How can I improve my text encryption scheme to make it more secure?

  • Thread starter Jamin2112
  • Start date
In summary: It's important to be careful when creating encryption algorithms, as even small mistakes can lead to vulnerabilities. It may be best to use an existing library or algorithm that has been thoroughly tested and reviewed. Additionally, it may be helpful to do some research on existing encryption methods to see if there is a way to improve upon them.
  • #1
Jamin2112
986
12
I came up with a reversible text encryption scheme and I'm trying to figure out how to make it useful. How do you suggest I do that? Should I make an application that people download onto their machine and use to open emails? For starters, should I just make a (secret) website that has an input cell where a user can paste text and click "Encrypt" or "Decrypt"? That's what I'm doing at the moment.
 
Technology news on Phys.org
  • #2
There are lots of things wrong with that. A person who sends encrypted emails isn't going to want you to be able to read them. They're not going to want anyone who has intercepted a message to be able to read it.
 
  • #3
Fredrik said:
There are lots of things wrong with that. A person who sends encrypted emails isn't going to want you to be able to read them. They're not going to want anyone who has intercepted a message to be able to read it.

That's why the idea here is that only the 2 people in correspondence have access to the decrypting tool.
 
  • #4
Do some research into what already exists (e.g. PGP) and then invent a better mousetrap, if you can.
 
  • #5
Jamin2112 said:
That's why the idea here is that only the 2 people in correspondence have access to the decrypting tool.
It sounds like at least 3 people will have access to it. The third is the website administrator, i.e. you. Actually it sounds like everyone who will be using your encryption software will have access to it. Suppose that many people are using the system, and that A wants to send a message to B that only B can read, even if E intercepts it somehow. How does she do that? By your description, it sounds like E will have access to the decryption tool, even if she has so far only been using the system to send secret messages to F.
 
Last edited:
  • #6
Fredrik said:
It sounds like at least 3 people will have access to it. The third is the website administrator, i.e. you. Actually it sounds like everyone who will be using your encryption software will have access to it. Suppose that many people are using the system, and that A wants to send a message to B that only B can read, even if E intercepts it somehow. How does she do that? By your description, it sounds like E will have access to the decryption tool, even if she has so far only been using the system to send secret messages to F.

Anyways ...

Open this in your browser to try my encoder and decoder.

Code:
<html>

<head>
	<title>Simple encrypt/decrypt</title>
	
	<style type="text/css">

		body 
		{
			background-color: #A9F5F2;
			width: 900px;
			padding: 0px;
		}
		.outerdiv
		{
			margin: 5px;
			border: 2px solid #FF8000;
			background-color: #FFFFFF;
		}
		.outerdiv > p
		{
			margin: 5px;
			word-wrap:break-word
		}
		.outerdiv > h1
		{
			margin: 5px;
		}
		#col1
		{
			width: 500x;
			height: 800px;
			float: left;
		}
		#col2
		{
			width: 295px;
			height: 1500px;
			float: right;
			font-family: Courier New;
			overflow: hidden;
		}
		#title1div
		{
			font-family: Arial;
			width: 100%;
		}
		#insctdiv
		{
			font-family: Arial;
			width: 100%;
		}
		#iptdiv
		{
			height: 400px;
			width: 100%;
		}
		#buttonsdiv
		{
			text-align: center;
			width: 100%;
		}
		#inputText
		{
			width: 100%;
			height: 100%;
			resize: none;
		}
	
