Phat Looser Posted February 22, 2011 Share Posted February 22, 2011 iaEncryptionArray = {}; iaDecryptionArray = {}; caPassword = ""; iPasswordLength = 0; caText = ""; caEncryptedText = ""; iPasswordPosition = 1; function addEncryptionPasswordChar(value) iPasswordPosition = iPasswordPosition + 1; if (iPasswordPosition > iPasswordLength) then iPasswordPosition = 1; end output = value + string.byte(caPassword,iPasswordPosition); if (output > 999) then output = output - 1000; end return output; end function subsEncryptionPasswordChar(value) iPasswordPosition = iPasswordPosition - 1; if (iPasswordPosition < 1) then iPasswordPosition = iPasswordLength; end output = value - string.byte(caPassword,iPasswordPosition); if (output < 0) then output = output + 1000; end return output; end function generateEncryptionPassword() iPasswordHash = 0; caOutput = ""; for i=1, iPasswordLength, 1 do iPasswordHash = iPasswordHash + string.byte(caPassword,i); -- char! end for i=1, iPasswordLength, 1 do caOutput = caOutput .. string.char(iPasswordHash % string.byte(caPassword,i)); -- char! char! end return caOutput; end function stringSetChar(string,char,pos) length = string.len(string); if pos > length then return string; end string = string.sub(string,1,pos) .. char .. string.sub(string,pos+1,length); return string; end function generateEncryptionArray() generateDecryptionArray(); end function generateDecryptionArray() caEncryptionPassword = generateEncryptionPassword(caPassword); for i=0, 999, 1 do iaEncryptionArray[i]=NIL; end iPosition = 0; n=1; for i=0, 999, 1 do n = n + 1; if (string.byte(caPassword,n) == NIL) then n=1; end iPosition = iPosition + string.byte(caEncryptionPassword,n) + string.byte(caPassword,n); iPosition = iPosition % 1000; while (iaEncryptionArray[iPosition]) do iPosition = iPosition + 1; if (iPosition >= 1000) then iPosition = iPosition - 1000; end end iaEncryptionArray[iPosition] = i; iaDecryptionArray[i] = iPosition; end end function encrypt() generateEncryptionArray(); iTextSize = string.len(caText); iEncryptedTextSize = iTextSize*3; caEncryptedText = ""; aEncryptedText = {}; for i=1, iTextSize, 1 do value = string.byte(caText,i); n=i*3; if (value < 10) then value = string.format("00%i",value); elseif (value < 100) then value = string.format("0%i",value); else value = string.format("%i",value); end aEncryptedText[(i-1)*3+1] = string.byte(value,1) - 48; aEncryptedText[(i-1)*3+2] = string.byte(value,2) - 48; aEncryptedText[(i-1)*3+3] = string.byte(value,3) - 48; end iCounter = 1; iPasswordPosition = 1; for runs=1, 32, 1 do for i=1, iEncryptedTextSize, 1 do iCounter = iCounter + 1; pos1 = i; pos2 = i+1; pos3 = i+2; if (pos2 > iEncryptedTextSize) then pos2 = pos2 - iEncryptedTextSize; pos3 = pos3 - iEncryptedTextSize; elseif (pos3 > iEncryptedTextSize) then pos3 = pos3 - iEncryptedTextSize; end local h = aEncryptedText[pos1]; local z = aEncryptedText[pos2]; local e = aEncryptedText[pos3]; if not e then caEncryptedText = ""; return; end value = 100*h + 10*z + e; value = iaEncryptionArray[value]; value = subsEncryptionPasswordChar(value); h = math.floor(value / 100); value = value - 100*h; z = math.floor(value / 10); value = value - 10*z; e = value; aEncryptedText[pos1] = h; aEncryptedText[pos2] = z; aEncryptedText[pos3] = e; end end caEncryptedText = ""; for i=1,iEncryptedTextSize,1 do caEncryptedText = caEncryptedText .. string.format("%i",aEncryptedText[i]); end end function decrypt() generateDecryptionArray(); iEncryptedTextSize = string.len(caEncryptedText); aEncryptedText = {}; for i=1,iEncryptedTextSize,1 do aEncryptedText[i] = string.byte(caEncryptedText,i) - 48; end caEncryptedText = ""; iPasswordPosition = - (iEncryptedTextSize*32) - 1; iPasswordPosition = iPasswordPosition % iPasswordLength + 1; for runs=1, 32, 1 do for i=iEncryptedTextSize, 1, -1 do pos1 = i; pos2 = i+1; pos3 = i+2; if (pos2 > iEncryptedTextSize) then pos2 = pos2 - iEncryptedTextSize; pos3 = pos3 - iEncryptedTextSize; elseif (pos3 > iEncryptedTextSize) then pos3 = pos3 - iEncryptedTextSize; end local h = aEncryptedText[pos1]; local z = aEncryptedText[pos2]; local e = aEncryptedText[pos3]; if not e then caText = ""; return; end value = 100*h + 10*z + e; value = addEncryptionPasswordChar(value); value = iaDecryptionArray[value]; h = math.floor(value / 100); value = value - 100*h; z = math.floor(value / 10); value = value - 10*z; e = value; aEncryptedText[pos1] = h; aEncryptedText[pos2] = z; aEncryptedText[pos3] = e; end end iTextSize = iEncryptedTextSize / 3 caText = ""; for i=1,iEncryptedTextSize,1 do caEncryptedText = caEncryptedText .. string.format("%i",aEncryptedText[i]); end for i=1, iTextSize, 1 do n = (i-1)*3+1; char = aEncryptedText[n]*100 + aEncryptedText[n+1]*10 + aEncryptedText[n+2]; if char > 255 then caText = ""; return; end caText = caText .. string.char(char); end end function encryptString(caTextInput,caPasswordInput) if not caTextInput or not caPasswordInput then outputDebugString("NIL or FALSE values given!"); return nil; end caText = caTextInput; caPassword = caPasswordInput; iPasswordLength = string.len(caPassword); encrypt(); return (caEncryptedText); end function decryptString(caTextInput,caPasswordInput) if not caTextInput or not caPasswordInput then outputDebugString("NIL or FALSE values given!"); return nil; end caEncryptedText = caTextInput; caPassword = caPasswordInput; iPasswordLength = string.len(caPassword); decrypt(); return (caText); end It encrypts stuff, so you can i.e. send it client side and let the client save the stuff. Do you think you can break it? Link to comment
Ransom Posted February 23, 2011 Share Posted February 23, 2011 or just use https://wiki.multitheftauto.com/wiki/Md5 Link to comment
Phat Looser Posted February 23, 2011 Author Share Posted February 23, 2011 encrypted text <-> text is a 2 way street. encrypted text -> md5 is a 1 way street. Also, md5 is old - replace it by SHA or SHA2 Link to comment
Phat Looser Posted May 15, 2011 Author Share Posted May 15, 2011 Little hint, its 500 Euro now. To break the code. Link to comment
NeXTreme Posted May 16, 2011 Share Posted May 16, 2011 Is it even possible to decrypt? The encryption uses a password to generate the code, without it you're basically screwed Link to comment
Phat Looser Posted May 16, 2011 Author Share Posted May 16, 2011 Is it even possible to decrypt? The encryption uses a password to generate the code, without it you're basically screwed What I want to do is to check if my encryption really needs a password to be decrypted, I want to know how secure it is. After all I use it to encrypt client data on the client, in other words I store stuff client side, encrypted, of course. Its pretty boring if you got the password Maybe I'll post the plain text and you'll have to find out the password. A good encryption doesn't give the password even when you have the plain text. If one of the MTA crew cracks it, I'm giving MTA the 500 Euro. Link to comment
NeXTreme Posted May 16, 2011 Share Posted May 16, 2011 Alright, I'll try to crack it Save that 500€ for me lol Link to comment
Phat Looser Posted May 16, 2011 Author Share Posted May 16, 2011 For the case you are trying bruteforce, the password is longer then 10 digits and pretty random. Link to comment
eAi Posted May 16, 2011 Share Posted May 16, 2011 Is the plain text an English phrase of some sort? Link to comment
Phat Looser Posted May 16, 2011 Author Share Posted May 16, 2011 The plain text is in English and no nonsense. The intention of this encryption is to have an encryption that is based on very simple math so ANY scripting language can implement it. Link to comment
Phat Looser Posted June 16, 2011 Author Share Posted June 16, 2011 So, how is it going Link to comment
JR10 Posted June 16, 2011 Share Posted June 16, 2011 1 Month later exactly people gave up Link to comment
eAi Posted June 19, 2011 Share Posted June 19, 2011 I showed this to someone who knows their encryption, and they reckoned it looked fairly good. Both he and I agreed that the code is pretty nasty and does some pretty silly things (some that potentially make it less secure), but that it does enough things to compensate for those mistakes. Quite why you wouldn't just use an existing tried-and-tested algorithm, I don't know. Lua is Turing complete. Link to comment
Phat Looser Posted June 19, 2011 Author Share Posted June 19, 2011 Because this one is faster than making a triple-DES implementation in LUA. Also implementing already existing stuff is no-brain. Also, I build the algorithm on the three steps: shuffle, substitute and shift. The only thing you know is that it DOES those three steps, but not HOW. Cracking an algorithm that shuffles is easy. Cracking an algorithm that substitutes is easy, too. Cracking an algorithm that shifts is easy, too. But, until now no one has cracked an algorithm that uses all three of them done after each other, because cracking one of those three mostly is a probabilistic problem. Make the first output look random, and you have a good chance no one can crack it after you did the second round. Link to comment
eAi Posted June 20, 2011 Share Posted June 20, 2011 Yep, that's basically the conclusion we came to. From memory, some of the stuff to do with how the password was generated seemed sub-optimal - it reduced the range of values more than it needed to. I'll have a look at it again if I get a moment and be more helpful. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now