basic string encryption

  • Thread starter Thread starter j1mb0jay
  • Start date Start date
J

j1mb0jay

I have created some simple string encryption in C# to be able to store
passwords in a database without them being stored in plain text.

I have attached a encrypted passage from a book I like. Please let me
know if it is really simple to crack.

Regards j1mb0jay
 
j1mb0jay said:
I have created some simple string encryption in C# to be able to store
passwords in a database without them being stored in plain text.

I have attached a encrypted passage from a book I like. Please let me
know if it is really simple to crack.

Regards j1mb0jay
Click to expand...

Here is the encryption ......

OzJIxucXWDbrfLHAzp+ds4yEqzoCt3fe3A1ZFIdBHR2hil7FGrrNb1aVc/I7lj6fGK7ahlzpQFY4E8WEQ8YnbbEp5EHYu5vMtqIwSWvkiYXIDX2Yb8V/IEPUBztzrG1QGdR1Ifo8Dd2Vf7szRBKKipSlWGJwxswxRNVXKCIwiexC2EfbF8sZQLt4oNGvYMBKFJxvBZU1WG/0JnTIYZXXCUuMiQJ4U2NkMMCMApmWwiD8r9Rs7NA/lfm++uHG0NF4uJN7ZLOcSy6goX8Iv8LyIHjuQNeqfxR/flZlnp9z0UgBl3sPpvPcxuC2pyzHXa0Dd6UTCwUPy/G/ESLs7wgW8zgTxYRDxidtzVifz5QcxwMb+ZeFrFGXHMh6WJJicg7LA2fKf7ONC+aj/C2Na6Rzbl95IO08trS+RZZYyJSCLb3XWGqGyqZfAv8EWyLRHigdy3L6d72ZJXpeyzIY/OXZJZRjhr1aM+sk+iXXlRAx53oC40HJCjZhqblaNX5ZORl6Lb2c7lZwql8sq7LUpajUTsBtFPfJs0Ma+kAq6QQMSXMsWfDJwZkEEwGXew+m89zGAhRiKMXyNdcRqWMhNXYdK5WW8QXZj9a6YK1ff8x1U1/XJoh77ocFTo0/f/vR/r8iyA19mG/FfyBJb1/F5bwUYlyerpA2oZtlel+v9QBG5fe7tP0KdMhPCmN0858Nh5C9+kAq6QQMSXOMhKs6Ard33rmGYMeqo+oa07b8Ogtv+nbcyujWGN8DjRGHiJdqhnzn2pH3sEKwm2M4E8WEQ8YnbfZh4gMK3T6cczvVobcAaLt52DheOlXAoRhskC9Q4uHi2FvDSowZSbaQcOw9nsCqrnKJRlQYiW6NUVDsJ0GVR0zQjpKUUmYjVzx/gVbpMzXivpreAzBfxk3vgcVJwQSBKJWW8QXZj9a6PWYNuMbEi1YC40HJCjZhqVb3KoNMq+oocJ7CqYJbVU7vfF7MCH4voJWW8QXZj

