file encyrption/decryption help

[ragdog]

hi @all :bg

I have ask to file encryption/decryption.
I would like bind into my program a file encryption/decryption
which am there better sha-256 or md5?

or is there which better?

greets

ragdog

[ecube]

Those are hash algorithms actually, used for integrity checks, and others things, and you shouldn't be able to decrypt them :) As far as security goes sha256 is a powerhouse, I actually do have it implemented in MASM, have to ask the author permission to upload it. Also Md5 isn't thought to be as secure as it use to be http://slashdot.org/articles/04/08/17/0030243.shtml. For encryption though I recommend Rc4 or AES. Both are blazing fast, and highly secure. I've used Rc4 a lot for per byte encryption, rc6 is out aswell which was the AES canidate, but it uses 16 byte blocks which kind of annoys me. Heres a rc4 implementation written by "iCeBurg". I did get his permission to post it.

Code Select Expand


.data?
rc4keytable db 256 dup (?)

.code
Rc4_setkey proc Pass:DWORD, LenPass:DWORD
pushad

mov eax, 0FFFEFDFCh
mov ecx, 256/4
Init_rc4keytable:
mov dword ptr [rc4keytable+4*ecx-4], eax
sub eax, 04040404h
dec ecx
jnz Init_rc4keytable

xor eax, eax
mov edi, Pass

Key_return:
xor ebx, ebx
mov esi ,LenPass
jmp New_key

Key_loop:
inc bl
dec esi
jz Key_return

New_key:
mov dl, byte ptr [rc4keytable+ecx]
add al, byte ptr [edi+ebx]
add al, dl
mov dh, byte ptr [rc4keytable+eax]
mov byte ptr [rc4keytable+ecx], dh
mov byte ptr [rc4keytable+eax], dl
inc cl
jnz Key_loop

popad
ret
Rc4_setkey endp

Rc4_crypt proc iData:DWORD, LenData:DWORD
pushad
mov edi, LenData
mov esi, iData
test edi, edi
jz Rc4_enc_exit

xor eax, eax
xor edx, edx
xor ecx, ecx
        xor ebx, ebx

Rc4_enc_loop:
inc bl
mov dl, byte ptr [rc4keytable+ebx]
add al, dl
mov cl, byte ptr [rc4keytable+eax]
mov byte ptr [rc4keytable+ebx], cl
mov byte ptr [rc4keytable+eax], dl
add cl, dl
mov cl, byte ptr [rc4keytable+ecx]
xor byte ptr [esi], cl
inc esi
dec edi
jnz Rc4_enc_loop

xor eax, eax
mov edi, offset rc4keytable
mov ecx, 256/4
cld
rep stosd

Rc4_enc_exit:
popad
ret
Rc4_crypt endp

;example
comment !
       invoke lstrlen,addr password
       invoke Rc4_setkey,addr password,eax

        invoke lstrlen,addr data
invoke Rc4_crypt,Addr data,eax
!



Great thing about this is like I said its per byte encryption, and writes the encrypted data back into its source instead of an external buffer. So for text strings be sure to add /SECTION:.text,RWX to your linker section.

[ragdog]

thanks for the information :U

do I know also my file again decypt with this rc4 algo?

have you a aes-256 algo

[ecube]

Yes to decrypt run through again just like you encrypted with same key, I do have aes aswell but I have to get permission from the author.

[ragdog]

ok i make a test thanks :U

have you more crypto algos or can me send links

[ragdog]

to E^cube

help with this algo i can not decrypt my text with same password

:'(

ragdog

my source is posted

[attachment deleted by admin]

[ic2]

I found xTea in asm last night.  Have not have time yet to add code to it to see it run.  Should be easy to do so.  Hope it help.

Btw: what do you guys think about xTea.  I got an understanding that Tea is weak but xTea is very strong.  Is this a fact?  What do it take to crack it and how many days or years would it take?  What is the recommended key size to make it IMPOSSIBLE to crack?


[attachment deleted by admin]

[evlncrn8]

tea was / is? brutable, i remember safedisc used it on their protection (still do actually)
bruteforcing it can take a while but 128 bit key took at worst a few hours to break...
so xtea might suffer from the same weakness....

[ragdog]

thanks all :U

well someone can help me with a good encrypt and decrypt algo?

or can me post examples

greets in forward
ragdog

[PBrennick]

ragdog,
The attached project is a reasonably secure method using a progressive encryptor that employs a key that can be up to 256 bytes (2048 bits) wide. I use it whenever I need to transfer sensitive data over the Internet. Nothing is uncrackable, but this will keep most people out.

Paul


[attachment deleted by admin]

[hutch--]

Paul,

Nice demo and works well. I could be tempted to "borrow" this one if its OK with you. I need a pair of algos that will seriously mess up a body of text so nothing can be recognised with it to then pass it through a one pass pad and this looks fast, lean and powerful enough.

[PBrennick]

Hutch,
As always, you are welcome to anything I own. Enjoy.

Paul

[ecube]

ragdog put a

invoke lstrlen,addr pass
invoke Rc4_setkey ,addr pass, eax

before every Rc4_crypt call

[PBrennick]

Cube,
I have tested RC4 after making the change you recommended. It is not a very good encryptor and I would not recommend that anyone use it. I used 'This is a test' as input and only the first half was encrypted. 'a test' remains unencrypted. I am attaching the project I used for testing.

Paul


[attachment deleted by admin]

[ecube]

PBrennick i'm going to have to disagree, Rc4 is actually one of the most secure algs in the world, and it's extremely fast

Code Select Expand


invoke lstrlen,hInput
invoke lstrlen, addr szPassWord
invoke Rc4_setkey, addr szPassWord, eax
invoke Rc4_crypt,hInput,eax


do you see how you messed up here? Simple mistake but you're providing an improper data length for Rc4_crypt

Code Select Expand


invoke lstrlen, addr szPassWord
invoke Rc4_setkey, addr szPassWord, eax
invoke lstrlen,hInput
invoke Rc4_crypt,hInput,eax


Yeah that didn't fix it, well I don't have time to debug his code but heres 3 examples showing rc4 is a very good encryptor, I show 2 file en/decryption examples and a string example.

[attachment deleted by admin]