? ShadowCrypto is here! (Page 1) ● SmileBASIC Source Forums

Sign In

Register
*Usernames are case-sensitive
Forgot my password
This website has been moved, please see this post

ShadowCrypto is here!

1 2
  • #1 ✎ 481 MasterR3C0RD Power User Amazing Contributor Someone thinks I'm an awesome person who has done so much for the community! Achievements Third Year My account is over 3 years old Website osu! Is Awesome! I love osu! Express Yourself Okay, so ShadowCrypto is dead now, in the same grave as the RICE# series. And no more custom encryption by me. dankrause brought up a good point: I don't have nearly enough entropy in the keys to encrypt data securely. I'm sorry, but that's a fact that's real, and that no one has control of except actual cryptographers. So I'm done with custom cryptography, and sticking with projects I can actually do without causing major harm to other's security. So ShadowCrypto should be removed from chat soon (once Random gets around to it) and the download page for ShadowCrypto will be deleted soon. This thread can be closed. Posted Edited by MasterR3C0RD
  • #2 ✎ 1884 12Me21 Syntax Highlighter Received for creating the code syntax highlighter on SBS Night Person I like the quiet night and sleep late. Express Yourself could you post the SB code here? Posted
  • #3 ✎ 481 MasterR3C0RD Power User Amazing Contributor Someone thinks I'm an awesome person who has done so much for the community! Achievements Third Year My account is over 3 years old Website osu! Is Awesome! I love osu! Express Yourself
    could you post the SB code here?
    Why? It's on the SB server. Check the program page for the key.
    Posted
  • #4 ✎ 477 SquareFingers Have you heard of the first rule of crypto? Posted
  • #5 ✎ 481 MasterR3C0RD Power User Amazing Contributor Someone thinks I'm an awesome person who has done so much for the community! Achievements Third Year My account is over 3 years old Website osu! Is Awesome! I love osu! Express Yourself
    Have you heard of the first rule of crypto?
    Yes, but if nobody breaks it, there won't be any different kinds of encryption. By the way, it's "Don't roll out your own crypto".
    Posted
  • #6 ✎ 11 dankrause Expert Programmer Programming no longer gives me any trouble. Come to me for help, if you like! Programming Strength Second Year My account is over 2 years old Website I believe ShadowCrypto has some extremely obvious security issues. I also believe that I can decrypt any message encrypted by ShadowCrypto without the password with little effort. I'll be happy to demonstrate for anyone interested. Just post an encrypted message. Posted Edited by dankrause
  • #7 ✎ 481 MasterR3C0RD Power User Amazing Contributor Someone thinks I'm an awesome person who has done so much for the community! Achievements Third Year My account is over 3 years old Website osu! Is Awesome! I love osu! Express Yourself
    I believe ShadowCrypto has some extremely obvious security issues. I also believe that I can decrypt any message encrypted by ShadowCrypto without the password with little effort. I'll be happy to demonstrate for anyone interested. Just post an encrypted message.
    Here. Enjoy. BCF498CFDE95D0DEC78DDBC1CE85D7CED4F8EDB9E8F6E5E4F1A3AFC3FEF6F3A1EF988BD99690D795969E9B9B849CC7988CA8FFBFB4A7B2A7B6BFE3E9AAABA3E1BA524A194C5A5916470D47485D4007554C3D687669676E31726F607C7F25666F7A091710151257101D140206190049E9 EDIT 1: Sorry, forgot the encrypted stuff EDIT 2: Put the stuff in a nicer container.
    Posted Edited by MasterR3C0RD
  • #8 ✎ 11 dankrause Expert Programmer Programming no longer gives me any trouble. Come to me for help, if you like! Programming Strength Second Year My account is over 2 years old Website I've got the power scrub. Just let me destroy you forever, and you won't have to worry about anything anymore. Posted
  • #9 ✎ 481 MasterR3C0RD Power User Amazing Contributor Someone thinks I'm an awesome person who has done so much for the community! Achievements Third Year My account is over 3 years old Website osu! Is Awesome! I love osu! Express Yourself
    I've got the power scrub. Just let me destroy you forever, and you won't have to worry about anything anymore.
    ... Alright, what did I do to fuck it up? REFER TO THE NEXT PART
    Posted Edited by MasterR3C0RD
  • #10 ✎ 481 MasterR3C0RD Power User Amazing Contributor Someone thinks I'm an awesome person who has done so much for the community! Achievements Third Year My account is over 3 years old Website osu! Is Awesome! I love osu! Express Yourself Also, can you recover passwords? EDIT: PM me the flaws and possible solutions please. Bad idea to post it here. Posted Edited by MasterR3C0RD
  • #11 ✎ 11 dankrause Expert Programmer Programming no longer gives me any trouble. Come to me for help, if you like! Programming Strength Second Year My account is over 2 years old Website It's brute-forcable. Your math has the side effect of reducing total effective entropy in the key to around 8 bits. One out of every set of 200ish random strings are equivalent for the purposes of decryption. I can't recover the key you used, because it's the same as an infinite number of other keys. I can give you an arbitrary number of keys that work just like yours though. What you did wrong: you ignored the first rule of cryptography, which is actually "Leave cryptography to the experts." Note that the second rule is "You are not an expert." Posted