9a6yHpYkmJyDsv4mE5+esy3JSPTb95lX5EYqzc+NXYz/UJEQuWHQetwu4yo6RxuOc6Tr790cDLmaPVS2NLgo7uOzdZD87F6fdCZAhRiKMXyNdcdJmi9oy8Fp5Hb+8u8uvV2l41VGTEXYEto4Jv6KN+F3ebLoFjEw3mA4LanLMddrQOD4m+SK0IWCObLoFjEw3mABFDOfWIedv/0GabpExgHbuV/UMqJ/BzLOBPFhEPGJ20WUEjSn9BZ/pSNXxpWRvST9CZ0yGGV1wn4mE5+esy3JWnZsaMhzHZO2m/Nj3/KBh4EUM59Yh52/zCaH4fY+mOYQ9QHO3OsbVC6MN+rUT4GTJOIPSe5i9qTv0VqUjeWgu8k/1SGGIwjJIn2POBt9oMXnrUkshcYcxnU/SgZpNFksTC1WTReO9pW+KQL8jBqxMVNg+V/sTEtJi29nO5WcKpfEMSvq1z6KWNM1i/kh6bK59zK6NYY3wONrCgrKo6dnjtQJYxEpx1pTF95IO08trS+A+aI2JCNi+HQjpKUUmYjV09PNbcnm2eUdsjRgX+3czwM1zt4c4JpOBYwyhPncgQGvqRiyTnDiRA1wYnnNFm4+jY2DNzw+XQCvW/AKr5ZF3q4xmqYYjjsJ8Ypx5zGor5on4V3jFlmnCN0582Ym+/PRuC2pyzHXa0D1X6dHnuLTcENBMFEPbVTzjY2DNzw+XQCgkQmq6Q8g5Nlx7coCsgge2TtZfWgl50o9Bmm6RMYB27XPh+zDVsSTNzK6NYY3wON5ruCO2GSj5TPHR7Gx73FEnKjwrLJjqCmOh3ME7qvvUFZrZbXDwBB++fNubRiCtsZLhpgN8HKB9CjLq5YniyHKmGBEDMm130VkuRmCMQwxHbwFBN8kHGnzHKjwrLJjqCmel+v9QBG5feZxQJJNzMVbN6ghFJt5GKTsF4jAqK6EyZlc2eX/p8V++54MaWhQ0uYR4j00x8gAnS5WjV+WTkZetF7CQ
r
yJA/fNIt+PX0XkDHUwaYHgCYMfpOktOZ+Cr/BhX9eivAsGKuVlvEF2Y/WunbkvyHa0sKsUCWMRKcdaUyPlGg2txfXifpAKukEDElzRDEHPOp8esdfeSDtPLa0vpAfkHxux4rz8eCFXh3G/tyMqOkcbjnOk8h6WJJicg7LS4yJAnhTY2SNSGU/vzMxsc5y13jbH3kNSrCilAD7biR2yNGBf7dzPIxkrkr1a6HAj5RoNrcX14n6QCrpBAxJc6J3LtJHtoXDhN1YzzYeCvKEMnvj82WkYlZRA5pvNemE5X9Qyon8HMtRUOwnQZVHTBDEr6tc+ilj0MGBVChhfhHnzbm0YgrbGZ0kypvljs5/ENnE3QkiyapNmUfHh49Q4CcCKmZvq6mhAdLqS7Fty2TceDM7filA/n2wM+I+yPM0GRYCBoGBHhdcnq6QNqGbZXpfr/UARuX3L0WhO1WLkOTbQauxutO3VwIgvNIdIeDdmFzSHEguQX26MN+rUT4GTK/yOHxrrqtQgooH8faD9VD6QCrpBAxJcxfLh/aqLrwb19G/wEC5QAxmZUV9HD1d5xjQfe2X4pYcGGyQL1Di4eK+mt4DMF/GTfikC/IwasTFXJ6ukDahm2U74QjhuwA0IgLjQckKNmGpu/4ZW/2frGfcyujWGN8Djea7gjthko+Ueu08D+me9ZnFXeW6CBqGOsnip9lOWXBhOm7kSWLb7GzEVPryPrqJTtzK6NYY3wON5hvkRgYRqtFeyzIY/OXZJV95IO08trS+yeKn2U5ZcGElsN8H/VZExjgTxYRDxidtKu1O0mdzoLkg4iYOUHnbblyerpA2oZtlO+EI4bsANCL784P4Wpl7hE4+o4vDCVRbOBPFhEPGJ202VwhTPA9oPpSb+uWvXAwhgMu/Z4KSLzgPV/eQPopuXvFIysSBNdpt5825tGIK2xnfqnXnvf1I5mxg7VeT7Ja1X3kg7Ty2tL6NKCByKGutu57I
P
