|
-
February 13th, 2005, 09:25 PM
#11
You might want to lock your directory down: http://solafidefarms.com/Javascript/ Might do better than worrying about the strength of your crypto.
-
February 13th, 2005, 10:33 PM
#12
Junior Member
is this another keyless encryption algorithm?
-
February 13th, 2005, 10:47 PM
#13
Junior Member
Sort of-it is actually a random key(see those numbers? that's the key.), expanded Vinginere square.
-
February 13th, 2005, 11:52 PM
#14
This code is not important to the secure credit card transaction. Even if the code is uncrackable. This is because the submitter will be sending the details of his/her credit card in clear across what is, in effect the world wide insecure web.
What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry
-
February 14th, 2005, 01:47 AM
#15
Senior Member
LOL!
Yepp, that would be one BIG hole alright and still is!! hehe!
-
February 17th, 2005, 01:58 AM
#16
solafide - Decrypting this is very easy. I simply look up the index of each character in the array, and walk backwards by the number provided. The element in the array that I arrive at is the original value. This is very weak because you give everyone everything needed to perform the attack (the array) and the method is very linear. Theoretically with a large enough string of encrypted text, some pattern analysis would let anyone reconstruct the table -- so even issuing everyone a unique array wouldn't work. It inherently leaks way too much information -- bad.
Don't even consider using something you come up with in your free time to transfer credit card information? Who is liable if the information is 'cracked'? You!
Personally I really dislike wasting my time if no code is provided. With how this forum is so lifeless though I went through and read past the first post and found where you actually provided some code. So incase anyone else reads this post: remember that anyone can produce gibberish and call it encrypted and secure. Post code and your request may be considered, but just remember that even professionals in this field of crypto have a hard time coming up with good algorithms, so many don't waste their time trying. (IE, MD5/SHA-1 have finally had some evidence showing them to be cracked / weakened -- http://www.antionline.com/showthread...hreadid=266107)
I'm not a pro in cryptography myself (going to be a photographer in college after HS instead), though I spend enough time studying it (crypto & photography) to understand what is going on under the hood in a lot of the stuff I do...
-
February 17th, 2005, 10:55 AM
#17
The code he provided here doesn't even encrypt properly. Any character used of the top half of the letters array will result in "undefined" in the "encrypted" text.
I don't even consider this an encryption. It's an obfuscation routine, nothing more, nothing less. And as Tim_axe noted, it's damn easy to "crack".
Oliver's Law:
Experience is something you don't get until just after you need it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote