Low overhead text encryption

[Mike Trader]

After discovering that all my text strings and embedded text files
are visible by examining my .exe with notepad! (horrifying)

I have need for a simple text encrytion algo that I can implement
to obfuscate the ascii characters. It does not need to be super
secure, just enough to turn ASCII into binary.

I suppose I could go through the text Byte by Byte and just convert
the Bytes into their binary couterpart with a union, but is there
a nice little encyption algo that might be faster/better?

------------------
Kind Regards
Mike

[This message has been edited by Mike Trader (edited July 12, 2006).]

[Paul Franks]

Mike,

Another, very simple, alternative is to package and encrypt your
executable (and DLLs and other files) into a single .exe with a
packager like Molebox Pro.

I have used it very successfully for a while. For $119, it's a
lot cheaper than the hours of development that would otherwise
be required to do something from scratch. You can set you own
encryption key, making your .exe very difficult to crack.



------------------

--pdf

[james klutho]

You might try using CHR$() as a simple encryption technique. Borje even wrote a TXTtoCHR program that does this.

MSGBOX CHR$(77,105,107,101) displays "Mike" and is confusing to look at with a hex editor.

------------------

[Michael Mattias]

> MSGBOX CHR$(77,105,107,101) displays "Mike" and is confusing to look at with a hex editor.

I would think if all the arguments are numeric literals that would be evaluated at compile time.

[Russ Srole]

You might want run you exe through upx. It will compress it down and that's bound to obfuscate some of your text.

------------------

[Michael Mattias]

Simple encryption?

XOR works real nice for that.
Something like..

Code:

FUNCTION CryptedString  (StrIn AS STRING, CryptKey AS STRING) AS STRING
   LOCAL StrPos AS LONG, KeyPos AS LONG, KeyLen AS LONG, StrOut AS STRING
   LOCAL CharIn AS BYTE, kCharIn AS BYTE, CharOut AS BYTE

   KeyLen = LEN(CryptKey)
   StrOut = STRING$ (LEN(StrIn), 0)  ' binary zeros as default
   FOR StrPos = 1 TO LEN (StrIn)
          KeyPos = (StrPos MOD(KeyLen -1)) + 1  ' add one to convert range (0:len-1)
                                                ' to range (1:LEN)
          CharIn                 = ASC(StrIn, StrPos)
          kCharIn                = ASC (CryptKey, KeyPos)
          CharOut                = CharIn XOR kCharIn
          MID$(StrOut, StrPos,1) = CHR$(CharOut)

   NEXT StrPos
   FUNCTION = StrOut
END FUNCTION

Call it once with the plain text string and a key, you get an encyrpted string out' call it with the encrypted string and the same key, get back the original.

[Mike Trader]

paul,

molebox pro will help you to:
- create one or multiple packages for an application.
- protect your media files, data files and dlls from unauthorized access.
- manage level packs, add-ons, updates, patches minimizing their file size (pro version only).
- compress and encrypt your application and all the files it requires.
- embed dlls into exe files (pro version only).
- secure application integrity and avoid dll conflict.
- make program cracking extremely difficult.

molebox supports applications created with intel c++,
microsoft visual c++, borland c++, borland delphi,
microsoft visual basic, blitz basic.
molebox pro utility requires windows 95 osr2/nt 4 or later,
windows 2000/xp is recommended. packed application will
work under windows 95/nt 4 or better systems.

i can do all that with my own pre-compile app and execryptor, the
only piece missing is the encryption of the embedded files like
text files.

the exe is compressed and protected with execryptor, but the text
is still visible.

michael,
i like that, but its char by char... both directions.
perhaps i could use a union and do it in 32 or 64 byte chunks...

also came across huffman
http://www.powerbasic.com/support/pb...ad.php?t=23400
anyone had experience with this?

james,
thx. found it.. the link is:
http://www.powerbasic.com/support/pb...ad.php?t=23152

essentially:

Code:

              if len(txt) then
                 txt2 = "chr$("
                 for i = 1 to len(txt)
                    txt2 = txt2 & format$(asc(txt, i)) & ", "
                 next i
                 txt2 = left$(txt2, len(txt2) - 2) & ")"
              end if

char by char again...

im thinking something like:

Code:

union encrypttexttype ' 
  varenc  as extended  ' 10 bytes
  stext   as string*10 ' 10 bytes
end union

that will do 10 bytes ata time... but i want need speed captain!

what variable type has 32 bytes to it?


[this message has been edited by mike trader (edited july 11, 2006).]

