How can I improve my text encryption scheme to make it more secure?

  • Thread starter Thread starter Jamin2112
  • Start date Start date
AI Thread Summary
A user has developed a reversible text encryption scheme and is exploring ways to make it practical. Initial ideas include creating a downloadable application or a secret website for encryption and decryption. However, concerns arise regarding the security of such a system, particularly the risk of unauthorized access by third parties, including the website administrator. The discussion emphasizes that effective encryption should ensure that only the intended recipients can decrypt messages, without any intermediary access.Participants caution against creating custom cryptographic solutions, advocating for established standards like PGP. They highlight the importance of understanding potential vulnerabilities, such as timing attacks, and stress that the proposed method may not constitute true encryption, but rather a compression technique that could be easily decrypted. The conversation underscores the necessity of learning about robust encryption methods to develop a secure communication tool.
Jamin2112
Messages
973
Reaction score
12
I came up with a reversible text encryption scheme and I'm trying to figure out how to make it useful. How do you suggest I do that? Should I make an application that people download onto their machine and use to open emails? For starters, should I just make a (secret) website that has an input cell where a user can paste text and click "Encrypt" or "Decrypt"? That's what I'm doing at the moment.
 
Technology news on Phys.org
There are lots of things wrong with that. A person who sends encrypted emails isn't going to want you to be able to read them. They're not going to want anyone who has intercepted a message to be able to read it.
 
Fredrik said:
There are lots of things wrong with that. A person who sends encrypted emails isn't going to want you to be able to read them. They're not going to want anyone who has intercepted a message to be able to read it.

That's why the idea here is that only the 2 people in correspondence have access to the decrypting tool.
 
Do some research into what already exists (e.g. PGP) and then invent a better mousetrap, if you can.
 
Jamin2112 said:
That's why the idea here is that only the 2 people in correspondence have access to the decrypting tool.
It sounds like at least 3 people will have access to it. The third is the website administrator, i.e. you. Actually it sounds like everyone who will be using your encryption software will have access to it. Suppose that many people are using the system, and that A wants to send a message to B that only B can read, even if E intercepts it somehow. How does she do that? By your description, it sounds like E will have access to the decryption tool, even if she has so far only been using the system to send secret messages to F.
 
Last edited:
Fredrik said:
It sounds like at least 3 people will have access to it. The third is the website administrator, i.e. you. Actually it sounds like everyone who will be using your encryption software will have access to it. Suppose that many people are using the system, and that A wants to send a message to B that only B can read, even if E intercepts it somehow. How does she do that? By your description, it sounds like E will have access to the decryption tool, even if she has so far only been using the system to send secret messages to F.

Anyways ...

Open this in your browser to try my encoder and decoder.

Code: 
<html>

<head>
	<title>Simple encrypt/decrypt</title>
	
	<style type="text/css">

		body 
		{
			background-color: #A9F5F2;
			width: 900px;
			padding: 0px;
		}
		.outerdiv
		{
			margin: 5px;
			border: 2px solid #FF8000;
			background-color: #FFFFFF;
		}
		.outerdiv > p
		{
			margin: 5px;
			word-wrap:break-word
		}
		.outerdiv > h1
		{
			margin: 5px;
		}
		#col1
		{
			width: 500x;
			height: 800px;
			float: left;
		}
		#col2
		{
			width: 295px;
			height: 1500px;
			float: right;
			font-family: Courier New;
			overflow: hidden;
		}
		#title1div
		{
			font-family: Arial;
			width: 100%;
		}
		#insctdiv
		{
			font-family: Arial;
			width: 100%;
		}
		#iptdiv
		{
			height: 400px;
			width: 100%;
		}
		#buttonsdiv
		{
			text-align: center;
			width: 100%;
		}
		#inputText
		{
			width: 100%;
			height: 100%;
			resize: none;
		}
	
