Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Can This Be Decrypted ? ECDC Version 1.0
Posted by: darknessends
Date: July 14, 2007 04:40PM

Hello EveryBody,

I know what I am posting here seems to be unusual for this forum, but i just love to see the talent here and the awesome intelliegent discussions.

Here is a very simple encryption program in java. I name it ECDC-EncryptoDecrypto V 1.0, Its very simple code and a fast encryption thus. I wanna know can someone decrypt the code without the knowledge of passphrase or a method to have only the encrypted bytes still get the passphrase from it.

It is easy to understand and can be implemented in any langauge you like.

I would love to see the crack, I know it will be easy for you guys, Its nuts, But please do it for me, I wanna improve the program.

Thanks,
darknessends@gmail.com






import java.io.*;

class Encdec
{
static String pass;
static byte[] bpass;
static int lenbpass;
static int next;


public static void setPassword(String s)
{
int i=0;
pass =s;
bpass = pass.getBytes();
for(byte b: bpass)
{
i=i+1;
}
lenbpass=i;
next = 0;
}

public static byte[] encrypt(byte[] data)
{

int s;int i=0; int t;
int current=0;

for(byte b : data)
{
if(current==lenbpass)
{
current=0;
}

s=(int )b;
s=s+(int )bpass[current]+next;
b=(byte )s;
data=b;
i=i+1;
current = current +1;
next=s;
}

return data;
}

public static byte[] decrypt(byte[] data)
{

int s;int i=0; int t;
int current=0;

for(byte b : data)
{
if(current==lenbpass)
{
current=0;
}

s=(int )b;
t=s;
s=s-(int )bpass[current]-next;
b=(byte )s;
data=b;
i=i+1;
current = current +1;
next=t;
}

return data;
}
}



public class Main {
static long clen=0;
static long status=0;
static float percent = 0;

public static void cpercent()
{
percent=(float )((float )status/(float )clen)*100;

//System.out.println(percent+" AND "+status+" of " +clen);
}


public static void main(String[] Args) {

try
{
Encdec.setPassword(Args[1]);
int k=0;
int size=Encdec.lenbpass*200;
byte[] buffer = new byte;
File file = new File(Args[0]);
clen=file.length();
FileInputStream filer = new FileInputStream(file);
FileOutputStream filew = new FileOutputStream("ECDC-"+file.getName());
int opt = Integer.parseInt(Args[2]);
System.out.println("Starting The Procedure You Requested");

if(opt==1)
{
while(k!=-1)
{
k=filer.read(buffer);
if(k==-1)
{
break;
}
buffer=Encdec.encrypt(buffer);
filew.write(buffer,0,k);
status=status+k;
cpercent();
}
}

else if(opt==0)
{
while(k!=-1)
{
k=filer.read(buffer);
if(k==-1)
{
break;
}
buffer=Encdec.decrypt(buffer);
filew.write(buffer,0,k);
status=status+k;
cpercent();
}
}

else
{
System.out.println("Please Enter 0 To Decrypt Or Enter 1 To Encrypt");
}

System.out.println("Completed The Procedure You Requested");
System.out.println("Please Check The Output File "+"ECDC-"+file.getName());

}

catch(java.io.FileNotFoundException x)
{
System.out.println("ECDC Is Unable To Find The File You Requested To Proceed With, Please Check The File Name");
}

catch(Exception x)
{
System.out.println("");
System.out.println("");
System.out.println("Hello This Is ECDC, An Encryption / Decryption Utility For Common Man");
System.out.println("");
System.out.println("");
System.out.println("Usage::::: ECDC.exe [filename] [password] [0/1]]");
System.out.println("");
System.out.println("filename :- The File You Want To Encrypt / Decrypt");
System.out.println("password :- Password For Encryption / Decryption");
System.out.println("0/1 :- Use 0 For Decrypting The File Or Else 1 For Encrypting The File");
System.out.println("");
System.out.println("ECDC Will Always Produce A Resultant File Irrespective Of Correct Password");
System.out.println("This Is For Security Purpose");
System.out.println("It Is Understood That The Right Password Only Can Get You The Orignal File");
System.out.println("Mail at darknessends@gmail.com If You Catch A Bug, Have Suggestion Or Wanna Talk For Any Reason");
System.out.println("");
System.out.println("ECDC Will Exit Now");
System.out.println("");
System.out.println("");

}

}

}

Options: ReplyQuote
Re: Can This Be Decrypted ? ECDC Version 1.0
Posted by: Anonymous User
Date: July 14, 2007 07:38PM

It would be useful to say which cipher type you are using.,
but it looks like a very simple XOR cipher.

