al and ways just shut down a computer, put a disk with a startup next to it, see how they do their encryption and read their key, and break it.
8543 posts
Posted 22 June 2012 - 03:27 PM
No, that is just a basic way to prepare a message for encryption. I've left plenty for OP to code on his own. He asked how to break up words which would beTechnically, it is still encryption because…I can't read it, can you?local tWords = {} for match in string.gmatch(sMessage, "[^ t]+") do table.insert( tWords, match .. "b" ) end-Taken from wikipedia, this is exactly what my code does. The special knowledge or 'key' would be being able to tell that it's just character codes, which a lot of us can tell. So no, you're right, it's not secure. But it is encryption.In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key.
Your not using an algorithm are you?
And the special knowledge/key would be if you knew the key you need to decrypt it like in symmetrical / asymmetrical encryption or the decryption algorithm.
//EDIT: This is the encryption api from my string utils api, I'm not saying it is extremely secure but it does require you to know the key for encryption/decryption i.e. symmetrical, EncryptionUtils.lua
You don't understand what the word algorithm means. He's using an algorithm. However, that's an obfuscation technique, not an encryption technique. Security through obscurity is no security at all.
351 posts
Posted 22 June 2012 - 04:06 PM
You don't understand what the word algorithm means. He's using an algorithm. However, that's an obfuscation technique, not an encryption technique. Security through obscurity is no security at all.
Again, until we get a bootloader lock, security through obscurity is the only possibility for any computer that someone can access and place a disk drive next to. You can, theoretically, use asynchronous cryptographic message signing to send messages between properly secured computers across an unsecured network, I guess.
I was trying to figure out how to create a dynamic trusted network amongst work turtles. Unfortunately, the best I can come up with is one where they store encryption keys in memory only, and their startup script just has them path back to a secured base and get reset. (I am still hoping the bios will get updated before I implement my secured networking system, so I haven't implemented it yet.)
1604 posts
Posted 22 June 2012 - 04:42 PM
Why? If only you know the key, there's no way to decrypt the message (given you use a good encryption algorithm).Again, until we get a bootloader lock, security through obscurity is the only possibility for any computer that someone can access and place a disk drive next to.
351 posts
Posted 22 June 2012 - 05:06 PM
Why? If only you know the key, there's no way to decrypt the message (given you use a good encryption algorithm).
What does "you" mean? Both sender and receiver computers must know some kind of cipher, and if one of them is compromised, then the hacker has access to both your algorithm and your cipher, and your messages are no longer fully trusted.
Of course, if you only store your password in memory, then you are fine, but that means you have to type in the password manually on every single computer you want to be able to communicate, and verify that it is not compromised first.
1604 posts
Posted 22 June 2012 - 06:29 PM
Well, I wasn't thinking on network encryption, since it would be unnecesary. You can simply send the message to a computer, and no one else can see the message.
If you want to make some network system, with routers and everything, then it could be usefull. Without that is just adding unnecesary overhead.
Also, why would having a bootloader lock be helpfull with this? It would only hide your code, wich is pretty much security through obscurity.
If you want to make some network system, with routers and everything, then it could be usefull. Without that is just adding unnecesary overhead.
Also, why would having a bootloader lock be helpfull with this? It would only hide your code, wich is pretty much security through obscurity.
351 posts
Posted 22 June 2012 - 07:38 PM
If you can hold a list of "verified" computer IDs that you can trust absolutely, and only send and receive messages from those nodes, then you don't even need encryption. Unfortunately, a node that was previously verified can be compromised, and no longer trusted. If you can secure a bootloader, then if you code it correctly, your network is safe. If you cannot secure your bootloader, then if any computer can be physically accessed, and you will be unsafe no matter what you do, in terms of networking.Well, I wasn't thinking on network encryption, since it would be unnecesary. You can simply send the message to a computer, and no one else can see the message.
If you want to make some network system, with routers and everything, then it could be usefull. Without that is just adding unnecesary overhead.
Also, why would having a bootloader lock be helpfull with this? It would only hide your code, wich is pretty much security through obscurity.
Yes, if you just use a password and encryption for storing and retrieving local files, you can be safe. But what is the point?
436 posts
Posted 22 June 2012 - 08:08 PM
Okay, before a mod comes and shuts this down, how about we agree that the poster's question was answered, or at least addressed to the point that they responded with a "Going to do that".