	</style>
	
		
	<script type="text/javascript">
		
		function encrypt()
		{
			var text = document.getElementById("inputText").value;
			newstring = "";
			/* Make newstring a string of the bit representations of 
			   the ASCII values of its thisCharacters in order.
			*/
			for (var i = 0, j = text.length; i < j; i++) 
			{ 
				bits = text.charCodeAt(i).toString(2);
				newstring += new Array(8-bits.length+1).join('0') + bits;
			}
			/* Compress newstring by taking each substring of 3, 4, ..., 9 
			   consecutive 1's or 0's and it by the number of such consecutive
			   thisCharacters followed by the thisCharacter. 
			   EXAMPLES:
					"10101000010111" --> "10101401031"
					"001100011111111111111" --> "0011319151"
			*/
			newstring = newstring.replace(/([01])\1{2,8}/g, function($0, $1) { return ($0.length + $1);});		
			document.getElementById("inputText").value = newstring;
		}
		
		function decrypt()
		{
			var text = document.getElementById("inputText").value;
			text.trim();
			text = text.replace(/([2-9])([01])/g, function (all, replacementCount, bit)
			{
				return Array(+replacementCount + 1).join(bit);
			}).split(/(.{8})/g).reduce(function (str, byte) 
			{
				return str + String.fromCharCode(parseInt(byte, 2));
			}, "");
			document.getElementById("inputText").value = text;
		}
		
		
		function changeMatrixText()
		{
			var newtext = "";
			for (var i = 0; i < 2530; i++)
				newtext += Math.floor((Math.random()*10)+1) % 2 ? "0" : "1";
			document.getElementById("matrixText").innerHTML = newtext;
		}
		
	</script>

</head>

<body>
	<div id="col1">
		<div class="outerdiv" id="title1div">
			<h1>Reversible text encryption algorithm</h1>
		</div>
		<div class="outerdiv" id="insctdiv">
			<p>Type in or paste text below, then click <b>Encrypt</b> or <b>Decrypt</b></p>
		</div>
		<div class="outerdiv" id="iptdiv">
			<textarea id="inputText" scrolling="yes"></textarea>
		</div>
		<div class="outerdiv" id="buttonsdiv">
			<button onclick="encrypt()"><b>Encrypt</b></button>
			<button onclick="decrypt()"><b>Decrypt</b></button>
		</div>
	</div>
	<div class="outerdiv" id="col2">
		<p id="matrixText"></p>
	</div>
	<script type="text/javascript">
		setInterval(changeMatrixText, 200);
	</script>
</body>

</html>
 
  • #7
Jamin2112 said:
I came up with a reversible text encryption scheme and I'm trying to figure out how to make it useful. How do you suggest I do that?

Don't roll your own crypto.

When sorcery like this starts flying around most people should realize they are in way over their head and use a standard library.

http://en.wikipedia.org/wiki/Timing_attack

In cryptography, a timing attack is a side channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. Every logical operation in a computer takes time to execute, and the time can differ based on the input; with precise measurements of the time for each operation, an attacker can work backwards to the input.

So you might think, OK I'll just add a random delay. But, if you can miss something as wacky as this, what else are you missing?
 
  • #8
Jamin2112 said:
Anyways ...

Open this in your browser to try my encoder and decoder.

Code:
<html>

<head>
	<title>Simple encrypt/decrypt</title>
	
	<style type="text/css">

		body 
		{
			background-color: #A9F5F2;
			width: 900px;
			padding: 0px;
		}
		.outerdiv
		{
			margin: 5px;
			border: 2px solid #FF8000;
			background-color: #FFFFFF;
		}
		.outerdiv > p
		{
			margin: 5px;
			word-wrap:break-word
		}
		.outerdiv > h1
		{
			margin: 5px;
		}
		#col1
		{
			width: 500x;
			height: 800px;
			float: left;
		}
		#col2
		{
			width: 295px;
			height: 1500px;
			float: right;
			font-family: Courier New;
			overflow: hidden;
		}
		#title1div
		{
			font-family: Arial;
			width: 100%;
		}
		#insctdiv
		{
			font-family: Arial;
			width: 100%;
		}
		#iptdiv
		{
			height: 400px;
			width: 100%;
		}
		#buttonsdiv
		{
			text-align: center;
			width: 100%;
		}
		#inputText
		{
			width: 100%;
			height: 100%;
			resize: none;
		}
	
