Hey,
Im wanting to make my own alphabet for my encryption, ex:
A=g
a=X
Etc. What is the best way to do this and it make it as encryption?
Printable View
Hey,
Im wanting to make my own alphabet for my encryption, ex:
A=g
a=X
Etc. What is the best way to do this and it make it as encryption?
Paste this into your form:
vb.net Code:
Imports System.Security.Cryptography Public Class TripleDESdemo Private txtPass, txtEnc, txtDec, txtSrc As TextBox Private lblInfo, lblPass, lblSource, lblEncrypted, lblDecrypted As Label Private des3 As New System.Security.Cryptography.TripleDESCryptoServiceProvider Public Sub New() Me.SuspendLayout() Me.Text = "Triple DES demo" Me.FormBorderStyle = Windows.Forms.FormBorderStyle.FixedSingle ' Initializing and placing controls Dim Sspc As Integer = 5 ' Single spacing interval in pixels Dim Dspc As Integer = 10 ' Double spacing interval in pixels lblPass = New Label With {.Left = Sspc, .Top = Sspc, .Height = Me.Font.Height, .AutoSize = True, .Text = "Type Password here:"} txtPass = New TextBox With { _ .PasswordChar = "*"c, _ .Left = lblPass.Right + Dspc, _ .Top = Sspc, .Width = 100, .TabIndex = 0} lblInfo = New Label With {.Left = txtPass.Right + Sspc, .Top = Sspc, .Height = Me.Font.Height, .AutoSize = True, .ForeColor = Color.Red} lblSource = New Label With {.Left = Sspc, .Top = txtPass.Bottom + Dspc, .Height = Me.Font.Height, .AutoSize = True, .Text = "Type source text here:"} txtSrc = New TextBox With {.Multiline = True, .Left = Sspc, .Top = lblSource.Bottom + Sspc, .Width = 380, .Height = 100, .TabIndex = 1, .Enabled = False} lblEncrypted = New Label With {.Left = Sspc, .Top = txtSrc.Bottom + Dspc, .Height = Me.Font.Height, .AutoSize = True, .Text = "Encrypted message:"} txtEnc = New TextBox With {.Multiline = True, .Left = Sspc, .Top = lblEncrypted.Bottom + Sspc, .Width = 380, .Height = 100, .TabIndex = 2, .ReadOnly = True} lblDecrypted = New Label With {.Left = Sspc, .Top = txtEnc.Bottom + Dspc, .Height = Me.Font.Height, .AutoSize = True, .Text = "Decrypted text:"} txtDec = New TextBox With {.Multiline = True, .Left = Sspc, .Top = lblDecrypted.Bottom + Sspc, .Width = 380, .Height = 100, .TabIndex = 3, .ReadOnly = True} Me.ClientSize = New Size(txtSrc.Right + Sspc, txtDec.Bottom + Sspc) Me.Controls.AddRange(New Control() {lblInfo, lblPass, lblSource, lblEncrypted, lblDecrypted, _ txtPass, txtEnc, txtDec, txtSrc}) Me.ResumeLayout() End Sub Private Sub Form1_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load AddHandler txtPass.TextChanged, AddressOf txtPass_TextChanged End Sub Private Function ToBase64(ByVal data() As Byte) As String Return Convert.ToBase64String(data) End Function Private Function FromBase64(ByVal base64 As String) As Byte() Return Convert.FromBase64String(base64) End Function Private Function CreateKeyFromPass(ByVal Password As String) As Byte() Dim key() As Byte = System.Text.Encoding.Default.GetBytes(txtPass.Text.ToCharArray) If key.Length < 24 Then ReDim Preserve key(23) Return key End Function Private Sub txtPass_TextChanged(ByVal sender As Object, ByVal e As EventArgs) Try des3.Key = CreateKeyFromPass(txtPass.Text) lblInfo.Text = "" AddHandler txtSrc.TextChanged, AddressOf txtSrc_TextChanged txtSrc.Enabled = True Catch ex As CryptographicException lblInfo.Text = "Password is too weak" txtSrc.Enabled = False RemoveHandler txtSrc.TextChanged, AddressOf txtSrc_TextChanged End Try End Sub Private Sub txtSrc_TextChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) 'If txtSrc.Text.Length < 10 Then Exit Sub Dim bytes As Byte() = System.Text.Encoding.Default.GetBytes(txtSrc.Text.ToCharArray) Dim Count = bytes.Length Dim key As Byte() = CreateKeyFromPass(txtPass.Text) Dim encbytes As Byte() = Encrypt(key, bytes) txtEnc.Text = ToBase64(encbytes) Dim decbytes As Byte() = Decrypt(key, FromBase64(txtEnc.Text)) txtDec.Text = System.Text.Encoding.Default.GetChars(decbytes) End Sub Private Function Encrypt(ByVal key As Byte(), ByVal data As Byte()) As Byte() Randomize() des3.GenerateIV() des3.Key = key Dim Header() As Byte = BitConverter.GetBytes(des3.IV.Length) ' Header: ' First 4 bytes are the length of initialization vector ' Then the initialization vector itself ReDim Preserve Header(Header.Length + des3.IV.Length - 1) Array.ConstrainedCopy(des3.IV, 0, Header, 4, des3.IV.Length) Dim enc = des3.CreateEncryptor() Dim encrypted As Byte() = enc.TransformFinalBlock(data, 0, data.Length) Dim result(Header.Length + encrypted.Length - 1) As Byte Array.ConstrainedCopy(Header, 0, result, 0, Header.Length) Array.ConstrainedCopy(encrypted, 0, result, Header.Length, encrypted.Length) Return result End Function Private Function Decrypt(ByVal key As Byte(), ByVal data As Byte()) As Byte() Dim Header(3) As Byte Array.ConstrainedCopy(data, 0, Header, 0, 4) Dim IVLength As Integer = BitConverter.ToInt32(Header, 0) Dim IV(IVLength - 1) As Byte Array.ConstrainedCopy(data, 4, IV, 0, IVLength) des3.IV = IV des3.Key = key Dim dec = des3.CreateDecryptor() Dim BytesToDecrypt(data.Length - IV.Length - 4 - 1) As Byte Array.ConstrainedCopy(data, IV.Length + 4, BytesToDecrypt, 0, BytesToDecrypt.Length) Return dec.TransformFinalBlock(BytesToDecrypt, 0, BytesToDecrypt.Length) End Function End Class
Okay, I dont really understand everything in your code, so can anyone help me make this into my login system, so the people's information and password is saved carefully and uncrackable? You can get my project from here if you want to help:
Hidden
You want an alphabetic replacement algorithm that's uncrackable? Such a thing doesn't exits.
Hmm, Okay..
But if still anyone can help adding encryption to my login system, please send me the finished project for it and I will set this thread as resolved, cause I really think I need encryption to my login system cause its very crackable as it is now..
Thanks.
Yea, alphabetic replacement is crackable in milliseconds on a modern PC. You could brute-force it.
To quote from one of my favorite books on the subject:
Trust me, you don't want to use the former for anything but a learning tool. Check out the book too.Quote:
Originally Posted by Applied Cryptography, Bruce Schneier
I think my program isnt really worth it to crack it, but its worth to just secure it, to stop noobs from cracking it without that big tools. lol :)
Have you tried to actually run my example?
I dont really know how I let that work onto my code, cause I think its a little different than my system.
Which system you are in? This was written for vs2008, but it should work for 2005 also
The key functions are Encrypt and Decrypt. They use a Visual Studio Triple DES symmetrical encryption algorhythm.
The initialization of the des service provider takes place in the beginnin (at the class level):
vb.net Code:
Private des3 As New System.Security.Cryptography.TripleDESCryptoServiceProvider
Both encrypt and decrypt functions receive a key as an array of bytes - and the data to encrypt or decrypt in the same form of byte array.
