My attempt at an encryption algorithm

[Aramis13lack]

(Don't bother replying with "don't try to make your own encryption", this is an experiment for myself that I may use on experimental sites)

I am playing around with making my own encryption, based on OTP encryption. I just wanted you guys to take a look and tell me what you think. Let me know if you have any suggestions or see any vulnerabilities.

Try it here:
http://otp.script-x.net/
(it has issues with spaces but I'm working on it)

Here is the source:
http://pastebin.com/DpsPWnpv

And here is the inspiration:
http://en.wikipedia.org/wiki/One-time_pad

[mShred]

I didn't exactly look through this all too much. But what I did notice was the ridiculous amount of switch cases goin on. So I'll comment on that.
Why not just define two strings or two arrays even (or even one hash table)

Code: Select all

$txt = 'a','b','c','d','e'....;
$num = 0,1,2,3,4,5....;

And just access each other through keys or something. Rather than having 600 lines of just switch case. Just an idea.
I'll look at the actual otp method later if I have time.

[-Ninjex-]

Haven't bothered viewing the source code yet, but off the get go I notice:
If you are using a key which is longer than the text to encrypt, anything over the length of the text inside the key becomes pointless. For example:

Code: Select all

Encrypting:
key = 12345678
text = 1234567
output = moqsuwy

Decrypting:
key = 1234567ajshdkjhsdiusd
text = mosqsuwy
output = 1234567

I'll dive into the code and I'm sure I will find some more stuff.

[Aramis13lack]

Why not just define two strings or two arrays even (or even one hash table).

I was actually thinking of doing something like that. It wasn't anything to type out because I used a script to generate the case statements. But I am working on switching it to two arrays now.

Haven't bothered viewing the source code yet, but off the get go I notice:<br>If you are using a key which is longer than the text to encrypt, anything over the length of the text inside the key becomes pointless. For example:<br>

Code: Select all

<br>Encrypting:<br>key = 12345678<br>text = 1234567<br>output = moqsuwy<br><br>Decrypting:<br>key = 1234567ajshdkjhsdiusd<br>text = mosqsuwy<br>output = 1234567

<br><br>I'll dive into the code and I'm sure I will find some more stuff.

That's an interesting issue...I have an idea on fixing it.

*EDIT: Yeah, that idea isn't going to work. Hrmmm...I'll have to think about this one. Let me know if you find any others.

-- Wed Jan 08, 2014 9:29 am --

Haven't bothered viewing the source code yet, but off the get go I notice:
If you are using a key which is longer than the text to encrypt, anything over the length of the text inside the key becomes pointless.

Fixed it and in doing so added another potential vulnerability (multiple correct keys) that I am still working out.