/-----------------------------\ | Xine - issue #4 - Phile 109 | \-----------------------------/ Crypting datas in order to protect it is like an art, decrypting another. Crypting datas in order to avoid decryption had been headed for years, but I think each technique used is due to fail. Like CRC, for example, all ways used remember the password ( well, also encrypted ) so that it has already been - or it could be - hacked! But what about encryption that don't remember passwords? I'm thinking about ^ encryption. Imagine we make: for all bytes byte = byte ^ n next bytes file: a b c d e f g h i j crpt: n n n n n n n n n n rslt: k l o p q r s t u v with k = a ^ n, l = b ^ n, o = c ^ n, ... I remember for those who don't very know XOR that a ^ a = 0 => b ^ a ^ a = b }=> c ^ a = b c = b ^ a } This mean that if u XOR "x" with a number "a", you xor the number u obtain again with "a" and obtain then "x" back. So, if u wanna decrypt the file, you only have to crypt it again with the same password... What's the main default of that ^ encryption? That's, if we know a byte of that file, we can know "n", so let be imaginative, use several numbers! Look that example: file: a b c d e f g h i j crpt: m n m n m n m n m n rslt: k l o p q r s t u v with k = a ^ m, l = b ^ n, o = c ^ m, ... So, we have to know 2 bytes of that file ( 1 for m and 1 for n, 2 for n is useless ). That's better but... Let's try with 10 numbers, or more! but all will have to be remembered! Imagine we use a sentence as password: "I'm so sick!", so n1 = asc("I"), n2 = asc("'"), n3 = asc("m"), ... Ok, but if someone know the first 12 bytes of that file! So, there is the problem: periodicity! How to avoid periodicity? I think the only way is to make a password longer than the file. Cool, I'll use my english lessons like passwords ;-). I won't explain ya how, but I'll show you... imagine we have 2 periodicity, one of 2 bytes and one of 3 bytes... the "total" periodicity will be of 6 bytes... With this 2 passwords: mn (2) and opq (3) file: a b c d e f g h i j crpt: m n m n m n m n m n o p q o p q o p q o rslt: k l r s t u v w x y with k = a ^ m ^ o, l = b ^ n ^ p, o = c ^ m ^ q, ... After, 2 periodicity, one of 2 bytes and one of 4 bytes will give a "total" of 4 bytes! That don't multiply perios, you have to make the LCM ( lower common multiple ) of all passwords used... That's easy to imagine a password of 7, one of 13 ( and why limit to 2 pass? ), another of 11... that will give a perio of 1001 bytes ) So, let be imaginative, if e have a file longer that 1001 bytes: 1st - you could add a 5 bytes long password, so that total perio is now 5005. 2nd - imagine that a people have to know 1001 byte of youre file to decrypt it! Yeah, he have to know 1001 byte, I tryed to find a system, with 2 passwords , one of 2 and one of 3, if I only have the total, I won't be able to find the 2 original pass, so if I miss some ( if I know even 900 of 1001, I won't be able to find the 101 left ), I'm also not able to know the total perio, perhaps could I guess it, but... Ok, here are the sources in C, made for Watcom11: ------------------ void Crypt( char* Data, int DataSize, char** Pws, int NPws ) { char* DataPtr, **PwsPtr; int i, j; PwsPtr = new char*[ NPws ]; for( j=0; j