Results 1 to 7 of 7

Thread: c++ encryption

  1. #1

    c++ encryption

    I am writing a c++ program that connects two computers over the net and makes them appear to be on a lan. Basically a stripped-down vpn. I was wondering if i could encrypt the data one each end before sending it and then decrypt when received.

    I am using Micro$oft C++ 4.2 as it is all I have available. What is the best encryption? 128-bit DES? and how do I encrypt and decrypt. I use all the standard MFC libs that came with it.
    What do you mean you don\'t have a backup disk?

  2. #2
    PHP/PostgreSQL guy
    Join Date
    Dec 2001
    Posts
    1,164
    Well, I'd suggest using the public/private key exchange for encrypting data, however, you could hash something together using plain old crypt() (which isn't quite the best to use, but it's good enough for what you're doing). With crypt() you have to have the salt to compare the data from one end with what you had on the other. Now, you can't "unencrypt" data...you have to have the salt and compare it against the encrypted string to see if it matches (like passwd does in unix).

    Example:

    #!/usr/bin/perl

    sub get_word() {
    print "Enter a word: ";
    chomp($word=<STDIN>);

    # enter doesn't count, numbnuts!
    if (!$word) {
    print "Invalid word: null\n";
    &get_word();
    }

    &get_salt();
    }

    sub get_salt() {
    print "Enter a salt: ";
    chomp($salt=<STDIN>);

    # salt's only worth 2 characters
    $salt = substr($salt, 0, 2);

    # sneaky bastards using space in salts?
    if ($salt =~ /\s/) {
    print "Invalid salt: space found\n";
    &get_salt();
    }

    &crypt_stuff();
    }

    sub crypt_stuff() {
    # null words or salts?
    if (!$salt || !$word) {
    print "Somehow, the salt or word got fux0red, bailing now.\n";
    exit;
    }

    $crypted = crypt($word, $salt);
    &print_output();
    }

    sub print_output() {
    printf "Word: %s\nSalt: %s\nCrypted: %s\n", $word, $salt, $crypted;

    print "Enter a matching word: ";
    chomp($word2 = <STDIN>);

    if (crypt($word2, $salt) eq crypt($word, $salt)) {
    print "Match.\n";
    } else {
    print "No match.\n";
    }

    exit;
    }

    &get_word();


    Now, once again, this is a brief script to do nothing more than grab a word, grab a salt (the first 2 letters of it), and then encrypt it, showing the word, salt, and encrypted output based on the salt. To "unencrypt" this data, the encrypted string would be compared against another crypt, using the salt, such as the following:


    if (crypt($word2, $salt) eq crypt($word, $salt)) {
    print "Match.\n";
    } else {
    print "No match.\n";
    }

    Here's the above script (whole form) in action:

    Enter a word: foo
    Enter a salt: 49
    Word: foo
    Salt: 49
    Crypted: 49UXLrygixOlk
    Enter a matching word: bar
    No match.


    Hope this helps although it's more of an answer towards password verification or authentication of some sort. There's much better solutions that crypt, but crypt's fast and easy (like my women!)..also, this is a perl solution, no c++, c, java, or anything else.
    We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.

  3. #3
    Senior Member
    Join Date
    Jul 2001
    Posts
    143
    I know that Microsoft has something called CryptoAPI which basically does any kind of crypto you want. There are also a few packages that do various kinds of crypto functions (MD5 hashes, RSA, DES, etc...), though I can't remember any of them off the top of my head. You can also program the crypto functions yourself if you have a decent knowledge of the encryption standard that you'd like to use, but I think using the crypto libraries prodived on the net, or through Microsoft is the best bet.

    Regards,
    Wizeman
    \"It\'s only arrogrance if you can\'t back it up, otherwise it is confidence.\" - Me

  4. #4
    Thanks alot guys this stuff is great. I am new to C++ andI wa wonderng how to implement this. I can't use a perl script because of certain limitatons. Is there any good effective command or do I need to convert it manually with my own subrouine? Any examples would be great.
    What do you mean you don\'t have a backup disk?

  5. #5
    Senior Member
    Join Date
    Jul 2001
    Posts
    143
    The packages I mention are basically just a bunch of header (.h) files. All you have to do to add their functions to your program is include the proper .h files from the Crypto package of your choice. If you are new, then I highly suggest you use Microsoft's CryptoAPI. Go to google.com and do a search for "microsoft cryptoapi" and you should find relevant instructions on its use in programs. Just be careful, there is a lot of stuff in that package, so make sure you use the proper resource.

    Regards,
    Wizeman
    \"It\'s only arrogrance if you can\'t back it up, otherwise it is confidence.\" - Me

  6. #6
    This stuff is really helpful. I a now done with my program ad i works great. I am happy to report that my program is very secure now and works wonderfully

    thanks guys and especially you wizeman.
    What do you mean you don\'t have a backup disk?

  7. #7
    Senior Member
    Join Date
    Sep 2001
    Posts
    138
    I have a simple example of how to do simple xor encryption using no external headers (except stdio.h and strings.h) on my webpage (under the programming section at:

    http://www25.brinkster.com/cheeseball

    I haven't gotten hardly any of my programs up yet...but I have the source of a few things (a IPsec client/server, and stuff like that) that I used an extended example of this in, but haven't posted them up yet. Just thought I would post it in case someone needs a raw example of how to do it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •