5

I was asked to encrypt a password by creating a new procedure and what I was thinking was to work with bits to change each character of my input key with apparently unrelated characters, and so I wrote this function:

(I'm working with PHP code):

function CBS($digits, $n_times) {
    $mask = 0x7FFFFFFF;
    $digits = intval($digits);
    if($n_times > 0) {
        $digits = ($digits<<$n_times%32) & (($digits>>(32-$n_times%32)) & ($mask>>(31-$n_times%32)));
    }elseif($n_times < 0) {
        $n_times = abs($n_times);
        $digits = (($digits>>$n_times%32) & ($mask >> (-1+$n_times%32))) | ($digits<<(32-$n_times%32));
    }
    return decbin($digits);
}

Of course after I encrypted my password I should be able to decrypt it.

Is there any way to do that?

You don't need to write me the code to do it, it would be great if you could explain it to me with words, too.

TylerH
  • 20,799
  • 66
  • 75
  • 101
Baffo rasta
  • 320
  • 1
  • 4
  • 17
  • I would have hashed too but my teacher asked me right to encrypt, so I guess I'll have to do it... – Baffo rasta Oct 22 '15 at 18:40
  • It's probably part of the spec for your certification, so I can hardly blame you for that, though the examining board for whatever certification you're doing really shouldn't be teaching this in the scope of passwords. – AStopher Oct 22 '15 at 18:48
  • Well, the one of us who will create the safest algorithm will get the best mark, so I'm trying to do my best! – Baffo rasta Oct 22 '15 at 18:57
  • The safest would be to hash, but it sounds like you don't have that option. – AStopher Oct 22 '15 at 19:02
  • The problem is that once I have my encrypted password, I should be able to decrypt it too... – Baffo rasta Oct 22 '15 at 19:05
  • 1
    Your use of the AND operator is not readily reversible. XOR is such a key building block to crypto precisely because X XOR (Y XOR X) = Y. So it is reversible. You could use a variant of your non-reversible construction by implementing it in a Feistel structure. You should google that as it will help you a lot in creating a stronger algorithm. Still not to be used for serious applications, but a Feistel structure with a good PRF should make a decent classroom crypto algorithm. – WDS Oct 22 '15 at 19:16
  • Allright, now I'll try too google it, thank you! – Baffo rasta Oct 22 '15 at 19:23
  • It seems you want to do a simple 32bit rotation. This algorithm probably gets reversible by changing the first `&` into `|`. This has similar security properties like a Caesar cipher. Also, if you want to reply to somebody when there are more than two people talking, use `@` like this @Bafforasta – Artjom B. Oct 22 '15 at 19:28
  • @ArtjomB. OK, I got it, thank you! – Baffo rasta Oct 22 '15 at 19:33
  • What are the `$digits` and `$n_times` arguments to your function expected to contain? Do you have an example of how it would be used? –  Oct 22 '15 at 19:41
  • $digits will contain the binary number that I'll work on, $n_times is just going to work as offset. – Baffo rasta Oct 22 '15 at 19:45
  • Hi, please ask your teacher to email security@paragonie.com and explain why the hell they are asking you to implement a new procedure instead of a standard one? Also, tell them to read this: [You don't encrypt passwords, you hash them!](https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded) – Scott Arciszewski Oct 22 '15 at 22:07
  • @ScottArciszewski Yeah! And while he's at it he can explain why he taught them to output "Hello world!" when there are surely PHP scripts to do that already. And making them write bubble sort routines when better functions exist. Maybe the teacher will next show them how easy homebrews are to break. Either way, there is no harm letting people learn to write crypto as long as they know how dangerous it is to use for real world applications. – WDS Oct 23 '15 at 04:06
  • There is a world of difference between "hello world" and writing a secure cryptographic storage protocol. "there is no harm letting people learn to write crypto as long as they know how dangerous it is to use for real world applications." [I actually agree](http://www.cryptofails.com/post/75204435608/write-crypto-code-dont-publish-it). That's why I want this teacher to *explain why* they are doing this, and if that's not the reason, I will lambaste them with hostile rhetoric. Privately. – Scott Arciszewski Oct 23 '15 at 05:42

1 Answers1

1

"Of course after I encrypted my password I should be able to decrypt it." - fundamentally wrong!. Right encrypt function (i.e. hash-function) should not have reverse function. Very simple identification algorithm:
1. User enters password
2. Get hash from password by using encrypt function (entered_hash=f(password))
3. Compare entered_hash with right_hash_stored
NEVER store passwords, only hashes !

I think, that if you want your encrypt function has reverse, it should consist of function having reverse, so AND and OR are not such, but ROT and XOR are. So all you need - the squense of ROT/XOR (for XOR mask you can use encrypted value of previos squense step, in this case it must aslo be saved)

Val K
  • 375
  • 2
  • 9
  • Yes, I know perfectly that it shouldn't be encrypted and how to verify if entered password matches with the hashed one, but for some reason this excercise requres to reverse it once encrypted. Of course this is not a professional job. – Baffo rasta Oct 22 '15 at 19:07
  • With ROT you mean a circular shift? – Baffo rasta Oct 22 '15 at 20:02
  • Yes: for example there is a list [2,3] - each value means number to circular shift (let it would be left-shift) with following XOR, i.e. number-to-shift XOR shift-result. Encrypt steps: – Val K Oct 22 '15 at 21:54
  • Encrypt steps (for sequense=[2,5]): en1=(pass<<2)XOR 2; en2=(en1<<5) XOR 5. Decrypt: dc1= (en2 XOR 5)>> 5; pass= (dc1 XOR 2) >> 2. – Val K Oct 22 '15 at 22:04
  • OK, thank you, I think I'll try the way you suggested! – Baffo rasta Oct 23 '15 at 12:48