diOsWF4XygFv6+GPb1wnsKpgltVTnelEwsFD8vxX3kg7Ty2tL5X8bXnEN6iCTT7W5Pug6tVczvVobcAaLs/rpEb1JdRg57IPdiOsWF4fJEvIH1AQIj0JnTIYZXXCdhiu0UeVFClRL2KCFAyRxFfeSDtPLa0vrBeIwKiuhMmeamhEg41LKn6QCrpBAxJc1wZi8HOCuBEVkuiItgDkqAin/ky2OADfbE8pa46P2hzveEznRzKDmdC2EfbF8sZQF3vauzFBWQLMMCMApmWwiA9g1Xd6QNutnoV0KGl0V2vjs/nD8hy0er0JnTIYZXXCYWaIAh5i0AjX3kg7Ty2tL6QH5B8bseK8wLjQckKNmGpuIyNmo4+mxM2Ngzc8Pl0AroBGf07C1ikqKq564lD/FWNSGU/vzMxsawJQ7J2f1KaVkuiItgDkqDcNLbnTQprJ6+/dHAy5mj1lDVBzEpxwns4E8WEQ8YnbZhdiKRTsJhJjUhlP78zMbHzTK8u7pEqyb8cElBZC5eSzazdd7q7aof0JnTIYZXXCZhdiKRTsJhJX3kg7Ty2tL49FzBVZmiBtfjUiN7DOTu+jUhlP78zMbGsCUOydn9SmkRC5YdB63C7jT9/+9H+vyKLdXTnwKjvGATWhR24FKWlFh0ekc72jpiYpeBlvo5S/RhskC9Q4uHi+kAq6QQMSXPrwCyeCcPKtlsmBdFrqSur2FvDSowZSbaQcOw9nsCqrs8dHsbHvcUSczvVobcAaLsyG2B81ObxSPjUiN7DOTu+gMu/Z4KSLziTpLTmfgq/wfiYTn56zLcltkgjuMrInJwwtVk0XjvaVkuG/AYwOA+pjKjpHG45zpMAr8NSX8pZ1KkuCATaw4oQ5d1w402OY0v8tb0SFR2izR0zQSvSA2LDXCrIA73IyAjeoIRSbeRikycCKmZvq6mh/gVB4UNrak5qHFrlwstx8TIbYHzU5vFIUiAEw74/hlZC2EfbF8sZQM
B
PIvb3SFrDSsxBWA154b8CQHxuQ9EU9AzXO3hzgmk4PnKshPgergN52DheOlXAocBtFPfJs0MaiaDmKY2TuBOmXV0ROsa9dvHghV4dxv7caoPyCXkPygVCimnVGSy1SWXHtygKyCB7WfOuWMME5MFDzpaqGCKvNtDr3M+Vp9v7J/9CMBi8HC7nzbm0YgrbGdhiu0UeVFCltkgjuMrInJw9g1Xd6QNutvikC/IwasTF6+28YJFO+XUQ2cX8rZNIfN9Pd/HB5hbRZO1l9aCXnSgTSul8Xxu6RzCsBwip1xlA5825tGIK2xlMW0f2Q0Yc7Bv5l4WsUZccyHpYkmJyDsu2oUIWODavfubLoFjEw3mAl41VGTEXYEvVfp0ee4tNwbZII7jKyJyc/K/UbOzQP5X5vvrhxtDReLiTe2SznEsun9A31VTQeQ/IeliSYnIOy0F+LHV0djGgWtjvyEdwz1XRsthZUV01xWaZ3YCI2a1dxinHnMaivmjrwCyeCcPKttdYaobKpl8C0XsJCvIkD99e55jMND/927ow36tRPgZM1lN1we/o2WcpNU+YjmU8uYyo6RxuOc6TkjgYLYzYcM2eyD3YjrFheMZOiyemf8I1Oh3ME7qvvUETtVduPXJCZ41IZT+/MzGxkuRmCMQwxHbywDeqfnzgZQGXew+m89zGeO5A16p/FH+u+B264FDV13M71aG3AGi74QZYVjiDL+FkZf5jX/4DXQCOy+yhxZoZI9Nv3mVfkRgs57aInRf4ILKxpVwLfBqXu1opCu9XQDXcyujWGN8DjUPGTNxHl1K3OrjkTPQDBtQ4E8WEQ8YnbfbJdiSy+bPwmy060I7TI+bIeliSYnIOywiFPqDGE1C6I75tBqJ4ku7ueDGloUNLmEeI9NMfIAJ00a/9Q0D7rexC2EfbF8sZQNM28OHxbJRXu8Q9UE8zJ3HNlFtfOvcEWYNeWixTSx7OZce3KArIIHs4E8WEQ8Yn
b
TZqc1g9ij1CvRBdUTKCNF4CFGIoxfI110eI9NMfIAJ0WyYF0WupK6vYW8NKjBlJtpBw7D2ewKquzx0exse9xRKra2nyMMUesmGrQbPhmbiZveEznRzKDmc4E8WEQ8YnbQNnyn+zjQvmaW1Qgugkyr+JoOYpjZO4E6XXs7wKcVa5vxwSUFkLl5LNrN13urtqh6GKXsUaus1vncxa4vlXqxmGpWUnWA/MLpgpK7TcPdm9r/I4fGuuq1Bkj+7r0WYQsmlkLAVofbLu4LanLMddrQOidy7SR7aFw09PNbcnm2eUxV3luggahjrSWfntw80fhmaZ3YCI2a1dAhRiKMXyNdcgzxw0/Mo3THM71aG3AGi7RZCnEXV3ZlpqQXkhQqQajmGBEDMm130VJfg9FBWubQH5PF+Vj27xKbiTe2SznEsul41VGTEXYEtd72rsxQVkC2N0858Nh5C9CgD/JnsNOk0TSul8Xxu6RwR91wFwjwSB2FvDSowZSbaQcOw9nsCqrs8dHsbHvcUSahxa5cLLcfE9LgUs2+lyBLsFiTRJXptUifY84G32gxf0GabpExgHbgDGg/vkgowZ5825tGIK2xnrwCyeCcPKtqkuCATaw4oQNjYM3PD5dAIk4ByuiY2KHzZj59HSso/v3qCEUm3kYpP61uK09B0+fxhDTiG1mbs/iaDmKY2TuBN9sDPiPsjzNLiTe2SznEsuAhRiKMXyNddU0Aa2Vp6iuxv5l4WsUZccmD2uqeqcv2/lDs/wnCOeUaP8O63L0/u8Gw58tyc48IiKKZNUfIjoXJRjhr1aM+skmKXgZb6OUv24k3tks5xLLjY2DNzw+XQCfywD1VZmO4CoqrnriUP8VRBGzc4Hvj9d+kAq6QQMSXPxQLePN4cChI1IZT+/MzGxYatBs+GZuJnPHR7Gx73FEhW/XXmqe1T89CZ0yGGV1wllwWNkt7Jm7gpvR0GuglTYjKjpHG45zpPUInI8hl
N
41pTqeW9wFmOELOQZ8cwnKKqTpLTmfgq/wYV/XorwLBirvRBdUTKCNF52yNGBf7dzPJALp5Zcqcp3QijIIRY+QLDgtqcsx12tA4CVjfOSIa/mhbKcj8cHqtDgtqcsx12tA9ObEdPaKxQEtqIwSWvkiYVBvA5EnAG7EJSNXxpWRvSTNjYM3PD5dAK9b8AqvlkXemNmSUTROKET39Pp7BQMsPJ+JdnUQnHdcQfmblsaYv+t1kPzsXp90JmSSrLIWDChFstXaAiYfBqjcqPCssmOoKZAyX6iVgvhett0mZC6ohkjxV3luggahjr0GabpExgHboiWYT0eiCRRHoYWm7lsNqLAaxbWsHQVNGVzZ5f+nxX7eO5A16p/FH+H9OwZ63kyJL8RIuzvCBbzdsjRgX+3czyHYcCjMyQgI41IZT+/MzGxLGBXWhyXbME1wYnnNFm4+izkGfHMJyiqk6S05n4Kv8E21QAtqjfk5c/Lvb4t32ANkuRmCMQwxHaFf16K8CwYqyCSIu/ypU2vAhRiKMXyNdeJKzTwVsIah3KjwrLJjqCmkuRmCMQwxHafhXeMWWacI96ghFJt5GKTTGvbqs+e3ZpSp1aBheu0Wu+BxUnBBIEoaWQsBWh9su44E8WEQ8YnbfiYTn56zLcl1kPzsXp90JmJoOYpjZO4E40oIHIoa627uwWJNElem1Q4E8WEQ8YnbQzXO3hzgmk4cqPCssmOoKbIeliSYnIOy4V/XorwLBirMMCMApmWwiACQHxuQ9EU9I9ulOCYEoKe1MGmB4AmDH5FlljIlIItvfEmELwHU0Uyzd57nw3Zp8cUgtzLa7iMRq0xoTAnwEGodsjRgX+3czz4pAvyMGrExVygbtreSpJfOBPFhEPGJ21ybP0t1CG5OJhVzRWZVfRLYYEQMybXfRV52DheOlXAoc8dHsbHvcUSX3kg7Ty2tL4nAipmb6upofiYTn56zLclI9Nv3mVfkRirNz41
d
jP9QsYXl8l8Ygi8Fh0ekc72jpgyG2B81ObxSJ7IPdiOsWF4YYEQMybXfRW6ARn9OwtYpCirLnWwd21doKF/CL/C8iD0JnTIYZXXCRfUIX+MY9S5js/nD8hy0eo4E8WEQ8YnbevALJ4Jw8q2y2ly5K3h5Bk4E8WEQ8YnbbEp5EHYu5vMGcCntxHKDfwnAipmb6upoZhdiKRTsJhJPnKshPgergOS5GYIxDDEdtBJj7iv8LsvaoPyCXkPygVaCwdkCu8Dllb3KoNMq+ooLScNeQgXcA+sKCsqjp2eOzT7W5Pug6tVlZbxBdmP1rqvv3RwMuZo9Zhc0hxILkF91h/g+IrBUB0dM0Er0gNiw8eVPGe7xgC6oKF/CL/C8iD6QCrpBAxJc4yEqzoCt3fej5RoNrcX14nRewkK8iQP364ukC6DQzZIY3Tznw2HkL3GKcecxqK+aHH5phsUqoEp1MGmB4AmDH5C3xxPP+XwN88dHsbHvcUSlZbxBdmP1rqvv3RwMuZo9XD3II3pOHBQiaDmKY2TuBPAg+LtRU5NvuINSVBOtUru3Mro1hjfA43J4qfZTllwYTpu5Eli2+xsjUhlP78zMbG7FVZc2kYVQP66QdlIurK7NjYM3PD5dAIs4jpZidV+e1XhiEXO02xm9CZ0yGGV1wkQ2c9KS+0137ow36tRPgZMkuRmCMQwxHbgUILEP+RjRJRjhr1aM+skENnF/K2TSHyjkAo3kyXFjNhbw0qMGUm23oFQ7g8ZG8jjxtO7WOK/E41IZT+/MzGxXbrfLlxBkuHx4IVeHcb+3F95IO08trS+++zGaZvZyzI=
 