Everything else has basically been saying NOTHING, ANYWHERE IS SAFE!!! We get it. A man with a crowbar can't easily get through an iron door, but a man with TNT can. Everything that has an access point has a weakness. Shut up, get over it, manage your computers responsibly. Never store something you would not want to lose on them. If you want to keep something safe, use a floppy that you keep in your inventory. Or, if you have EE, put it in a bag. If the bag is destroyed, just make a new one. It will bring back YOUR inventory.
And, the point is always "BECAUSE WE CAN".
Can we please move on?
Sorry for the Capslocks. I needed to vent. And get you to pay attention to that specific text.
TFoote, use Bossman201's code. As has been said, Obfuscation is best until such time as we can just mod bios.lua. Which is unlikely to happen. But be aware that anytime you just rearrange the text, someone, somehow, will figure out how to put it back right.
Everything else has basically been saying NOTHING, ANYWHERE IS SAFE!!! We get it. A man with a crowbar can't easily get through an iron door, but a man with TNT can. Everything that has an access point has a weakness. Shut up, get over it, manage your computers responsibly. Never store something you would not want to lose on them. If you want to keep something safe, use a floppy that you keep in your inventory. Or, if you have EE, put it in a bag. If the bag is destroyed, just make a new one. It will bring back YOUR inventory.
And, the point is always "BECAUSE WE CAN".
Can we please move on?
Sorry for the Capslocks. I needed to vent. And get you to pay attention to that specific text.
TFoote, use Bossman201's code. As has been said, Obfuscation is best until such time as we can just mod bios.lua. Which is unlikely to happen. But be aware that anytime you just rearrange the text, someone, somehow, will figure out how to put it back right.
134 posts
Salt Lake, UT
Posted 23 June 2012 - 12:05 AM
TFoote, use Bossman201's code. As has been said, Obfuscation is best until such time as we can just mod bios.lua. Which is unlikely to happen. But be aware that anytime you just rearrange the text, someone, somehow, will figure out how to put it back right.
Ok.
1604 posts
Posted 23 June 2012 - 12:06 AM
Why would you add useless overhead to the code? Just send the message unencrypted, it would be almost the same.TFoote, use Bossman201's code. As has been said, Obfuscation is best until such time as we can just mod bios.lua. Which is unlikely to happen. But be aware that anytime you just rearrange the text, someone, somehow, will figure out how to put it back right.
Ok.
134 posts
Salt Lake, UT
Posted 23 June 2012 - 12:38 AM
I figured after this that it would just be too confusing… I talked to the server person and figured some stuff out
92 posts
Posted 23 June 2012 - 04:15 AM
Hell yeah.TFoote, use Bossman201's code.
But I found a better solution than encryption. Surround routers with blocks, remove privileges to destroy blocks from players. For extra security, add another layer around the router.
351 posts
Posted 23 June 2012 - 04:20 AM
Hell yeah.TFoote, use Bossman201's code.
But I found a better solution than encryption. Surround routers with blocks, remove privileges to destroy blocks from players. For extra security, add another layer around the router.
This dude knows how it is DONE. But seriously, Cloudy, if you are reading this, we could use a way to disable startup boot built in the native CC bios.
92 posts
Posted 23 June 2012 - 04:33 AM
Of course, we don't have to really deal with rednet at all. You could possibly use bundled cables or regular redstone, then transmit that data in bytes/bits(if using bundles), which would be plenty secure from coders that don't format their code. Actually, bundled cables are really nice because you can have computers send/receive at the same time, simulating how real-world internet works. (an Ethernet cable is, essentially, a bundled cable) I learned a fair bit of networking in high school.
EDIT: Although, we learned about encryption, not how to encrypt. So I don't really know how to code it. All I know is obfuscation.
EDIT2: Just remembered something from when I was looking at the Lua Math Library. You could always set a random seed using
EDIT: Although, we learned about encryption, not how to encrypt. So I don't really know how to code it. All I know is obfuscation.
EDIT2: Just remembered something from when I was looking at the Lua Math Library. You could always set a random seed using
local iSeed = math.random()
local tTemp = {}
local tMessage = {}
function encrypt(t)
write your own function
return t
end
math.randomseed( iSeed )
tMessage = encrypt(tTemp)
rednet.send/broadcast([id,] tMessage)
134 posts
Salt Lake, UT
Posted 23 June 2012 - 04:45 AM
EDIT: Although, we learned about encryption, not how to encrypt. So I don't really know how to code it. All I know is obfuscation.
Agreed