Sign in to follow this  
Followers 0
erebus

Encryption nightmare

5 posts in this topic

#1 ·  Posted (edited)

Hello all,

I was playing around with _StringEncrypt the last few days and I came up with a little problem.

I want to encrypt four values in a single line, divided with an underscore character. Here is an example:

I CARE1_I CARE2_I DONT CARE1_I DONT CARE2

I encrypt this line with a fixed key (let's say 123456) and it gives me a result, i.e.

F6028399A8CB9E15F1BFAA3972B2BD2C504BFC1035B6CB3A486E7FF6FA2FE9D1BB59E5163AAB9F13F200D2A078E5A29DADCE

70F3892FDCD711CA48ECF487A11C8C523A0512B48FE34005411D24066D4C0B0E

Everything is fine till here. However, I want the first two values I encrypted to remain as-is, meaning not to be altered in any way. I found no way to achieve this, because if you edit by hand some characters from the encrypted text, the values will be altered. And if you do this only for the first characters of the encrypted text, the others will remain unchanged.

Example:

If I change the first characters by hand (let's say F6028399 to ABCDEFGH) the decrypted result will be:

Ξ5CARE1_I CARE2_I DONT CARE1_I DONT CARE2

What I want to do is to encrypt and decrypt in such a way that IF someone change the encrypted string by hand (which will be in an external file by the way) my script will understand that the consistancy of the encrypted (or the decrypted) text is wrong. Or even better if someone change some characters in the encrypted string the decrypted string will be messed up completely and not only a part of it.

Can you suggest anything?

Thanks in advance.

Edited by erebus

Share this post


Link to post
Share on other sites



maybe this

#include <String.au3>

$line = "I CARE1_I CARE2_I DONT CARE1_I DONT CARE2"

$Nline = StringSplit($line, "_")

$Eline_1 = _StringEncrypt( 1, $Nline[3], "123456")
$Eline_2 = _StringEncrypt( 1, $Nline[4], "123456")

$line = $Nline[1] & "_" & $Nline[2] & "_" & $Eline_1 & "_" & $Eline_2

MsgBox(64, "1/2 encrpyted", $line)

8)


NEWHeader1.png

Share this post


Link to post
Share on other sites

or this... to mess it up real good

#include <String.au3>

$line = "I CARE1_I CARE2_I DONT CARE1_I DONT CARE2"

$Nline = StringSplit($line, "_")

$Nline[1] = _StringEncrypt( 1, $Nline[3], "123456")
$Nline[2] = _StringEncrypt( 1, $Nline[3], "123456")
$Nline[3] = _StringEncrypt( 1, $Nline[3], "123456")
$Nline[4] = _StringEncrypt( 1, $Nline[4], "123456")

$line = _StringEncrypt( 1, $Nline[4] & "_" & $Nline[3] & "_" & $Nline[2] & "_" & $Nline[1], "654321")

MsgBox(64, "double encrpyted", $line)

8)


NEWHeader1.png

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

I am not on my pc ATM to check this but I did some tests last night using almost your logic and the result was the same. If you are really careful of what to edit, you may end up messing only the 'I CARE' values which is the bad thing.

I followed a different approach and I didn't manage to hack it till now: I add each character's Asc() value and I end up with something like a hash, a big number which is unique unless you are so lucky to edit the encrypted line and replace the given characters with others that their ASCII number representation give you the same result.

Of course this numeric value is also encrypted, so we end up with something like:

CONSTANT1_I CARE1_I CARE2_I DONT CARE1_I DONT CARE2_CONSTANT2_HASHNUMBER

I encrypt this line twice (one with RC4 encryption and one with another old encryption UDF I found here and used in the past) and that's all. On my program then I decrypt the line twice, I check the array size and the constants validity and finally the numeric "hash" by adding the Asc() of each character for all values (except the numeric one of course). If all are correct then the licence is valid.

Ok, this could be broken somehow but if someone is so willing on breaking my licence, so be it, I don't know what to say on this. :P

In any case, can somebody confirm that this logic is acceptable (and if not maybe discuss/propose a different approach on the issue)?

I will provide you with some code since I return to my office.

Thank you,

P.S. It would be great to have MD5 functionality in AU3 to strengthen the whole idea. Maybe anyone has already written such a UDF?

Edited by erebus

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0