RE: Crypt

From: Dylan Douglas <dylan_at_mediadefender.com>
Date: Tue, 12 Jun 2007 11:38:51 -0700

Okay, think I got it, maybe. Here's what I am getting for the keys and
b values:

key(0): 0x00003039
b(0): 0x00
key(1): 0xd3dc167e
b(1): 0xdc
key(2): 0xa7042800
b(2): 0x04
key(3): 0x50f53800
b(3): 0xf5
key(4): 0x7f790800
b(4): 0x79
key(5): 0x56f89800
b(5): 0xf8
key(6): 0x5628e800
b(6): 0x28
key(7): 0x961af800
b(7): 0x1a
key(8): 0xf10bc800
b(8): 0x0b
key(9): 0xe8f45800
b(9): 0xf4
key(10): 0xb2d9a800
b(10): 0xd9
key(11): 0x67dcb800
b(11): 0xdc
key(12): 0xc90a8800
b(12): 0x0a
key(13): 0xfeec1800
b(13): 0xec
key(14): 0x09d66800
b(14): 0xd6
key(15): 0xf3fa7840
b(15): 0xfa
key(16): 0x73c8e400
b(16): 0xc8
key(17): 0xda014400
b(17): 0x01
key(18): 0xcd422400
b(18): 0x42
key(19): 0x64218400
b(19): 0x21
key(20): 0xf07d6400
b(20): 0x7d
key(21): 0xf1dbc400
b(21): 0xdb

Is this the same as what you are getting on your side for the original
version?

