-
c++ encryption
I am writing a c++ program that connects two computers over the net and makes them appear to be on a lan. Basically a stripped-down vpn. I was wondering if i could encrypt the data one each end before sending it and then decrypt when received.
I am using Micro$oft C++ 4.2 as it is all I have available. What is the best encryption? 128-bit DES? and how do I encrypt and decrypt. I use all the standard MFC libs that came with it.
-
Well, I'd suggest using the public/private key exchange for encrypting data, however, you could hash something together using plain old crypt() (which isn't quite the best to use, but it's good enough for what you're doing). With crypt() you have to have the salt to compare the data from one end with what you had on the other. Now, you can't "unencrypt" data...you have to have the salt and compare it against the encrypted string to see if it matches (like passwd does in unix).
Example:
#!/usr/bin/perl
sub get_word() {
print "Enter a word: ";
chomp($word=<STDIN>);
# enter doesn't count, numbnuts!
if (!$word) {
print "Invalid word: null\n";
&get_word();
}
&get_salt();
}
sub get_salt() {
print "Enter a salt: ";
chomp($salt=<STDIN>);
# salt's only worth 2 characters
$salt = substr($salt, 0, 2);
# sneaky bastards using space in salts?
if ($salt =~ /\s/) {
print "Invalid salt: space found\n";
&get_salt();
}
&crypt_stuff();
}
sub crypt_stuff() {
# null words or salts?
if (!$salt || !$word) {
print "Somehow, the salt or word got fux0red, bailing now.\n";
exit;
}
$crypted = crypt($word, $salt);
&print_output();
}
sub print_output() {
printf "Word: %s\nSalt: %s\nCrypted: %s\n", $word, $salt, $crypted;
print "Enter a matching word: ";
chomp($word2 = <STDIN>);
if (crypt($word2, $salt) eq crypt($word, $salt)) {
print "Match.\n";
} else {
print "No match.\n";
}
exit;
}
&get_word();
Now, once again, this is a brief script to do nothing more than grab a word, grab a salt (the first 2 letters of it), and then encrypt it, showing the word, salt, and encrypted output based on the salt. To "unencrypt" this data, the encrypted string would be compared against another crypt, using the salt, such as the following:
if (crypt($word2, $salt) eq crypt($word, $salt)) {
print "Match.\n";
} else {
print "No match.\n";
}
Here's the above script (whole form) in action:
Enter a word: foo
Enter a salt: 49
Word: foo
Salt: 49
Crypted: 49UXLrygixOlk
Enter a matching word: bar
No match.
Hope this helps although it's more of an answer towards password verification or authentication of some sort. There's much better solutions that crypt, but crypt's fast and easy (like my women!)..also, this is a perl solution, no c++, c, java, or anything else.
-
I know that Microsoft has something called CryptoAPI which basically does any kind of crypto you want. There are also a few packages that do various kinds of crypto functions (MD5 hashes, RSA, DES, etc...), though I can't remember any of them off the top of my head. You can also program the crypto functions yourself if you have a decent knowledge of the encryption standard that you'd like to use, but I think using the crypto libraries prodived on the net, or through Microsoft is the best bet.
Regards,
Wizeman
-
Thanks alot guys this stuff is great. I am new to C++ andI wa wonderng how to implement this. I can't use a perl script because of certain limitatons. Is there any good effective command or do I need to convert it manually with my own subrouine? Any examples would be great.
-
The packages I mention are basically just a bunch of header (.h) files. All you have to do to add their functions to your program is include the proper .h files from the Crypto package of your choice. If you are new, then I highly suggest you use Microsoft's CryptoAPI. Go to google.com and do a search for "microsoft cryptoapi" and you should find relevant instructions on its use in programs. Just be careful, there is a lot of stuff in that package, so make sure you use the proper resource.
Regards,
Wizeman
-
This stuff is really helpful. I a now done with my program ad i works great. I am happy to report that my program is very secure now and works wonderfully
thanks guys and especially you wizeman.
-
I have a simple example of how to do simple xor encryption using no external headers (except stdio.h and strings.h) on my webpage (under the programming section at:
http://www25.brinkster.com/cheeseball
I haven't gotten hardly any of my programs up yet...but I have the source of a few things (a IPsec client/server, and stuff like that) that I used an extended example of this in, but haven't posted them up yet. Just thought I would post it in case someone needs a raw example of how to do it.