Page 1 of 1
Encrypting and decrypting files from internet
Posted: Thu Jul 12, 2007 4:19 pm
by Joakim Christiansen
Well, let's say I want to encrypt the channel list for my Internet TV program so other people can't access it, how should I do this? (and do you recommend it)
I need something in PHP that can encrypt the strings and then I need something in PB that decrypts them. But PB lacks this kind of stuff, so I'm asking here if anybody knows about some stuff I could use? Hopefully a method that doesn't "hog" my server each time someone download the list. Each line will be encrypted, but not the whole file.
Posted: Thu Jul 12, 2007 5:10 pm
by ..::Origin::..
[5 cents]
In my opinnion, RC4.
MD5 where you can.
[/5 cents]
Posted: Thu Jul 12, 2007 8:43 pm
by Num3
Maybe a simple Xor with password for salting it...
Password is only on the PHP script and inside the executable...
Not very sofisticated but it will work simple and quick!
Re: Encrypting and decrypting files from internet
Posted: Thu Jul 12, 2007 10:34 pm
by codemaniac
Joakim Christiansen wrote:Well, let's say I want to encrypt the channel list for my Internet TV program so other people can't access it, how should I do this? (and do you recommend it)
I need something in PHP that can encrypt the strings and then I need something in PB that decrypts them. But PB lacks this kind of stuff, so I'm asking here if anybody knows about some stuff I could use? Hopefully a method that doesn't "hog" my server each time someone download the list. Each line will be encrypted, but not the whole file.
My friend had made a similar program, but which had the data in a password-protected archive. And when the user opens his program, the program silently unpacks the archive to memory and reads the data into his application.
Or how about simply make an SQL database where you put your channels and then read the SQL db through your program? Flype had made a great MySQL lib for PB:
http://www.purebasic.fr/english/viewtopic.php?t=21862
Re: Encrypting and decrypting files from internet
Posted: Thu Jul 12, 2007 11:21 pm
by Joakim Christiansen
It's in a MySQL database on my internet server, would it be safe reading directly from it with my program? Wouldn't it be possible for a geek to get the server user name and password then? If that was what you meant...
Posted: Thu Jul 12, 2007 11:35 pm
by Joakim Christiansen
Num3 wrote:Maybe a simple Xor with password for salting it...
Password is only on the PHP script and inside the executable...
Not very sofisticated but it will work simple and quick!
I think that could work, but the thing is... I'm not good at a simple "Xor with password for salting". I hope there is some stuff I could find and not inventing stuff myself.
And the one who mentioned RC4, anyone know how to use it with PB?
Posted: Fri Jul 13, 2007 2:55 am
by JCV
Joakim Christiansen wrote:Wouldn't it be possible for a geek to get the server user name and password then? If that was what you meant...
username & password are inside the exe right? It is easy to get even if you encrypt the username since its easy to find the mysql connect function.
The easy/better way:
Just upload an encrypted package in your server and your program will download and decrypt it on runtime.
hmm or if you want to use your mysql
Create a user account in mysql and set all to read-only privilege & all data must be encrypted. Even if users got the user & pass, they can only read and cannot modify the encrypted data. But you need to set your host to accept sql connection on all ip which isn't good. I prefer the first one.
Posted: Fri Jul 13, 2007 8:28 am
by gnozal
Joakim Christiansen wrote:And the one who mentioned RC4, anyone know how to use it with PB?
PB code : many examples on the forums, like
http://www.purebasic.fr/german/viewtopic.php?p=131357
PB LIB :
http://www.reelmedia.org/cgi-bin/PurePr ... s&sub=ASM4
Posted: Fri Jul 13, 2007 9:15 am
by Kukulkan
Hi Joakim,
I suggest you to use AES algorithm. You can use the diCryptoSys API library (
http://www.cryptosys.net/) inside your client application to decrypt. On PHP side, I would create a senderlist.php file which reacts on URL encoded questions:
http://yourdomain/senderlist.php?action ... arameter=2...
The result may be encrypted using PHP aes_encrypt() function (part of PHP MCRYPT extension).
So far, you may use HTTPS connections, too.
Kukulkan
Speaking of mcrypt
Posted: Thu Oct 11, 2007 5:30 am
by kake26
Here is a little gem I wrote that allows me to use Mcrypt in Lunux. I'm posting it here in hopes it helps. Its not perfect, but the example should be able to be moded to use the cipher and mode of choice.