Read the comments to the code:
vb.net Code:
Private Function Encrypt(ByVal key As Byte(), ByVal data As Byte()) As Byte() ' We're randomizing a random number generator Randomize() ' We tell our des3 object to generate a new random Initialization Vector (IV) ' We need the IV in order to make every new byte encrypted differently or otherwise ' every A symbol would be encrypted the same way and we don't want it to happen. des3.GenerateIV() ' Here we provide a key for the encryption (we got it as a parameter) ' Triple DES requires the key to be no less than 24 byte and it has its ' own check whether the key is weak (if it will think that it's too weak to ' be used as an encryption key it will generate an exception). des3.Key = key ' We could join IV with Key but we're doing it differently this time ' We make sure that we know the length in bytes of the IV ' and then convert that 32bit integer into a byte array here: Dim Header() As Byte = BitConverter.GetBytes(des3.IV.Length) ' The most important part: ' To decrypt the message you will need both key and IV ' our key is a big secret, but we can store IV as a header for ' our encrypted data, it goes like this: ' 4 bytes - the length of IV in bytes (L) ' Then we need L bytes to store the IV itself ' After this goes our encrypted data ' To decrypt this message we need to read the first 4 bytes of it and find out how many ' more bytes we should read to get the proper IV (well, we'll need a key too) ' We make some space for storing IV ReDim Preserve Header(Header.Length + des3.IV.Length - 1) ' And copy IV bytes into our Header array Array.ConstrainedCopy(des3.IV, 0, Header, 4, des3.IV.Length) ' Then we obtain the encryptor (a class instance that will perform the ' encryption using our key and IV: Dim enc = des3.CreateEncryptor() ' Here's the encryption per se - we obtain an encrypted byte array: Dim encrypted As Byte() = enc.TransformFinalBlock(data, 0, data.Length) ' But we also need to include our header we prepared earlier, so ' we create a finar byte array that will contain IV length, IV and the encrypted data: Dim result(Header.Length + encrypted.Length - 1) As Byte ' We copy our header to its beginning: Array.ConstrainedCopy(Header, 0, result, 0, Header.Length) ' We also copy our encrypted data: Array.ConstrainedCopy(encrypted, 0, result, Header.Length, encrypted.Length) ' And return it to the calling function: Return result End Function
Now, as I mentioned before, we need a key with a length of at least 24 bytes.
That's why we need some kind of password we would use as an encryption key. To prepare it we will use this function that converts a string password into a byte array with its length greater or equal to 24 bytes:
vb.net Code:
Private Function CreateKeyFromPass(ByVal Password As String) As Byte() ' We convert the text from txtPass textbox into a byte array: Dim key() As Byte = System.Text.Encoding.Default.GetBytes(txtPass.Text.ToCharArray) ' But if it's smaller than 24 bytes we simply resizing it (the rest bytes are filled with zeroes): If key.Length < 24 Then ReDim Preserve key(23) Return key End Function
Also, to be sure that our des3 encryptor will accept our key we should check it first:
vb.net Code:
Try des3.Key = CreateKeyFromPass(txtPass.Text) Catch ex As System.Security.Cryptography.CryptographicException ' If des3 won't accept our key it will throw an exception and ' we will catch it here and say something nice to a user, i.e. "Password is too weak." End Try
OK we can encrypt and decrypt, but in the middle we get a byte array. We can stop at that and dump our array to disk, but if we want to sent an encrypted message via e-mail, for example, we would have to convert it into something that can be safely transferred in plain text format.
I used BASE64 encoding that is implemented by Visual studio and is relatively easy to handle:
To convert a byte array into BASE64 format and back I use these two functions:
vb.net Code:
Private Function ToBase64(ByVal data() As Byte) As String Return Convert.ToBase64String(data) End Function Private Function FromBase64(ByVal base64 As String) As Byte() Return Convert.FromBase64String(base64) End Function
That's it. The rest is simply elements of user interface (I create textboxes and labels, position them on a form and assigning handlers to some events I need).
How to make a login window using all this:
Step 1:
First you should create a form that will allow to create users:
Place 3 textboxes on a form and name them txtUser, txtPass1, txtPass2
Use some nice PasswordChar for two password boxes, also btnCreate and btnCancel.
Like this:
http://i46.tinypic.com/2le3y47.jpg
In the btnCreate_Click event do the following:
vb.net Code:
Private Sub btnCreate_Click(ByVal sender As Object, ByVal e As EventArgs) Handles btnCreate.Click If txtPass1.Text <> txtPass2.Text Then MsgBox("Passwords are not the same!") txtPass1.Focus Exit Sub End If Try des3.Key = CreateKeyFromPass(txtPass.Text) Catch ex As System.Security.Cryptography.CryptographicException MsgBox("Password is too weak!") txtPass1.Focus Exit Sub End Try ' We will encrypt user's login: Dim bytes As Byte() = System.Text.Encoding.Default.GetBytes(txtUser.Text.ToCharArray) Dim key As Byte() = CreateKeyFromPass(txtPass.Text) Dim encbytes As Byte() = Encrypt(key, bytes) ' We check whether a user exists: If IO.File.Exists(txtUser.Text + ".usr") Then MsgBox("User already exists!") txtUser.Focus() Exit Sub End If ' Then we'll dump our encbytes into a file named after this user: Try Dim fs As New IO.FileStream(txtUser.Text + ".usr", IO.FileMode.CreateNew, IO.FileAccess.Write, IO.FileShare.None) fs.Write(encbytes, 0, encbytes.Length) fs.Flush() fs.Close() fs.Dispose() Catch ex As Exception MsgBox("Could not create user.") Exit Sub End Try MsgBox("A user was created!") End Sub
Step 2: Login screen
So, place 2 textboxes called txtLogin and txtPass onto your form and also btnOK and btnCancel buttons.