	</style>
	
		
	<script type="text/javascript">
		
		function encrypt()
		{
			var text = document.getElementById("inputText").value;
			newstring = "";
			/* Make newstring a string of the bit representations of 
			   the ASCII values of its thisCharacters in order.
			*/
			for (var i = 0, j = text.length; i < j; i++) 
			{ 
				bits = text.charCodeAt(i).toString(2);
				newstring += new Array(8-bits.length+1).join('0') + bits;
			}
			/* Compress newstring by taking each substring of 3, 4, ..., 9 
			   consecutive 1's or 0's and it by the number of such consecutive
			   thisCharacters followed by the thisCharacter. 
			   EXAMPLES:
					"10101000010111" --> "10101401031"
					"001100011111111111111" --> "0011319151"
			*/
			newstring = newstring.replace(/([01])\1{2,8}/g, function($0, $1) { return ($0.length + $1);});		
			document.getElementById("inputText").value = newstring;
		}
		
		function decrypt()
		{
			var text = document.getElementById("inputText").value;
			text.trim();
			text = text.replace(/([2-9])([01])/g, function (all, replacementCount, bit)
			{
				return Array(+replacementCount + 1).join(bit);
			}).split(/(.{8})/g).reduce(function (str, byte) 
			{
				return str + String.fromCharCode(parseInt(byte, 2));
			}, "");
			document.getElementById("inputText").value = text;
		}
		
		
		function changeMatrixText()
		{
			var newtext = "";
			for (var i = 0; i < 2530; i++)
				newtext += Math.floor((Math.random()*10)+1) % 2 ? "0" : "1";
			document.getElementById("matrixText").innerHTML = newtext;
		}
		
	</script>

</head>

<body>
	<div id="col1">
		<div class="outerdiv" id="title1div">
			<h1>Reversible text encryption algorithm</h1>
		</div>
		<div class="outerdiv" id="insctdiv">
			<p>Type in or paste text below, then click <b>Encrypt</b> or <b>Decrypt</b></p>
		</div>
		<div class="outerdiv" id="iptdiv">
			<textarea id="inputText" scrolling="yes"></textarea>
		</div>
		<div class="outerdiv" id="buttonsdiv">
			<button onclick="encrypt()"><b>Encrypt</b></button>
			<button onclick="decrypt()"><b>Decrypt</b></button>
		</div>
	</div>
	<div class="outerdiv" id="col2">
		<p id="matrixText"></p>
	</div>
	<script type="text/javascript">
		setInterval(changeMatrixText, 200);
	</script>
</body>

</html>

That code is not an encryption scheme at all. It's just a compression scheme. It would be pretty easily decrypted.

You should learn about real encryption schemes as was suggested earlier.
 

FAQ: How can I improve my text encryption scheme to make it more secure?

What is an encrypted email?

An encrypted email is a message that has been coded in a way that makes it unreadable to anyone except for the intended recipient. This is done to protect the confidentiality of the information being sent.

How does encryption work in emails?

Encryption works by using an algorithm to scramble the contents of the email, making it unintelligible to anyone without the proper key to decode it. This ensures that only the intended recipient can access the information.

What is the purpose of sending encrypted emails?

The purpose of sending encrypted emails is to protect sensitive or confidential information from being accessed by unauthorized individuals. This can include personal information, financial data, or any other sensitive material that could be used for malicious purposes if it fell into the wrong hands.

What is end-to-end encryption in emails?

End-to-end encryption is a type of encryption that ensures only the sender and recipient of an email can access its contents. This means that even the email service provider cannot access the information, providing an extra layer of security.

Do all email providers offer encryption?

No, not all email providers offer encryption. It is important to research and choose a provider that offers strong encryption methods to ensure the security of your emails. Additionally, both the sender and recipient must have compatible encryption methods for it to work effectively.

Back
Top