The Most Active and Friendliest
Affiliate Marketing Community Online!

“Adavice”/  “CPA

encryption ...

crowebird

New Member
affiliate
i built an encryption script for my site.... it currently works at
<>
if you view the source code you can see where the encryption is.

Im working to make it really hard to see how the encryption works, even if you know what it is suppost to say, and still be able to decrypt it. Iv got just a little more to code. When I finish it ill post a link for you all (that notice the post) to try it out and tell what you think.
 
btw>> i finished making my script, but i figure if i make a thing so you can encrypt and decode your own messages it would eliminate the point of using hte script on my site so im not gonna make it.... EDIT!
 
crowebird said:
btw>> i finished making my script, but i figure if i make a thing so you can encrypt and decode your own messages it would eliminate the point of using hte script on my site so im not gonna make it.... EDIT!
Hi Crowebird,
I haven't seen your code as you removed it before I got to the thread, I just wondered if you were doing what I think you are doing (and therefore encoding the source) then anyone can still ctrl+a & ctrl+c then ctrl+p into frontpage or dreamweaver and be able to plain view the source, in addition, if you found a way around that, it would be stored in plain text in the browser temp directory.

There are ways to do it 100% securely but it requires server side coding such as zend encoder.

Is it really worth hiding the source? What could anyone get that you wouldn't want them to?

Like I say, i hope I haven't misunderstood as half the text was removed before I got here.

Either way, good luck with the coding :)
 
nope wasent trying to encrypt the source:p
I built a encryption script to encrypt variables being sent by a form.
www.skycapvirtual.com/members/pilotLounge
if you look at the source code there will be 2 <input type='hidden' name='enrypted' value = ''>
in there, that is where my encrypted information goes, seeing that you are good with php, is it a good idea (or think you could decode it?)
 
crowebird said:
nope wasent trying to encrypt the source:p
I built a encryption script to encrypt variables being sent by a form.
www.skycapvirtual.com/members/pilotLounge
if you look at the source code there will be 2 <input type='hidden' name='enrypted' value = ''>
in there, that is where my encrypted information goes, seeing that you are good with php, is it a good idea (or think you could decode it?)


Hi mate,
I would say that depending on the algorythm used, it is probably decodable easily. It doesn't appear to be a one way algorythm.
IF it were going to be decoded a simply dictionary algorythm attacker would be able to do it providing the words that are encrypted are within the dictionary.
If it were a letter/number combination of mixed case then that would make it more difficult but not impossible.

Why would you want a decrypted string on the client side though?

Is this PKCS7? If not, if you tell me the method, I may be able to tell you if I can decode it or not?!? (worth pointing out that I am not a cryptogropher though)
 
well every time the code is generated, it is generated randomly, and why would I give away how I encrypted somthing. sure I know it can be decrypted (as I have built a script to do that also), but I spent alot of time on this one, and believe it was done well (taken that I learned php on my own and I am only 16) I can give you a word decrypted and encrypted so you can try to figure it out, but if it is done I would have to work on it again.
 
crowebird said:
well every time the code is generated, it is generated randomly, and why would I give away how I encrypted somthing. sure I know it can be decrypted (as I have built a script to do that also), but I spent alot of time on this one, and believe it was done well (taken that I learned php on my own and I am only 16) I can give you a word decrypted and encrypted so you can try to figure it out, but if it is done I would have to work on it again.
Sorry Crowebird,
I didn't mean to pi$$ on your fire or anything. I'm sure it is very good for what you want to use it for. That said, you asked for an opinion and I gave it to you. I am only aware of 4 or 5 salts/algorythms that I would want to use in that situation, that makes any of it decryptable. Based on the algorythms I would use, I would hope that you have an encryption key held either in an include or on your page (server-side) which is used to then encrypt and decrypt. Depending on the length of that key, it would take varying amounts of time to crack.

I am well aware that you are decrypting it as I saw the original posts, but what when you asked me if 'I' could decrypt it, I presumed the question was more like 'is it likely that a member of the public could decrypt it based only on the encrypted data'. Hence my answer.

Good luck with the code.
 
thanks, was just unsure if you were saying it was a bad idea considering I spent alot of time working on it. anyway I believe my way for encrypting and decrypting is a little different, everything you see in the code is used to decrypt it, no included keys or anything like that, I personally like the way it works, thanks for looking at it though.
 
MI
Back