http://i47.tinypic.com/rucmc1.jpg
Here, in the btnOK_Click event handler perform the encryption:
vb.net Code:
Private Sub btnOK_Click(ByVal Sender As Object, e As System.EventArgs) Handles btnOK.Click ' We check whether a user exists: If Not IO.File.Exists(txtUser.Text + ".usr") Then MsgBox("User was not found!") txtUser.Focus() Exit Sub End If ' We read a user profile: Try Dim fs As New IO.FileStream(txtUser.Text + ".usr", IO.FileMode.Open, IO.FileAccess.Read, IO.FileShare.None) Dim bytes(CInt(fs.Length - 1)) As Byte fs.Read(bytes, 0, fs.Length) fs.Close() fs.Dispose Catch ex As Exception MsgBox("Could not access a user file.") Exit Sub End Try ' Then we creating a key from user's password: Dim key As Byte() = CreateKeyFromPass(txtPass.Text) ' Then we try to decrypt the data from the user's profile: Dim decrypted As Byte() Try decrypted = Decrypt(key, bytes) Catch ex As Exception Msgbox("Incorrect password!") Exit Sub End Try ' We now convert the decrypted bytes back into a string: Dim DecryptedString = System.Text.Encoding.Default.GetChars(decrypted) ' Remember, we were encrypting a user name (login) ' We now check, whether we've got it back after decryption ' and compare it with the login that a user had entered in the txtLogin ' This check is probably excessive because if the decryption fails it will ' throw an exception, but it's a nice finishing touch: If DecryptedString <> txtLogin.Text Then Msgbox("Login incorrect!") Exit Sub End If ' We've done all checks and can now permit a user to login: Me.DialogResult = Windows.Forms.DialogResult.OK Me.Close End Sub
The fine thing about this approach is that you don't store user's password anywhere, but using his own password as a decryption key.
Thanks lots, I'm really gonna use this :)
Errors:
Line:
vb Code:
decrypted = Decrypt(key, bytes)
Error: Name 'Decrypt' is not declared; Name 'bytes' is not declared.
For information, Im using windows XP.
1. The Decrypt function listing can be found in my Post No. 2 in this thread.
2. My fault.
Change this fragment of my sample code:
Code:Try
Dim fs As New IO.FileStream(txtUser.Text + ".usr", IO.FileMode.Open, IO.FileAccess.Read, IO.FileShare.None)
Dim bytes(CInt(fs.Length - 1)) As Byte
fs.Read(bytes, 0, fs.Length)
fs.Close()
fs.Dispose
Catch ex As Exception
MsgBox("Could not access a user file.")
Exit Sub
End Try
into this:
Code:Dim bytes() As Byte ' < -------------------------------------------------------here
Try
Dim fs As New IO.FileStream(txtUser.Text + ".usr", IO.FileMode.Open, IO.FileAccess.Read, IO.FileShare.None)
ReDim bytes(CInt(fs.Length - 1)) ' <-------------------------------- and here
fs.Read(bytes, 0, fs.Length)
fs.Close()
fs.Dispose
Catch ex As Exception
MsgBox("Could not access a user file.")
Exit Sub
End Try
Ok, Thanks but I still got:
Name 'Decrypt' is not declared.
Thanks, It works fine now!
oh my.... *clap* *clap* *clap*
amazing.!
The link to Post 2 doesnt work!!, can check?
This thread is two and a half years old. It does look like some internal links are broken, but Post 2 is still there, it's just the second post in this thread. I don't know why cicatrix decided to link back to earlier in the same thread, but such a broken link shouldn't stop you for long.
i there i am quite new to vb. I am just wondering... i tried to apply this to a the form i was making but when i try proceed by clicking ok on my log in form it say incorrect password. i have triple checked the password i have entered and i keep getting this message. can you pleeeease help me. thanks in advance
Also when i try to create a new user. I always get the "your password is too weak" message. Fustratingly i dont know where im going wrong. also im using vb2010