[Chris Holbrook]

There's some serious-looking string encryption in the source code forum somewhere, look under GOST, if a job's worth doing etc

------------------

[Paul Franks]

Quote:

Originally posted by Mike Trader:

- Compress and encrypt your application and all the files it requires.

Quote:

I can do all that with my own pre-compile app and EXEcryptor, the
only piece missing is the encryption of the embedded files like
text files.

Molebox Pro will include your text files in the encrypted .exe,
and your application can access them as though they were ordinary
files on the local disk drive, without any changes to your existing
code.


------------------

--pdf

[Mike Trader]

gost:
http://www.powerbasic.com/support/pb...ad.php?t=23531


pbtwofish, blowfish, des, skipjack, gost, tea, rc4, cryptoapi,
http://www.powerbasic.com/support/pb...ad.php?t=17891

probably too much for this job. just need something light and fast
to obfuscate the text. rememberits burried in the middle of an
exe so unless you knew where it started, you would have to go through
the entire exe trying decoding techniques.

perhaps this is what i need... (unicode)
http://www.awes.com/obfuscator/


[this message has been edited by mike trader (edited july 11, 2006).]

[Mike Trader]

From an idea on a VB forum GASP!!!

Pretty slick in PB of course....

Code:

#COMPILE EXE "BitCrypt.exe"
#DIM ALL 

'¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤'
FUNCTION BitEncrypt( sPtr AS DWORD, sLen AS LONG ) AS LONG
 
  LOCAL i AS LONG 
  LOCAL Bite() AS BYTE 
 
    REDIM Bite(1:sLen) AT sPtr ' one byte for each char

    FOR i = 1 TO sLen ' MSGBOX CHR$(Bite(i))
      BIT TOGGLE Bite(i), 7 ' Toggle MSB - zero based 
    NEXT

  FUNCTION = 1 ' String Encoded
        
END FUNCTION  
'¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤'
FUNCTION PBMAIN AS LONG 
                      
  LOCAL sTemp AS STRING

    sTemp = "C is not a programming language, it's punishment for evil deeds in a former life."         
                
    MSGBOX sTemp,64,"Starting String" 
    CALL BitEncrypt( STRPTR(sTemp), LEN(sTemp) )
    MSGBOX sTemp,64,"Encrypted" 
    CALL BitEncrypt( STRPTR(sTemp), LEN(sTemp) )
    MSGBOX sTemp,64,"Decrypted" 

END FUNCTION  

'¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤'

Coupled with Michaels Key ideas I think I got a winnner!

------------------
Kind Regards
Mike

[This message has been edited by Mike Trader (edited July 11, 2006).]

[Mike Trader]

When I use the above function on a larger text file in my pre-compile app,
I get a Windows error message:
"The instruction at 0x7C911e58 referenced memory at 0x00000001. Memory could not be read"

Sometimes it just crashes, but allways at the very last instruction.

This occurs at the VERY LAST instruction of my large app. The
END FUNCTION statement of PBMAIN.

If I put a MSGBOX just before it, the program halts at that point
and eveything is fine. When I dismiss the MSGBOX the next instruction
is the END FUNCTION which produces the above error window.

This ony happens when I use the code above to encrypt the text.
I have checked it and recheked it and I am not going out of
scope of the arrays.

Can anyone see what might be the problem?


------------------
Kind Regards
Mike



[This message has been edited by Mike Trader (edited July 12, 2006).]

[Michael Mattias]

>I like that, but its Char by Char... both directions.

It looks like you have found a solution but....

.. <U>all</U> encryption is done character by character.

[Michael Mattias]

>The instruction at 0x7C911e58 referenced memory at 0x00000001. Memory could not be read"
>Sometimes it just crashes, but allways at the very last instruction.
>This occurs at the VERY LAST instruction of my large app.

No, it does not occur on the very last instruction. The error may have occurred earlier but just doesn't show up until later

That the memory pointer is 0x000000001 sure looks like a fencepost ("off by one") error somewhere.... somewhere in the application code (not shown).



[This message has been edited by Michael Mattias (edited July 12, 2006).]

[Eddy Van Esch]

Quote:

Originally posted by Michael Mattias:
.. <U>all</U> encryption is done character by character.

Not all. Block ciphers (like AES, MARS, RC6, Serpent, Twofish,...) all process a block of bytes in one operation.
If your plaintext is not exactly one block long, you must add bytes to make its length a multiple of the block size. Then chop it up to encrypt the plaintext, one block at the time.

Stream ciphers in general, process one byte at the time.

Kind regards

------------------
Eddy
email: raimundo4u at yahoo dot com
www.devotechs.com -- HIME Huge Integer Math and Encryption library--

[This message has been edited by Eddy Van Esch (edited July 12, 2006).]