## My attempt at an encryption algorithm

The fear of every surveillance society: citizens protecting their own privacy with strong cryptography

### My attempt at an encryption algorithm

(Don't bother replying with "don't try to make your own encryption", this is an experiment for myself that I may use on experimental sites)

I am playing around with making my own encryption, based on OTP encryption. I just wanted you guys to take a look and tell me what you think. Let me know if you have any suggestions or see any vulnerabilities.

Try it here:
http://otp.script-x.net/
(it has issues with spaces but I'm working on it)

Here is the source:
http://pastebin.com/DpsPWnpv

And here is the inspiration:
Aramis13lack
New User

Posts: 7
Joined: Tue Jan 07, 2014 10:19 am
Blog: View Blog (0)

### Re: My attempt at an encryption algorithm

I didn't exactly look through this all too much. But what I did notice was the ridiculous amount of switch cases goin on. So I'll comment on that.
Why not just define two strings or two arrays even (or even one hash table)
Code: Select all
`\$txt = 'a','b','c','d','e'....;\$num = 0,1,2,3,4,5....;`

And just access each other through keys or something. Rather than having 600 lines of just switch case. Just an idea.
I'll look at the actual otp method later if I have time.

mShred

Posts: 1899
Joined: Tue Jun 22, 2010 4:22 pm
Blog: View Blog (2)

### Re: My attempt at an encryption algorithm

Haven't bothered viewing the source code yet, but off the get go I notice:
If you are using a key which is longer than the text to encrypt, anything over the length of the text inside the key becomes pointless. For example:
Code: Select all
`Encrypting:key = 12345678text = 1234567output = moqsuwyDecrypting:key = 1234567ajshdkjhsdiusdtext = mosqsuwyoutput = 1234567`

I'll dive into the code and I'm sure I will find some more stuff.

For those that know
K: 0x2CD8D4F9

-Ninjex-
Moderator

Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)

### Re: My attempt at an encryption algorithm

mShred wrote:Why not just define two strings or two arrays even (or even one hash table).

I was actually thinking of doing something like that. It wasn't anything to type out because I used a script to generate the case statements. But I am working on switching it to two arrays now.

-Ninjex- wrote:Haven't bothered viewing the source code yet, but off the get go I notice:<br>If you are using a key which is longer than the text to encrypt, anything over the length of the text inside the key becomes pointless. For example:<br>
Code: Select all
`<br>Encrypting:<br>key = 12345678<br>text = 1234567<br>output = moqsuwy<br><br>Decrypting:<br>key = 1234567ajshdkjhsdiusd<br>text = mosqsuwy<br>output = 1234567`
<br><br>I'll dive into the code and I'm sure I will find some more stuff.

That's an interesting issue...I have an idea on fixing it.

*EDIT: Yeah, that idea isn't going to work. Hrmmm...I'll have to think about this one. Let me know if you find any others.

-- Wed Jan 08, 2014 9:29 am --

Haven't bothered viewing the source code yet, but off the get go I notice:
If you are using a key which is longer than the text to encrypt, anything over the length of the text inside the key becomes pointless.

Fixed it and in doing so added another potential vulnerability (multiple correct keys) that I am still working out.
Aramis13lack
New User

Posts: 7
Joined: Tue Jan 07, 2014 10:19 am
Blog: View Blog (0)