An encrypting function.

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi there,

I need an encrypting function, but haven't got a clue where to start.
First a string has to be encrypted with two different encryption keys.
Both output should be anything a-z / A-Z / 0-9 with a fixed length
(e.g. 20 chars).
(Preferably the encryption keys should pick chars from a string i give
to prevent l's and 1's, o's and 0's etc.)

Then they get inputted again ( say $_POST['name'] and $_POST['code'] )
and i have to decrypt them. I know $_POST['name'] should use
decode/encode-key 1,
and $_POST['code'] should use decode/encode-key 2.

Decoded they should be the same again.
(Example below.)

I hope it's kind of clear ...

Greetings frizzle.

-------- EXAMPLE --------

Input              :  foobar

Output key 1  :  klKpUR867Biwr742gsBd
Output key 2  :  9KdfnbDSnd65sgh45hsd

$_POST['name'] : klKpUR867Biwr742gsBd
$_POST['code']  : 9KdfnbDSnd65sgh45hsd

Result : foobar   ( $_POST['name'] === $_POST['code'] )

Re: An encrypting function.

Following on from frizzle's message. . .
Quoted text here. Click to load it
Ummm...yes - where to start.

I can't help feeling that you are not using the right method to do what  
you're /really/ trying to achieve.  If something is getting re-inputted
then why bother?  If you want random numbers then you can generate  
random strings with rand and md5 functions *and check input against  
session vars* or values regenerated from a database seed.

There's an easy way to avoid o0 etc and that's by replacing one with
a distinctive character.  NB 5s, 8B,1L,4A - many screens don't tell you.

I have a hunch you're trying too hard, but without a clearer idea of  
what you're trying to do can't go further.

Quoted text here. Click to load it

PETER FOX Not the same since the porcelain business went down the pan
2 Tees Close, Witham, Essex.
Gravity beer in Essex  <

Re: An encrypting function.

Hash: SHA1

frizzle wrote:

Quoted text here. Click to load it

Maybe by RTFM?

- --  
- ----------------------------------
Iván Sánchez Ortega -i-punto-sanchez--arroba-mirame-punto-net
Proudly running Debian Linux with 2.6.12-1-686 kernel, KDE3.5.0, and PHP
5.1.2-1 generating this signature.
Uptime: 01:22:27 up  4:11,  1 user,  load average: 0.57, 0.31, 0.18

Version: GnuPG v1.4.2 (GNU/Linux)


Re: An encrypting function.

You may want to look into Mcrypt
( ).  But, with Peter said,
what are you really try to achieve?

Re: An encrypting function.

Carl Vondrick wrote:
Quoted text here. Click to load it

What i'm trying to do is build a way of security that a human is
submitting a form.
I know there are ways out there already, but i also have other purposes
in mind.


Image random generated according to key 1:


The image is a php file, getting $_GET['txt'], decrypt it according
key 1, and encrypt it according to key 2. The second encrypting
becomes visible in the actual image.

I have a have a hidden form field with the value of key 1, and the
visitor has to insert the text from the image / key 2 into a form

Then after posting i compare the decrypted hidden formfield's value
against the user submitted value ( / image's value). if they match,
the user read the image, and is human ...

It might sound stupid, sloppy or whatever, but i'm just trying to
achieve my goal.


Re: An encrypting function.

Quoted text here. Click to load it

Not sure, but sounds like a CAPTCHA.  They can be OCR'd  
( ) from what I found in an earlier post.

Quoted text here. Click to load it

Re: An encrypting function.

Thanks, indeed that's what i meant.
Apparently it's a weaker system then i imagined.
I guess i'll have to find another alternative again ... :(

Greetings Frizzle.

Jim Michaels wrote:
Quoted text here. Click to load it

Re: An encrypting function.

frizzle wrote:
Quoted text here. Click to load it

Why?  Is this a high security site?

OCR'ing CAPTCHA images does take time and effort - each one is typically  
different.  What would be on your site which would require that much effort?

Not to denigrate your site in any form - but the fact is, spammers wouldn't bother with 99.99999% of the CAPTCHA images.  They'll  
just go onto another site.

It's like your front door.  Your lock isn't unpickable - it just  
requires time and effort on a burglar's part to pick.  However, you lock  
your door anyway, because it's a deterrent - the burglar will most  
likely move on (unless you're storing Fort Knox inside).

Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.

Re: An encrypting function.

Jerry Stuckle wrote:
Quoted text here. Click to load it

Well you're probably right, but i also still haven't found a 'good'
CAPTCHA method that doesn't rely on sessions.

I'd like to have two inputs: 1 by the user, and one hidden formfield,
each with their own decryption key, and compare those,
but i haven't found a proper encryption / decryption function yet, that
is good, but quite easy to understand (not to break! ;) )


Re: An encrypting function.

Quoted text here. Click to load it

use MD5 digits as an index into a dictionary array, and use soundex to  
compare words in case they mistype, using only a subset of the md5 string?

Quoted text here. Click to load it

Re: An encrypting function.

Quoted text here. Click to load it

I think he's got a point there.  I dunno. here's one. Won't guarantee it.  
there's better ones out there that mangle fonts.
I've looked through the GD source code. it can't mangle fonts. only rotate  
them.  for that you're probably looking at making a DLL with the bitstream  
library or something like that, or relying on windows' truetype font  
rendering engine to render a bitmap, which could possibly do the job.

Quoted text here. Click to load it

Re: An encrypting function.

Site Timeline