Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Z
Z
zdiii2015-08-20 23:39:40
PHP
zdiii, 2015-08-20 23:39:40

How secure is this encryption method?

How secure is this encryption method?
How many minutes will it take a professional cryptographer to decrypt?
Is there an absolute encryption method?

<?php

    $data           = 'my secrect string...';
    $key            = md5( 'passwd123' );

    $crypted        = $data ^ str_pad( '', strlen( $data ), $key );
    print_r( $crypted ); // \HGZPLCE_VTJ

    $decrypted      = $crypted ^ str_pad( '', strlen( $crypted ), $key );
    print_r( $decrypted ); // my secrect string...
?>

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
R
Rishat Kadyrov, 2015-08-20
@laska

Never, well, that is, never use your own encryption methods.
Any person who understands encryption better than you (trust me, this is most likely any person who tries to decrypt your code) will decrypt it very quickly. Minutes or hours - it will depend on what he gets. If he gets the string just HGZPLCE_VTJ, without any context, then you don't need to worry. Otherwise it is necessary.
In any case, you invented a bad symmetric cryptosystem, PHP has a built-in and good one: mcrypt, use it.

Report
L
Lander, 2015-08-21
@usdglander

I join all the previous speakers, but on my own I will add:
Your cipher is even less reliable than the standard XOR, since the md5 function returns a string. In this line, each position can contain one of 16 characters (and for good reason, the mask character should cover the whole message bytes).
What prompted you to develop your own cipher without knowledge of cryptography?
If you just need to hide some meaningful text sequences in a file or other data set. so that they are not visible at a cursory glance, then your cipher may be suitable, but nothing more.

Report
T
throughtheether, 2015-08-21
@throughtheether

How secure is this encryption method?
When encrypting several messages with one key, it is very unreliable. And without it, your key length is generally less than the message length. Try to encrypt a long string (~200-300 bytes) and check the result.
How many minutes will it take a professional cryptographer to decrypt?
Don't know. I know from experience that it takes a student of cryptography about half an hour to extract the key and original messages from several ciphertexts obtained using a Vernam cipher with key repetition (one key for all ciphertexts) under "normal conditions" (using literate written speech, without compression, etc.).
Is there an absolute encryption method?
What does "absolute" mean? Absolutely durable? Absolutely comfortable?

Report
V
Vladimir Martyanov, 2015-08-21
@vilgeforce

Nothing. Even TEA will be stronger.

Report
D
Dark_Scorpion, 2015-08-21
@Dark_Scorpion

Ordinary symmetric encryption on the chorus! Breaks down very quickly!
First, the cipher is based on a chorus without creating noise, which means the operation is reversible (ciphertext + plaintext = key).
The second stronger weakness can be selected at short intervals the key, that is, not 20 characters, but 5, and if a readable text appears, half the work has already been done.

Similar questions
D
Dmitry2019-09-20 14:21:34
Does not download files from utorrent, openwrt firmware? 1Reply
I
ibr_982017-04-24 19:18:51
Why doesn't "MouseEnter" work in visual c#? 2Reply
M
MarEeeeeee2021-04-07 17:49:27
Do I get an error when using useState? 3Reply
N
nanosem2017-05-16 23:10:25
How to switch between threads in c# .net to update GUI? 4Reply
R
r1der2017-05-18 18:12:04
Python urllib2 vs PHP curl. How to deal with ETag? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question