6.16.2011

Custom Encryption : Polymorphic Stairs

An Encryption is a process to make a plaintext unreadable to anyone unless they have the algorithm and the key to transform the data to it's orginal state. It is usally -in general- used to PROTECT data from being read/understood/stolen.
check out more on wiki : http://en.wikipedia.org/wiki/Encryption

A stronger encryption method is the one with less chance to reverse data to original plaintext without knowing the password, which is called cracking.

today we are going to make our own "Custom Encryption", even if dotnet provides us with a fine list of encryption routines, check them out on msdn : http://msdn.microsoft.com/en-us/library/system.security.cryptography.aspx

What is Polymorphic?
Polymorphic stands for "multiple forms". in our case, the output of the encryption is diffrent everytime we use it, which gives some confusion to the one who tries to "crack" it without the password.

here is an exemple, which i called "Polymorphic Stairs"

Imports System.Text
Public Class PolyMorphicStairs
    Overloads Shared Function PolyCrypt(ByVal Data As String, ByVal Key As String, Optional ByVal ExtraRounds As UInteger = 0) As String
        Dim buff() As Byte = PolyCrypt(Encoding.Default.GetBytes(Data), Encoding.Default.GetBytes(Key), ExtraRounds)
        PolyCrypt = Encoding.Default.GetString(buff)
        Erase buff
    End Function
    Overloads Shared Function PolyDeCrypt(ByVal Data As String, ByVal Key As String, Optional ByVal ExtraRounds As UInteger = 0) As String
        Dim buff() As Byte = PolyDeCrypt(Encoding.Default.GetBytes(Data), Encoding.Default.GetBytes(Key), ExtraRounds)
        PolyDeCrypt = Encoding.Default.GetString(buff)
        Erase buff
    End Function
    Overloads Shared Function PolyCrypt(ByRef Data() As Byte, ByVal Key() As Byte, Optional ByVal ExtraRounds As UInteger = 0) As Byte()
        Array.Resize(Data, Data.Length + 1)
        Data(Data.Length - 1) = Convert.ToByte(New Random().Next(1, 255))
        For i = (Data.Length - 1) * (ExtraRounds + 1) To 0 Step -1
            Data(i Mod Data.Length) = CByte(CInt((Data(i Mod Data.Length)) + CInt(Data((i + 1) Mod Data.Length))) Mod 256) Xor Key(i Mod Key.Length)
        Next
        Return Data
    End Function
    Overloads Shared Function PolyDeCrypt(ByRef Data() As Byte, ByVal Key() As Byte, Optional ByVal ExtraRounds As UInteger = 0) As Byte()
        For i = 0 To (Data.Length - 1) * (ExtraRounds + 1)
            Data(i Mod Data.Length) = CByte((CInt(Data(i Mod Data.Length) Xor Key(i Mod Key.Length)) - CInt(Data((i + 1) Mod Data.Length)) + 256) Mod 256)
        Next
        Array.Resize(Data, Data.Length - 1)
        Return Data
    End Function
End Class

Lets take a look at this Class :
First, we have two functions, one to encrypt data and the other to decrypt data.
there are two parameters, one is the data, the other is the key, and the return value is the data after the transformation. they are both overloaded to accept strings or byte arrays as parameters. there is also an optionnal parameter called ExtraRounds, which represents how many addtional times you want to encrypt your data. for exemple, you want to encrypt it twise, set ExtraRounds to 1 when calling the function.

Here is how it works :
We first generate a random byte, and add it the end of the bytearray of the plaintext. after that, we add the value of that byte to the previous one, and using the bitwise operator XOR with a byte from the key. we just loop and do the same with every byte in the array.

The Output :
With the random byte sticked to the end of the array, its value is gonna be added to the previous byte, which also be added to the one before it... in other words the random byte will affect the hole array : the output will be completely randomized each time.
Here is an exemple where the plain-text and key are pretty basic :
As you can see, outputs are random and scrambled each time.
But the more complex the key is, the better.

Decryption :
In the decryption routine, we do the exact same thing, but backwards. First, we Xor the byte, and then remove the value next to it. after the loop finishes, we just remove the random value in the end of the buffer and we get our plaintext back to normal.

Weakness :
Xor operator is a weak Cipher by it self, the password can be guessed by analysing the output. the addition of a value to another and the use of a random value covers xor weakness, but there is alot of cracking routines, such as bruteforcing for exemple.

Why the random value was added to the end of the array?
Good Quesion. Why? this would work also if we add it at the start of the array. it is simply added to the end for a faster performance, because i don't really want copy the full array to a new one, or push all values to give space for the random one. as simple as that.
Added By At
Libellés : ,

1 comment:

Anonymous said...

Hе runs suсcesѕful technolοgy cοmpаny Outsоurсеry
business which sold part of its stгategic haгdware.


My wеb ѕite; online marketing services

April 11, 2013 at 12:51 AM

Post a Comment

Subscribe to: Post Comments (Atom)