Marc said:
Here's another idea... don't store passwords... hash them (with salt)
and store the hash. To verify, re-hash (with salt) and compare hashes.
For example, HMACSHA[n]

If you genuinely need encryption, consider things like
RijndaelManaged; don't roll your own unless you genuinely understand
cryptography.

http://msdn2.microsoft.com/en-us/library/system.security.cryptography.aspx

Marc
Click to expand...

I created this using MD5 and Tripel DES with a few of my own touchs on
top of them. I didnt want to just store password with encryption. I
gussing you manged to convert the passage back to plain text?

Regards j1mb0jay
 
Peter said:
j1mb0jay,
Is it realistic to expect readers to take and attempt to "crack" your custom
encrypted text? What's the goal here? There are plenty of well-tested, best
practices encryption protocols already built into the Framework, no need to
reinvent the wheel and then look for accolades about it.
-- Peter
// Abandon all hope, ye who enter here.
http://www.eggheadcafe.com
unBlog: http://petesbloggerama.blogspot.com
BlogMetaFinder: http://www.blogmetafinder.com
Click to expand...

My point was to see if my coursework would last outside of the protected
walls of academia. I haven't really re-invented the wheel just added a
few my own touches to existing technologies such as triple DES and MD5,
which are built into the framework like you stated.

Breaking encryption is also a big part of the course that I am taking at
the moment.

Sorry if my post wasn't to taste.

Regards j1mb0jay
 
I gussing you manged to convert the passage back to plain text?
Nope; I didn't try... in general, this group tries to give overall
best-practice guidance; for the average programmer (i.e. writing
business code), attempting your own crypto code is a very bad idea,
and is likely to be insecure. Likewise storing passwords purely for
user-authentication purposes is usually a mistake. This was the best-
practice knowledge that I was trying to impart.
I created this using MD5 and Tripel DES
Click to expand...
Again, in best-practice terms, AES and SHA [2 or higher] variants
would be adviseable, since both MD5 and Triple DES have weak-spots;
but if the exercise is to further your knowledge of enryption (rather
than to protect your employer's money), then fine.

You didn't specify that you intent was academic; ok - if you want to
roll encryption, and you know what you are doing - great! However, if
you want meaningful assessment of your efforts, then you'd do a lot
better on a security / encryption forum - where people have the
expertise and tools to tear your cipher to shreds (or not, depending
on how good it is ;-p). The real test is: if you post the code
(excluding any private keys), does it remain secure? [that is
rhetorical; please don't post it - just ask the question of your
code]. If not, it isn't secure.

Marc
 
j1mb0jay said:
I created this using MD5 and Tripel DES with a few of my own touchs on
top of them. I didnt want to just store password with encryption.
Click to expand...

I think you should study some cryptography.

One of the basic rules for cryptography is that the security
should rely purely on the keys and not on the secrecy of the
algorithm used.

MD5 is for hashing. 3DES is for encryption. Use of both sound
let us call it "exotic".

Arne
 
Back
Top