0

I have some encrypting (and decrypting) functions that take any int value and return also any int value (it uses some xor operations with large prime numbers under the hood):

public interface IIntEncryption {
   public int Encrypt(int value);
   public int Decrypt(int encryptedValue);
}

Now I want to use it to encrypt string. My idea is to take each char from the string, convert it to int, encrypt with the function above and then convert back to char. The problem is that not every int value is valid character value afaik. So casting int to char won't work. So I am thinking that I will need to convert int to two valid characters somehow and then when decrypting convert each pair of two characters. So basically I am looking for following functions:

public interface IStringEncryption {
  public string Encrypt(string str, IIntEncryption intEncryption);
  public string Decrypt(string encryptedStr, IIntEncryption intEncryption);
}

I tried many ways but I can't figure out how to encrypt/decrypt array if integers into string representation. Finally I want it to be base64 encoded string.

user606521
  • 14,486
  • 30
  • 113
  • 204
  • 2
    "The problem is that not every int value is valid character value" what do you mean? Every character has a encoding code, which is a number. What encoding are you using? ASCII, UTF8, something else? It's certainly possible to not have the same guarantee in reverse. There is no UTF8 character for 1 billion, even though it's a valid Int32. – gunr2171 Nov 23 '21 at 16:01
  • Hmm, not sure which one I should use - string to be encoded is just some json... – user606521 Nov 23 '21 at 16:03
  • 2
    I don't understand why you're converting each character in your source string to integers based on their (ASCII/UTF8/something) encoding value, and encrypting those integers. If you get a result larger than the pool of numbers for your encoding, you can't encode the number back as a character. There are [more direct ways to encrypt a string](https://stackoverflow.com/questions/202011/encrypt-and-decrypt-a-string-in-c). – gunr2171 Nov 23 '21 at 16:07
  • 6
    Homebrewed encryption is a huge red flag. Especially if all it can do is encrypt integers, rather than bytes, and expects you to somehow chop up your input first. Use verified, built-in algorithms like AES instead, or a wrapper library to make things easy like libsodium. – Jeroen Mostert Nov 23 '21 at 16:07
  • 1
    If the encryption of characters to whatever is always valid, then the reverse (from a legally encrypted representation) should return always valid characters. Yes, there are byte sequences that do not correspond to a character, but they should not be present in your encrypted value (assuming you start with a valid string) – Hans Kesting Nov 23 '21 at 16:15
  • 1
    Agreed with @JeroenMostert - this is a fool's errand. Don't [reinvent the square wheel](https://exceptionnotfound.net/reinventing-the-square-wheel-the-daily-software-anti-pattern/). If you're trying to learn about real encryption, this isn't the way to do it. You can't hack your way, with trial-and-error, around the need to study seriously to become competent in this field. If you need real encryption, this also isn't the way to do it - libraries exist. You should use them. – J... Nov 23 '21 at 16:25

1 Answers1

1

I have some encrypting (and decrypting) functions that take any int value and return also any int value (it uses some xor operations with large prime numbers under the hood):

This is fine, assuming you are only doing this for fun/education. It is generally frowned upon creating your own encryption algorithms or implementations for anything where security is needed.

My idea is to take each char from the string, convert it to int, encrypt with the function above and then convert back to char

This would not be fine, or at least a very cumbersome way to do it. As you surmised you could fit two utf16 characters in a 32-bit int. But you will still have the same problem converting to a string again, since not all 16 bit values are valid utf16 characters.

A better solution would be to convert your string to a byte-array using some kind of encoding. You can then convert pairs of 4 bytes to int32s, encrypt, convert back to a byte array, and use something like base64 to convert the bytes back to a string.

This might sound a bit complicated, and it is. So most real implementations just work with byte-arrays directly, typically splitting them into some larger chunk-size internally.

JonasH
  • 28,608
  • 2
  • 10
  • 23