Why are you designing your own cipher btw? it's the worst sin in encryption.



Edited 2 time(s). Last edit at 07/14/2007 07:40PM by Ronald.

Options: ReplyQuote
Re: Can This Be Decrypted ? ECDC Version 1.0
Posted by: darknessends
Date: July 16, 2007 12:22PM

I have just made it, I can't say which cipher type is it? But looking at it can u break without bruteforcing ? Any more People To say Something

Options: ReplyQuote
Re: Can This Be Decrypted ? ECDC Version 1.0
Posted by: thornmaker
Date: July 16, 2007 01:57PM

Yes, it can be decrypted without the password. Trivially. It's a slightly modified Vigenère cipher (been around since the 1500's).
the base of your encryption is... s=s+(int )bpass[current]+next
The "next" part in the cipher text can be eliminated by taking a delta between each cipher character. The rest is just a Vigenère cipher that is broken by guessing the length of keyword (lenbpass) and then doing frequency analysis on the cipher text, modulo that length.

In general, before even thinking about writing a new crypto system, one should first learn how to break crypto algorithms and take a few math courses in number theory and abstract algebra. And even then, it is not recommended.

Now I might be overlooking something which might make my 3 minute analysis all wrong (I tend to do that all the time), but it is abundantly obvious that this is trivial to crack still.

Options: ReplyQuote
Re: Can This Be Decrypted ? ECDC Version 1.0
Posted by: darknessends
Date: July 17, 2007 01:45PM

Ok you said this is a modification of Vigenere Cipher.
So I read about the Vigenere Cipher

As what I think Vigenere Cipher must be like this :-
Lets take a 3 byte password as C0+C1+C2 , the data as D0+D1+D2+D3+D4,
Then The Vigenere Cipher Will Generate the Cipher Bytes(E) As

E0 = D0+C0
E1 = D1+C1
E2 = D2+C2
E3 = D3+C0 --- Repetiton Of Key
E4 = D4+C1

And My Cipher As
E0 = D0+C0+0
E1 = D1+C1+E0
E2 = D2+C2+E1
E3 = D3+C0+E2 --- Repetiton Of Key
E4 = D4+C1+E3

E4-E3 = D4+C1
E3-E2 = D3+C0
E2-E1 = D2+C2
E1-E0 = D1+C1
E0 = D0+C0

Which Solves the Problem, And Make The Encryption Very Easy To Break !

However A Slight Change In The Base Can Make It Complex.

E0 = D0+C0+0
E1 = D1+C1*E0
E2 = D2+C2*E1
E3 = D3+C0*E2
E4 = D4+C1*E3

How About This ?
Can It Still Be Converted To Vigenere ? Since Dividing By E Will Also Modify The Plaintext . Or Else Anything Easy .

Well Your Answer Was Very Nice And Precise.
Hey Start Some Awards, I wanna vote for thornmaker.

And Many Things In World Are Not Recommended Sir.
By The Way I am not into cryptography, I just made this for light on the fly encryption for data storage and communication in my personal programs.

Options: ReplyQuote
Re: Can This Be Decrypted ? ECDC Version 1.0
Posted by: Anonymous User
Date: July 17, 2007 02:27PM

That is still called XORing, And what you do there can be simplified by 80%. I would recommend to use a strong encryption scheme like AES, because this stuff can be solved with a pencil and a piece of paper. That's why it's not recommended to invent your own, it's easy to make a mistake. A ton of smart people tried to crack the best algorithms out there like AES Rijndael, Blowfish, Twofish, and they all more or less failed because it's strong.

If you want absolute theoretical security, use a One time pad. But that one is hard to implement because of the distribution of the key.

Good luck.

Options: ReplyQuote


Sorry, only registered users may post in this forum.