-D
 

|-----Original Message-----
|From: Stefan Kaczmarek [mailto:stefan_at_thezonie.org]
|Sent: Tuesday, June 12, 2007 11:30 AM
|To: Dylan Douglas
|Cc: Ivan Kwok; Ben Ebert; Ty Heath; Jay Mairs; Nainesh
|Solanki; Sergio Alvarez; Gerald Rode
|Subject: Re: Crypt
|
|Ok, I came up with something that works in Java and PHP.
|
|So, instead of this:
|
|$key = ($key * 1103515245 + 12345) & 0x7fffffff;
|
|Do this:
|
|$a = ($key>>16) & 0xffff;
|$b = $key & 0xffff;
|$a = ($a * ((1103515245 >> 16) & 0xffff)) + 12345;
|$b = ($b * (1103515245 & 0xffff)) + 12345;
|$key = ($key ^ $a) ^ $b;
|
|Nibble bork! :)
|
|I don't know how awesome it is from a cryptological standpoint, but
|there it is.
|
|- Z
|
|On Jun 12, 2007, at 7:53 AM, Dylan C Douglas wrote:
|
|> Yeah, that's why I was throwing the AND in there. PHP doesn't
|> handle overflowing really well. It just promotes it, so I was
|> trying to limit it to four bytes. (You said eight bytes for the
|> sha1 idea. Are you working with eight byte keys?)
|>
|> I'm fine with the sha1 idea, but it's going to have to be the first
|> four bytes being the new key, since I don't have longs; I have
|> signed int and signed float. I'm just worried about speed. I'll
|> try to find something that can do a sha1 for php.
|>
|> -D
|>
|> -----Original Message-----
|> From: "Stefan Kaczmarek" <stefan_at_thezonie.org>
|> To: "Dylan Douglas" <dylan_at_mediadefender.com>
|> Cc: "Ivan Kwok" <ivan_at_mediadefender.com>; "Ben Ebert"
|> <ben_at_mediadefender.com>; "Ty Heath" <heath_at_mediadefender.com>; "Jay
|> Mairs" <jay_at_mediadefender.com>; "Nainesh Solanki"
|> <nsolanki_at_mediadefender.com>; "Sergio Alvarez"
|> <sergio_at_mediadefender.com>; "Gerald Rode" <gerald_at_mediadefender.com>
|> Sent: 6/11/07 10:31 PM
|> Subject: Re: Crypt
|>
|> Ok, shit no worky, and it's because PHP treats integers that go
|> beyond the int boundary as floats instead of just overflowing. So
|> basically we need to do some sort of byte shifting thingy instead.
|>
|> Any other idears? How about something like the first 8 bytes of the
|> sha-1 of the key is the new key???
|>
|> - Z
|>
|> On Jun 11, 2007, at 6:14 PM, Dylan Douglas wrote:
|>
|>> Okay, so, got it working.
|>>
|>> Encrypt:
|>> srand( time() + 127 );
|>> $key = ( mt_rand( 0, 0x7fffffff ) );
|>> $encrypted_data = sprintf( '%08x', $key );
|>>
|>> $b = 0;
|>> $length = strlen( $data );
|>>
|>> for( $i = 0; $i < $length; $i++ )
|>> {
|>> $key = ($key * 1103515245 + 12345) & 0x7fffffff;
|>> $b = ( $key / 65536 ) % 256;
|>> $value = ord( $data[$i] ) ^ $b;
|>> $encrypted_data .= sprintf( '%02x', $value );
|>> }
|>>
|>> The only real change to the original code is the addition of
|>> ANDing it with 0x7fffffff, which keeps php from busting. I used it
|>> to encrypt your string of "I really enjoy carpeting." and get:
|>> string(58)
|>> "5c579169848331b8c228511ab4a54303cd76f31a45d30845b2fd38e3d4"
|>>
|>> The starting bytes of: 5c579169 are is the key. It's value is
|>> 0x5c579169 (I tried to write the LSB first but php is a pita and
|>> that made decoding the key a pain. So, I straight-out write it
|>> like it is a hex string and if you need to shift things around, you
|>> can do that in java.
|>>
|>> See if you can get it working on your side.
|>>
|>> -D
|>>
|>> Ps. here are some others:
|>>
|>> "Fresh taste... you can trust"
|>> string(64)
|>> "5316297d87c1c574e68617d0498fb9bb508ae80b4117f8d19c2777cde6a3ad39"
|>> "We have your email address listed as theshockwave_at_gmail.com. If
|>> you do not want to receive anymore emails on special savings and
|>> news, click here."
|>> string(300)
|>>
|"518fa7cad1b242cd6fd8825430c2c4217574c9ef510c646362ab390739e7dd92c67a
|>> 9
|>>
|13f99f4718fadb00b0c109eb1c93f965220070f361632c85d12f00f49ed03debc7edd
|>> 9
|>>
|108078ed03d3d58743a76ce5fd82ec22a583afdd3cbd943e3a59e532a5e157249dd84
|>> b
|>>
|9829640ab88783989f807826d86fa1cf9814d3a07a19c048d0b1e45fd1fffab23f017
|>> e
|>> 16e1ae598961184798d8f"
|>>
|>>
|>> From: Dylan Douglas
|>> Sent: Friday, June 08, 2007 5:22 PM
|>> To: Stefan Kaczmarek
|>> Cc: Ivan Kwok; Ben Ebert; Ty Heath; Jay Mairs; Nainesh Solanki;
|>> Sergio Alvarez; Gerald Rode
|>> Subject: RE: Crypt
|>>
|>> I think I got it sorted out.
|>>
|>> I changed the line to: $key = ($key * 1103515245 + 12345) &
|>> 0x7fffffff
|>>
