word encryption question

[slayer256]

I would like to know if word encryption is considered a strong method to encrypt text files and passwords ? Any insight would be welcomed. An example of what I mean would be for example the word <safe> would be replaced by< tuvase1(4x7& >.

I can provide an actual example of my method if required this is meant to be a password encryption method for a server.

[mShred]

It depends on how the encryption works.. Your example didn't really make too much sense. If you have letter substitution or something similar to basic mission 6, then it's probably not too secure. If you're using the wrapping method, like in hashing, then it will be considerably more secure. But even then, there are a lot of more secure ways. RSA deals with very large prime numbers.

[slayer256]

Yes Basic mission 6 would be a short example of what I mean. Each letter of the alphabet would be replaced by a 4 character string such as

a = t%u

b = *t9

c = r0p

and so on and on with all 26 letters and 10 digits. It would replace each letter or number in the sentence multiple times. For a better example Hello world would look like H%tuee-_uep#($ji(+[pi3ju+[pi3juo}(+[pi3ju u_?|u#:o}(+[pi3ju-_ue+[pi3juiushrt[pi3 once encrypted with 1 pass the second pass would employ a diffrent set of strings to avoid quick decyphering of the text.

[runner7gk]

but you can imagine that it i takes a lot of memory if you encrypt large data like this or reencrypt them a second or third time.

[slayer256]

This is true but the applications of the replacement would make any type of brute forcing nearly impossible while also allowing the user to remember a short easy password. Downfall would as noted be large amount of memory per file and the cpu usage during the conversion process. The encryption would be handled by the users comp while several servers could handle the decryption process.

I could be wrong but a trojan or keylogger could only get the users password while the scheme could be updated weekly or more to lower mass password collection as a person could only take over so many accounts in a set timeframe.

More or less I would like opinions on the feasibility of this setup since hashing the password is easly cracked with most combinations up to 10 characters already posted online. If there is another way please direct me in the right direction.

[mShred]

People and cracking software look can look for patterns in encrypted strings. If the see repetition of characters, then it's only a matter of time before they figure something out.