	</style>
	
		
	<script type="text/javascript">
		
		function encrypt()
		{
			var text = document.getElementById("inputText").value;
			newstring = "";
			/* Make newstring a string of the bit representations of 
			   the ASCII values of its thisCharacters in order.
			*/
			for (var i = 0, j = text.length; i < j; i++) 
			{ 
				bits = text.charCodeAt(i).toString(2);
				newstring += new Array(8-bits.length+1).join('0') + bits;
			}
			/* Compress newstring by taking each substring of 3, 4, ..., 9 
			   consecutive 1's or 0's and it by the number of such consecutive
			   thisCharacters followed by the thisCharacter. 
			   EXAMPLES:
					"10101000010111" --> "10101401031"
					"001100011111111111111" --> "0011319151"
			*/
			newstring = newstring.replace(/([01])\1{2,8}/g, function($0, $1) { return ($0.length + $1);});		
			document.getElementById("inputText").value = newstring;
		}
		
		function decrypt()
		{
			var text = document.getElementById("inputText").value;
			text.trim();
			text = text.replace(/([2-9])([01])/g, function (all, replacementCount, bit)
			{
				return Array(+replacementCount + 1).join(bit);
			}).split(/(.{8})/g).reduce(function (str, byte) 
			{
				return str + String.fromCharCode(parseInt(byte, 2));
			}, "");
			document.getElementById("inputText").value = text;
		}
		
		
		function changeMatrixText()
		{
			var newtext = "";
			for (var i = 0; i < 2530; i++)
				newtext += Math.floor((Math.random()*10)+1) % 2 ? "0" : "1";
			document.getElementById("matrixText").innerHTML = newtext;
		}
		
	</script>

</head>

<body>
	<div id="col1">
		<div class="outerdiv" id="title1div">
			<h1>Reversible text encryption algorithm</h1>
		</div>
		<div class="outerdiv" id="insctdiv">
			<p>Type in or paste text below, then click <b>Encrypt</b> or <b>Decrypt</b></p>
		</div>
		<div class="outerdiv" id="iptdiv">
			<textarea id="inputText" scrolling="yes"></textarea>
		</div>
		<div class="outerdiv" id="buttonsdiv">
			<button onclick="encrypt()"><b>Encrypt</b></button>
			<button onclick="decrypt()"><b>Decrypt</b></button>
		</div>
	</div>
	<div class="outerdiv" id="col2">
		<p id="matrixText"></p>
	</div>
	<script type="text/javascript">
		setInterval(changeMatrixText, 200);
	</script>
</body>

</html>
 
Jamin2112 said:
I came up with a reversible text encryption scheme and I'm trying to figure out how to make it useful. How do you suggest I do that?

Don't roll your own crypto.

When sorcery like this starts flying around most people should realize they are in way over their head and use a standard library.

http://en.wikipedia.org/wiki/Timing_attack

In cryptography, a timing attack is a side channel attack in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. Every logical operation in a computer takes time to execute, and the time can differ based on the input; with precise measurements of the time for each operation, an attacker can work backwards to the input.

So you might think, OK I'll just add a random delay. But, if you can miss something as wacky as this, what else are you missing?
 
Jamin2112 said:
Anyways ...

Open this in your browser to try my encoder and decoder.

Code: 
<html>

<head>
	<title>Simple encrypt/decrypt</title>
	
	<style type="text/css">

		body 
		{
			background-color: #A9F5F2;
			width: 900px;
			padding: 0px;
		}
		.outerdiv
		{
			margin: 5px;
			border: 2px solid #FF8000;
			background-color: #FFFFFF;
		}
		.outerdiv > p
		{
			margin: 5px;
			word-wrap:break-word
		}
		.outerdiv > h1
		{
			margin: 5px;
		}
		#col1
		{
			width: 500x;
			height: 800px;
			float: left;
		}
		#col2
		{
			width: 295px;
			height: 1500px;
			float: right;
			font-family: Courier New;
			overflow: hidden;
		}
		#title1div
		{
			font-family: Arial;
			width: 100%;
		}
		#insctdiv
		{
			font-family: Arial;
			width: 100%;
		}
		#iptdiv
		{
			height: 400px;
			width: 100%;
		}
		#buttonsdiv
		{
			text-align: center;
			width: 100%;
		}
		#inputText
		{
			width: 100%;
			height: 100%;
			resize: none;
		}
	