|>> I was going to keep working on it, but we are changing ips and are
|>> now in ip hell.
|>>
|>>
|>>
|>> From: Stefan Kaczmarek [mailto:stefan_at_thezonie.org]
|>> Sent: Thursday, June 07, 2007 9:04 PM
|>> To: Dylan Douglas
|>> Cc: Ivan Kwok; Ben Ebert; Ty Heath; Jay Mairs; Nainesh Solanki;
|>> Sergio Alvarez
|>> Subject: Re: Crypt
|>>
|>> Well, if you need to tweak it to make it work easier in php, let me
|>> know. It doesn't really matter what the algo is, as long as it's
|>> implementable in java and php.
|>>
|>> - Z
|>>
|>> On Jun 7, 2007, at 6:22 PM, Dylan Douglas wrote:
|>>
|>>> Z-
|>>>
|>>> Have I mentioned that php is dumber about ints than Java? Well,
|>>> I'm trying to get the:
|>>>
|>>> $key = $key * 1103515245 + 12345;
|>>> code to work. I start off okay, then I seem to zoom off to around
|>>> 10^130 as I become a float (and that is just doing your carpet
|>>> string). So, cast to stay an int, right? Now I loop past MAXINT
|>>> become negative and get stuck somehow at MININT value. I tried
|>>> ANDing it with 0xffffffff, but that didn't help. I have to figure
|>>> out how to tell it to limit stuff to 4 bytes and to allow it to
|>>> loop. Will keep you updated.
|>>>
|>>> -D
|>>>
|>>> From: Stefan Kaczmarek [mailto:stefan_at_thezonie.org]
|>>> Sent: Thursday, June 07, 2007 8:46 AM
|>>> To: Ivan Kwok; Ben Ebert; Ty Heath; Jay Mairs; Nainesh Solanki;
|>>> Sergio Alvarez; Dylan Douglas
|>>> Subject: Crypt
|>>>
|>>> D,
|>>>
|>>> Here are the code snippets that I use to encrypt / decrypt the
|>>> json string. When I send you the sources, it'll be "files=<hex
|>>> string>". And when I get the sources back, I am assuming it'll be
|>>> a <hex string> that comes back.
|>>>
|>>> To go to and from hex strings, this is what I do:
|>>>
|>>> // Encrypt the data and convert it ot a hex string
|>>> String data="I really enjoy carpeting.";
|>>> byte data_bytes[]=data.getBytes();
|>>> byte to_crypt[]=new byte[data_bytes.length+4];
|>>> System.arraycopy(data_bytes,0,to_crypt,4,data_bytes.length);
|>>> byte cipher[]=Crypt.Encrpyt(to_crypt);
|>>> String hex=Crypt.bytesToHex(cipher);
|>>> data=hex;
|>>>
|>>> // Decrypt the data
|>>> data_bytes=Crypt.hexToBytes(data);
|>>> byte plain[]=Crypt.Decrypt(data_bytes);
|>>> byte decrypt[]=new byte[plain.length-4];
|>>> System.arraycopy(plain,4,decrypt,0,decrypt.length);
|>>> data=new String(decrypt);
|>>>
|>>> I just take the string, convert it to a byte array, add 4 bytes at
|>>> the front for the key, and then encrypt the byte array. I then
|>>> convert the whole byte array into a hex string. Then, when
|>>> receiving a hex string, i convert it to a byte array, then decrypt
|>>> it, pull off the first 4 bytes, and covert the remaining bytes
|>>> back into a string.
|>>>
|>>> Try decrypting
|>>> 933d5162fadc8f46acc8e0fdd123205867743c03ce284794f989691a5a and you
|>>> should get the "I really enjoy carpeting."
|>>>
|>>> For funsies, here are the decrpyt and encrypt functions:
|>>>
|>>> // The input buffer needs to have 4 bytes at the front to allow
|>>> for the key to be placed there
|>>> public static byte[] Encrpyt(byte[] data)
|>>> {
|>>> // Create a byte buffer, which is the 4 byte key plus the data
|>>> byte[] ret=new byte[data.length];
|>>> System.arraycopy(data,0,ret,0,data.length);
|>>>
|>>> // Get a random int to encrypt with
|>>> int key=new Random().nextInt();
|>>>
|>>> // Copy the key and data to the out array
|>>> System.arraycopy(intToByteArray(key),0,ret,0,4);
|>>>
|>>> // Encrypt the data
|>>> DoCrypt(key,ret,4);
|>>>
|>>> return ret;
|>>> }
|>>>
|>>> // Will return the buffer with the key still at the first 4 bytes
|>>> public static byte[] Decrypt(byte[] data)
|>>> {
|>>> // Create a byte buffer
|>>> byte[] ret=new byte[data.length];
|>>> System.arraycopy(data,0,ret,0,data.length);
|>>>
|>>> // Get the key from the first 4 bytes
|>>> int key=byteArrayToInt(data,0);
|>>>
|>>> // Decrypt the data
|>>> DoCrypt(key,ret,4);
|>>>
|>>> return ret;
|>>> }
|>>>
|>>> private static void DoCrypt(int key,byte[] data,int offset)
|>>> {
|>>> byte b=0;
|>>> for(int i=offset;i<data.length;i++)
|>>> {
|>>> key = key * 1103515245 + 12345;
|>>> b=(byte)((key/65536) % 256);
|>>> data[i] ^= b;
|>>> }
|>>> }
|>>>
|>>>
|>>>
|>>
|>
|
|
Received on Fri Sep 14 2007 - 10:55:55 BST

This archive was generated by hypermail 2.2.0 : Sun Sep 16 2007 - 22:19:46 BST