  • #12 ✎ 481 MasterR3C0RD Power User Amazing Contributor Someone thinks I'm an awesome person who has done so much for the community! Achievements Third Year My account is over 3 years old Website osu! Is Awesome! I love osu! Express Yourself
    It's brute-forcable. Your math has the side effect of reducing total effective entropy in the key to around 8 bits. One out of every set of 200ish random strings are equivalent for the purposes of decryption. I can't recover the key you used, because it's the same as an infinite number of other keys. I can give you an arbitrary number of keys that work just like yours though. What you did wrong: you ignored the first rule of cryptography, which is actually "Leave cryptography to the experts." Note that the second rule is "You are not an expert."
    So what, I should increase the entropy by increasing the value 256 in the program to something like 7FFFFFFF? That would make the entropy more like 32 bits, correct?
    Posted
  • #13 ✎ 11 dankrause Expert Programmer Programming no longer gives me any trouble. Come to me for help, if you like! Programming Strength Second Year My account is over 2 years old Website I'm also not a cryptography expert, so I couldn't give you a good fix that would guarantee using all of the available entropy in your key. Your modulus 256 is not the cause of your problems, however. Posted
  • #14 ✎ 11 dankrause Expert Programmer Programming no longer gives me any trouble. Come to me for help, if you like! Programming Strength Second Year My account is over 2 years old Website So I don't ultimately want to discourage anyone from attempting to write cryptographic functions. I definitely DO want to discourage them from ever actually USING them for anything. Novel cryptographic algorithms are vetted and discussed in a community of experts, who apply years of experience testing and improving them before ever using them anywhere. They had to start somewhere, however. Keep writing code. Posted
  • #15 ✎ 94 Mr0R305 No one's an expert?
    Note that the second rule is "You are not an expert."
    Does that mean no one can make cryptography? Or was that just an insult toward CX lel
    Posted
  • #16 ✎ 1092 Yolkai Head Admin No. There are cryptography experts. You are not one. If you were, you would understand why it's a bad idea to make your own cryptography algorithm and also understand why the existing ones work. If you are trying to make your own crypto, you are not an expert. Please read what people actually say instead of making unclever assumptions. Posted
  • #17 ✎ 94 Mr0R305
    No. There are cryptography experts. You are not one. If you were, you would understand why it's a bad idea to make your own cryptography algorithm and also understand why the existing ones work. If you are trying to make your own crypto, you are not an expert. Please read what people actually say instead of making unclever assumptions.
    ._. Ok, lumage
    Posted
  • #18 ✎ 11 dankrause Expert Programmer Programming no longer gives me any trouble. Come to me for help, if you like! Programming Strength Second Year My account is over 2 years old Website
    Does that mean no one can make cryptography? Or was that just an insult toward CX lel
    Neither - if you're developing your own crypto today, you're either on the very bleeding edge of mathematics and computer science, or you're building a toy. Not trying to insult anyone, but don't use that toy to actually try to keep something secret.
    Posted
  • #19 ✎ 94 Mr0R305
    Does that mean no one can make cryptography? Or was that just an insult toward CX lel
    Neither - if you're developing your own crypto today, you're either on the very bleeding edge of mathematics and computer science, or you're building a toy. Not trying to insult anyone, but don't use that toy to actually try to keep something secret.
    Makes reasonable sense, no argument from me
    Posted
  • #20 ✎ 481 MasterR3C0RD Power User Amazing Contributor Someone thinks I'm an awesome person who has done so much for the community! Achievements Third Year My account is over 3 years old Website osu! Is Awesome! I love osu! Express Yourself Okay, so if anyone feels like they want to crack some encryption, here's my latest method: https://www.khanacademy.org/computer-programming/pincrypt/5009310891 If anyone can crack what this says, kudos to you. You also have to figure out the PIN (they're all unique, believe me. I had a computer running for a while to check). I'll give one hint: The first character is "H". 0000064864000006484A0000064857000006480300000648 08000006485200000648590000064850000006481A000006 4805000006484F000006485C000006485300000648150000 06480200000648A4000006485300000648AA000006486C00 0006481F000006484100000648A800000648A70000064812 00000648A600000648520000064816000006485000000648 1000000648A300000648A100000648BF00000648B8000006 48AA00000648BC000006486F00000648BB00000648A40000 0648B400000648B000000648A6000006487B000006486600 0006484300000648B900000648BD00000648620000064884 00000648B3000006488A000006487E00000648B200000648 8E00000648880000064881000006487B0000064880000006 488D00000648B70000064883000006485700000648710000 0648BB00000648820000064899000006484D000006489900 00064887000006489F0000064896000006489E0000064887 000006485800000648450000064880000006489C00000648 83000006488200000648EF00000648EE0000064899000006 485D00000648E700000648EE00000648E500000648500000 0648E4000006489000000648540000064896000006485600 000648E2000006489300000648E300000648FF00000648ED 000006481F Posted
1 2