	</style>
	
		
	<script type="text/javascript">
		
		function encrypt()
		{
			var text = document.getElementById("inputText").value;
			newstring = "";
			/* Make newstring a string of the bit representations of 
			   the ASCII values of its thisCharacters in order.
			*/
			for (var i = 0, j = text.length; i < j; i++) 
			{ 
				bits = text.charCodeAt(i).toString(2);
				newstring += new Array(8-bits.length+1).join('0') + bits;
			}
			/* Compress newstring by taking each substring of 3, 4, ..., 9 
			   consecutive 1's or 0's and it by the number of such consecutive
			   thisCharacters followed by the thisCharacter. 
			   EXAMPLES:
					"10101000010111" --> "10101401031"
					"001100011111111111111" --> "0011319151"
			*/
			newstring = newstring.replace(/([01])\1{2,8}/g, function($0, $1) { return ($0.length + $1);});		
			document.getElementById("inputText").value = newstring;
		}
		
		function decrypt()
		{
			var text = document.getElementById("inputText").value;
			text.trim();
			text = text.replace(/([2-9])([01])/g, function (all, replacementCount, bit)
			{
				return Array(+replacementCount + 1).join(bit);
			}).split(/(.{8})/g).reduce(function (str, byte) 
			{
				return str + String.fromCharCode(parseInt(byte, 2));
			}, "");
			document.getElementById("inputText").value = text;
		}
		
		
		function changeMatrixText()
		{
			var newtext = "";
			for (var i = 0; i < 2530; i++)
				newtext += Math.floor((Math.random()*10)+1) % 2 ? "0" : "1";
			document.getElementById("matrixText").innerHTML = newtext;
		}
		
	</script>

</head>

<body>
	<div id="col1">
		<div class="outerdiv" id="title1div">
			<h1>Reversible text encryption algorithm</h1>
		</div>
		<div class="outerdiv" id="insctdiv">
			<p>Type in or paste text below, then click <b>Encrypt</b> or <b>Decrypt</b></p>
		</div>
		<div class="outerdiv" id="iptdiv">
			<textarea id="inputText" scrolling="yes"></textarea>
		</div>
		<div class="outerdiv" id="buttonsdiv">
			<button onclick="encrypt()"><b>Encrypt</b></button>
			<button onclick="decrypt()"><b>Decrypt</b></button>
		</div>
	</div>
	<div class="outerdiv" id="col2">
		<p id="matrixText"></p>
	</div>
	<script type="text/javascript">
		setInterval(changeMatrixText, 200);
	</script>
</body>

</html>

That code is not an encryption scheme at all. It's just a compression scheme. It would be pretty easily decrypted.

You should learn about real encryption schemes as was suggested earlier.
 

Similar threads

How Secure is a Text Encryption Program Created with Visual Basic?
Replies
1
Views
2K
Why do emails from my contact form bounce?
Replies
10
Views
3K
Help with PGP and RSA for secure FTP transmission
Replies
3
Views
2K
How do encrypted USB flash drives work and how can we make them more secure?
Replies
7
Views
2K
How can I receive security codes overseas without a traditional phone number?
Replies
2
Views
1K
Python Should I rewrite my modules in order to implement json/pickle?
Replies
5
Views
1K
My Website For Creating Interactive Visuals Linked To Equations
Replies
4
Views
3K
Python Can I ask some basic Python installation questions?
Replies
8
Views
2K
Java How can I efficiently replace common text message abbreviations in Java?
Replies
3
Views
6K
Encrypting & Decrypting Text Files with a Key
Replies
5
Views
2K

Hot Threads

Recent Insights

Back
Top