18 posts in this topic
Hello all, I would like to present my proof of concept work to the autoit forum and community. (I saw this as a concept in a few sci-fi shows and thought I would bring it into real life)
What is it?: DARTIS (Dimensions And Relative Time Information System)© is a 4 dimensional holographic encryption algorithm which uses the current timestamp(measured down to femto seconds) to encrypt data under several layers of calculations. One large keyfile is used and multiple keys are extracted from it, and overlaid on each other to create 1,000,000,000,000,000 unique keys per second. Special thanks to the creator of the matrix maths udf (if this is you please let me know and I will put your name here.) Also special thanks to trancexx for her LZNT compression code.
Please see attached file for the full set of functions and an example debugging application, which shows usage of all the functions.
Secure Interface Module.zip
My RSA script, 128 bit and lower fast (for UDF attachment)
"RSATool2v17.exe" open and input (E) key and Keysize (Bits) "128", Generate "P, Q, D". Copy "P, Q, D" to my code
; Script Start - Add your code below here #include <String.au3> #include "BigNum.au3" Global $P, $Q, $SelectBase = 64 $base64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/" ;base64 ;Sexagesimal $base60_2 = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwx" ;sexagesimal $base32 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567" ;base32 $base24 = "0123456789ABCDEFGHJKLMNP" ;base24 $base16 = "0123456789ABCDEF" ;hex ;Duodecimal system or dozenal $base12 = "0123456789AB" ;duodecimal $base10 = "0123456789" ;base10 $base8 = "01234567" ;oct $base2 = "01" ;binary $P = _BigNum_Add($P, "18429553113751821539") $Q = _BigNum_Add($Q, "14963134653035728619") $n = _BigNum_Mul($P, $Q) $PHI = _BigNum_Mul(_BigNum_Sub($P, 1), _BigNum_Sub($Q, 1)) $e = _NumToDec("10001100011000110001", $base16) $D = "263455903565562556840568120179103558669" ConsoleWrite(@CRLF) ConsoleWrite("P: " & NumberBase($P) & @CRLF) ConsoleWrite("Q: " & NumberBase($Q) & @CRLF) ConsoleWrite("N: " & NumberBase($n) & @CRLF) ConsoleWrite("PHI: " & NumberBase($PHI) & @CRLF & @CRLF) ConsoleWrite("D: " & NumberBase($D) & @CRLF) ConsoleWrite("E: " & NumberBase($e) & @CRLF & @CRLF) $Message = _NumToDec(_StringToHex("TEST MESSAGE"), $base16) If StringLen($Message) > StringLen($n) Then Exit (1) $c = _BigNum_PowerMod($Message, $e, $n) $D = _BigNum_PowerMod($c, $D, $n) ConsoleWrite("C: " & NumberBase($c) & @CRLF) ConsoleWrite("D: " & _HexToString(_DecToNum($D, $base16)) & @CRLF) ConsoleWrite(@CRLF) ;==================================================================================== ;~ Func modpow($a, $b, $c) ;~ $res = 1 ;~ While $b > 0 ;~ ;/* Need long multiplication else this will overflow... */ ;~ If Mod(StringRight($b, 1), 2) Then ;If BitAND($b,1) Then ;~ $res = _BigNum_Mod(_BigNum_Mul($res, $a), $c) ;~ EndIf ;~ $b = BitShift($b, 1) ;~ $a = _BigNum_Mod(_BigNum_Mul($a, $a), $c) ; /* Same deal here */ ;~ WEnd ;~ Return $res ;~ EndFunc ;==>modpow Func NumberBase($num, $base = $SelectBase) If $base = 10 Then Return _DecToNum($num, $base10) ElseIf $base = 16 Then Return _DecToNum($num, $base16) ElseIf $base = 60 Then Return _DecToNum($num, $base60_2) ElseIf $base = 64 Then Return _DecToNum($num, $base64) EndIf Return $num EndFunc ;==>NumberBase Func _DecToNum($iDec, $Symbol) Local $Out, $ost $Symbol = StringSplit($Symbol, '') If @error Or $Symbol < 2 Then Return SetError(1, 0, $iDec) Do $ost = _BigNum_Mod($iDec, $Symbol) $iDec = _BigNum_Div(_BigNum_Sub($iDec, $ost), $Symbol) $Out = $Symbol[$ost + 1] & $Out Until Not Number($iDec) Return SetError(0, $Symbol, $Out) EndFunc ;==>_DecToNum Func _NumToDec($num, $sSymbol, $casesense = 1) Local $i, $iPos, $Len, $n, $Out $Len = StringLen($sSymbol) If $Len < 2 Then Return SetError(1, 0, $num) $n = StringSplit($num, '') For $i = 1 To $n $iPos = StringInStr($sSymbol, $n[$i], $casesense) If Not $iPos Then Return SetError(2, 0, $num) $Out = _BigNum_Add(_BigNum_Mul($iPos - 1, _BigNum_Pow($Len, $n - $i)), $Out) Next Return SetError(0, $Len, $Out) EndFunc ;==>_NumToDec ; #FUNCTION# ;==================================================================================== ; ; Name...........: _BigNum_PowerMod ; Description ...: Modular Exponentiation Mod($n^$e, $k) ; Syntax.........: _BigNum_Pow($n, $e, $k) ; Parameters ....: $n - Positive StringNumber: Digits"0"..."9" ; $e - Positive StringNumber: Exponent ; $k - Positive StringNumber: Modulus ; Return values .: Success - Result Mod($n^$e, $k) ; Failure - -1, sets @error to 1 if $n is not a positive valid StringNumber ; -1, sets @error to 2 if $e is not a positive valid StringNumber ; -1, sets @error to 3 if $k is not a positive valid StringNumber ; Author ........: jchd ; Date ..........: 17.12.13 ; Remarks .......: Fractional exponents not allowed - use BigNum_n_root instead. ; ;=============================================================================================== Func _BigNum_PowerMod($n, $e, $k) If Not __BigNum_IsValid_3($n, $e, $k) Then Return SetError(1, 0, -1) Local $res = "1" While $e <> "0" If Mod(StringRight($e, 1), 2) Then $res = _BigNum_Mod(_BigNum_Mul($res, $n), $k) $e = _BigNum_Sub($e, "1") EndIf $n = _BigNum_Mod(_BigNum_Mul($n, $n), $k) $e = _BigNum_Div($e, "2") WEnd Return $res EndFunc ;==>_BigNum_PowerMod Func __BigNum_IsValid_3($sX, $sY, $sZ) If StringRegExp($sX, "[^0-9.-]") Or StringRegExp($sY, "[^0-9.-]") Or StringRegExp($sZ, "[^0-9.-]") Then Return False Return True EndFunc ;==>__BigNum_IsValid_3
RSA 2 (TEST NOW).zip
CodeCrypter enables you to encrypt scripts without placing the key inside the script.
This is because this key is extracted from the user environment at runtime by, for example:
password user query any macro (e.g., @username) any AutoIt function call any UDF call some permanent environment variable on a specific machine (and not created by your script) a server response a device response anything else you can think of, as long as it's not stored in the script any combination of the above You need several scripts to get this to work, and they are scattered over several threads, so here's a single bundle that contains them all (including a patched version of Ward's AES.au3; with many thanks to Ward for allowing me to include this script here):
Note: if you experience issues under Win8/8.1 (as some users have reported), please upgrade to Win10 (or use Win7) if you can; as far as I can tell, the scripts in the bundle all work under Win7 & Win10 (and XP). Moreover, I have no access to a Win8 box, so these issues will not be fixed, at least not by yours truly.
How the bits and pieces fit together:
CodeCrypter is a front-end for the MCF UDF library (you need version 1.3 or later). Its thread is here:
'?do=embed' frameborder='0' data-embedContent>>
The MCF package (also contained in the CodeScannerCrypter bundle) contains MCF.au3 (the library itself) plus a little include file called MCFinclude.au3. The latter you have to include in any script you wish to encrypt. Any code preceding it will not be encrypted, any code following it will be encrypted. You define the dynamic key inside MCFinclude.au3, in the UDF: _MCFCC_Init().
From the same post you can download an MCF Tutorial which I heartily recommend, because encrypting a script requires a number of steps in the right order, namely:
In MCFinclude.au3, define and/or choose your dynamic key(s) (skip this step = use default setting) include MCFinclude.au3 in your target script Run CodeScanner (version 2.3+) on your target script, with setting WriteMetaCode=True (see '?do=embed' frameborder='0' data-embedContent>>), then close CodeScanner. Start CodeCrypter press the Source button to load your target file enable Write MCF0 (tick the first option in Main Settings) Enable "Encrypt" (last option in the Main Settings) Go to the Tab Encrypt and set up the encryption the way you want (skip this = use default settings) Return to Main Tab and press "Run" if all goes well, a new script called MCF0test.au3 is created in the same directory as your target. It has no includes and no redundant parts. Please check that it works as normal. (see Remarks if not) It all sounds far more complicated than it is, really.
Not convinced? Check out this updated and extended Q & A pdf (FAQ, also included in the bundle) to help you get started:
BackTranslation is a test to check that the MetaCode translation worked. Skip it at your peril. It also turns your multi-include composite script into a single portable file without redundant parts (you can opt to leave the redundant parts in, if you want).
CodeCrypter can also obfuscate (vars and UDF names) and replace strings, variable names and UDF names with anything else you provide, for example, for language translation). After CodeScanner separates your target's structure from its contents, CodeCrypter (actually MCF, under the hood) can change any part, and then generate a new script from whichever pieces you define. See the MCF Tutorial for more explanation and examples.
You need the following additional scripts to get anything to work (now all included in the bundle):
CodeScanner.au3 version 2.9+ (in the CodeScanner zip in the CodeScanner thread, link above) readCSdatadump.au3 (version 1.1+, in the CodeScanner zip) MCF.au3 (version 1.3+, in the MCF zip in the MCF thread, link above) MCFinclude.au3 (version 1.1+, in the MCF zip) AES.au3, by Ward (now also included in bundle, thanks to Ward), see '?do=embed' frameborder='0' data-embedContent>> As you can see, encryption currently relies on Ward excellent AES UDF, but you can replace this with any other algorithm you like; just edit MCFinclude.au3 UDF _MCFCC(), and MCF.au3 UDF _EncryptEntry().
Going to lie down now...
MetaCode offers a way to:
separate a script's structure from its content remove all redundant definitions (globals and UDFs) change any content (and some structure) combine (new) structure and (new) content into a new script The most useful applications implemented so far are:
Fast language translation (not just text strings, also variable names and UDF names) Obfuscation (vars and/or UDFs) Script Encryption (conditionals, calls, and macros) Encryption is powerful because the key is not stored anywhere; you can define it to be a user password, macro, environment spec/variable, server response, something you define yourself, or a combination thereof; anything goes, as long as it's not a fixed string or fixed value. More info in the CodeCrypter thread: ?do=embed' frameborder='0' data-embedContent>'?do=embed' frameborder='0' data-embedContent>>?do=embed' frameborder='0' data-embedContent>
But MetaCode has more potential than that; it allows you to tinker with any type of content separately, then rebuild a new version. So for example, you can have a single script structure and numerous different language modules you just plug in to create a new version in a different language.
The MCF library itself can be found in the CodeScannerCrypter bundle:
And a little example how to use it for translating your GUI into a different language:
UI_Translator.7z (new version that should work with the new version of Google Translate, see post #13 below)
MCF.au3 is just the library plus the MCFinclude.au3 file you need to include in any script you wish to encrypt.
There is no GUI here. However, I did write a separate front-end for it called CodeCrypter, which you can find here:
?do=embed' frameborder='0' data-embedContent>'?do=embed' frameborder='0' data-embedContent>>?do=embed' frameborder='0' data-embedContent>
MCF uses output generated by my CodeScanner version 2.8+, which you can find here:
'?do=embed' frameborder='0' data-embedContent>>
CodeScanner also depends on MCF.au3 now, as it can now call a few of its functions.
I should also mention Ward's excellent AES.au3 UDFs used for the encryption and decryption calls, which is now included in the CodeScannerCrypter bundle (thanks to Ward for allowing to include it). You can find the original (unpatched) version here:
'?do=embed' frameborder='0' data-embedContent>>
Note: you can replace the encryption/decryption calls with whatever algorithm you like (hint: the native <Crypt.au3> library is too slow for most purposes, better stick to machine code routines)
So just to be clear:
CodeScanner (v2.8+) needs MCF (earlier versions won't work!) CodeCrypter needs MCF (plus anything that MCF needs) MCF itself needs MCFinclude (part of MCF zip) MCF also needs readCSdatadump (part of the CodeScanner package, you need the latest version packaged with CodeScanner v2.8; earlier versions won't work!) both MCF and MCFinclude currently rely on AES.au3 by Ward So you basically need to download the whole bundle for any of it to work.
If you have any questions, please start by reading the MCF Tutorial and the CodeCrypter FAQ (you can download the latter separately from the CodeCrypter thread).
Next, read the extensive Remarks sections in MCF.au3, MCFinclude.au3, and CodeCrypter.au3
If still no joy, then please post. However, I'm not online that often, and logged in to the forum even less, so response may take a while).
so there is this post "Holographic Encryption with DARTIS" and the RSA came up.
There is _RSA_crypt.7z from autoit-script.ru but the file is not available ( if anyone has the file, please get me a working link ) , so I don't know what or how it was done.
My idea is to do the public key / private key (RSA) to exchange the hash/password ( call it what you will ), then, carry the rest of the communication with $CALG_AES_256 or the like. So it'd be doing a hybrid TCP/IP SSL, let's call it TCL 2.5
Anyhow, I need help for the simple reason that I'm quite clueless.
CryptoAPI Cryptographic Service Providers may have a clue via the CryptoAPI ( but to me is all just words ).
CryptEncrypt function say that:
The Microsoft Enhanced Cryptographic Provider supports direct encryption with RSA public keys and decryption with RSA private keys. The encryption uses PKCS #1 padding. On decryption, this padding is verified. The length of plaintext data that can be encrypted with a call to CryptEncrypt with an RSA key is the length of the key modulus minus eleven bytes. The eleven bytes is the chosen minimum for PKCS #1 padding. The ciphertext is returned in little-endian format. so it should be possible from server 2003 / XP onwards.
Thank you all who dare to go at it