Code: Select all
OpenLibrary(255,"/usr/local/lib/libmcrypt.so")
; This code was translated from mcrypt.h
; Completed 10:01 PM 3/17/05, test shows it works
; functions
*mc_open = IsFunction(255, "mcrypt_module_open")
*mc_close = IsFunction(255, "mcrypt_module_close")
*mc_init = IsFunction(255, "mcrypt_generic_init")
*mc_deinit = IsFunction(255, "mcrypt_generic_deinit")
*mcg_end = IsFunction(255, "mcrypt_generic_end")
*mc_decrypt = IsFunction(255, "mdecrypt_generic")
*mc_generic = IsFunction(255, "mcrypt_generic")
*mc_perror = IsFunction(255, "mcrypt_perror")
*mc_ivsize = IsFunction(255, "mcrypt_enc_get_iv_size")
*mc_ksize = IsFunction(255, "mcrypt_enc_get_key_size")
Structure MCRYPT
*algorithm.s
*a_directory.s
*mode.s
*m_directory.s
EndStructure
Dim td.MCRYPT(4)
; algorythems and mode defs
; Algorithms
#MCRYPT_BLOWFISH = "blowfish"
#MCRYPT_DES = "des"
#MCRYPT_3DES = "tripledes"
#MCRYPT_3WAY = "threeway"
#MCRYPT_GOST = "gost"
#MCRYPT_SAFER_SK64 = "safer-sk64"
#MCRYPT_SAFER_SK128 = "safer-sk128"
#MCRYPT_CAST_128 = "cast-128"
#MCRYPT_XTEA = "xtea"
#MCRYPT_RC2 = "rc2"
#MCRYPT_TWOFISH = "twofish"
#MCRYPT_CAST_256 = "cast-256"
#MCRYPT_SAFERPLUS = "saferplus"
#MCRYPT_LOKI97 = "loki97"
#MCRYPT_SERPENT = "serpent"
#MCRYPT_RIJNDAEL_128 = "rijndael-128"
#MCRYPT_RIJNDAEL_192 = "rijndael-192"
#MCRYPT_RIJNDAEL_256 = "rijndael-256"
#MCRYPT_ENIGMA = "enigma"
#MCRYPT_ARCFOUR = "arcfour"
#MCRYPT_WAKE = "wake"
; Modes
#MCRYPT_CBC = "cbc"
#MCRYPT_ECB = "ecb"
#MCRYPT_CFB = "cfb"
#MCRYPT_OFB = "ofb"
#MCRYPT_nOFB = "nofb"
#MCRYPT_STREAM = "stream"
; Test code
; Encrypt first, note dat should be the same as it started in the end
td = CallFunctionFast(*mc_open,#MCRYPT_BLOWFISH,@"",#MCRYPT_CBC,@"")
ivs.l = CallFunctionFast(*mc_ivsize,td)
PrintN(Str(ivs))
ks.l = CallFunctionFast(*mc_ksize,td)
PrintN(Str(ks))
*Buffer = AllocateMemory(6)
PokeS(*Buffer, "kha123")
key.s = MD5Fingerprint(*Buffer,6)
PrintN(key)
result = CallFunctionFast(*mc_init,td,@key,32,@"12345678")
PrintN(Str(result))
CallFunctionFast(*mc_perror,result)
dat.s = "Hi there world!Hi there world!Hi there world!Hi there world!"
PrintN(dat)
result = CallFunctionFast(*mc_generic,td,@dat,60)
PrintN(dat)
CallFunctionFast(*mc_deinit,td)
CallFunctionFast(*mc_close,td)
FreeMemory(*Buffer)
; Decrypt
td = CallFunctionFast(*mc_open,#MCRYPT_BLOWFISH,@"",#MCRYPT_CBC,@"")
CallFunctionFast(*mc_perror,result)
ivs.l = CallFunctionFast(*mc_ivsize,td)
PrintN(Str(ivs))
ks.l = CallFunctionFast(*mc_ksize,td)
PrintN(Str(ks))
*Buffer = AllocateMemory(6)
PokeS(*Buffer, "kha123")
key.s = MD5Fingerprint(*Buffer,6)
PrintN(key)
result = CallFunctionFast(*mc_init,td,@key,32,@"12345678")
PrintN(Str(result))
CallFunctionFast(*mc_perror,result)
CallFunctionFast(*mc_decrypt,td,@dat,Len(dat))
PrintN(dat)
CallFunctionFast(*mc_deinit,td)
CallFunctionFast(*mc_close,td)
FreeMemory(*Buffer)
Posted: Thu Oct 11, 2007 5:55 am
by pdwyer
I guess if you're bothering with encryption then authentication is an issue. Will users have a pwd to send to you that you can check in some sort of challenge/response way or will it be some kind of negotiation handshake?
Generally decrypting needs some key, a mistake to avoid is to have the key hardcoded and hidden in the client app because once it's know you have to change all the clients to fix it.
If clients have a pwd then it can be used to encrypt in the server side but if not then you need some sort of negotiation.
For encyption, I guess that conventional SSL is out? not sure if PB has any libs but I think there are APIs to do this. Then the PHP side needs not code and the web server can handle that part you just need to get the client working.
Other than that, just make sure the algorithm you choose streams well
XOR can be fine you just need a very large key and try not to repeat it, encryption grade random number generators are good for this, the key is the seed and then XOR to a random stream. As close to the unbreakable OTP as you can get (depending on the random numbers) and very fast.
There was a Euler project question on cracking XOR with a three letter pwd with brute force. XOR can be good but it's only as good as the key.
OTP info is here
http://en.wikipedia.org/wiki/One-time_pad and is the only thing that provides "Perfect Encryption" known to mankind as far as I'm aware! (but won't be perfect if you use a number generator)
Posted: Thu Oct 11, 2007 1:21 pm
by KingNips
Use AES. It's not that hard to roll your own AES algorithm.
I've got some source code around here somewhere... (in C# tho)...
AES is fast because it is a symmetric block cipher. You can use a asymmetric algorithm to encipher the symmetric key to set up a session... something like RSA or some other public key algorithm.
King Nips
________
Only Aussie in Marrickville
Posted: Thu Oct 11, 2007 1:41 pm
by pdwyer
KingNips in Marrickville?
hmmmmm
