However, what you are trying to do is not a code thing, it is a math thing and you are going to want to check out sites devoted to cryptography as you will first need to develop a cryptographic formula that you can then implement in code.

A great starting point is Matt Blaze's Cryptography Resource.

I would also suggest the AES Home Page for an example since is appears that this will be the new 'standard'

If you are just starting to get into this in a real way, you will want to peruse the RSA Crypto FAQ as it has links and information on just about everything related.

And lastly, just because I thought it was cool reading I will include Courterpane Labs Blowfish page

Good luck, here is to hoping you become the next Whitfield Diffie or Martin Helman - ;-)

Note: I do not claim to be an expert at encryption. I've read a good chunk of Applied Cryptography and Schneier's mailing list, and I've hung around the Freenet Project (external link), which has some funky uses of crypto all its own. I have a grasp of how to use crypto in an application, and have an idea of how the algorithms work internaly.

Basically, I've read up enough about making your own crypto algorithm to learn this fact: don't. Modern crypto experts need a strong math background (one of the few places in CS where something well beyond high school mathmatics is absoultely essential). The NSA is thought to be the largest employer of math majors in the world, and even their stuff gets routinely broken when the algorithm is exposed to the outside world.

Fortunatly, there is still hope for those of us who think of a "matrix" as a movie. Something that Schneier and others have been stressing lately is that making a secure algorithm is actually the easy part. It's the details of use that matter. As an example, WEP encryption in 802.11b uses RC4, a stream cipher thought up by the same guy who put the 'R' in 'RSA' and has had the best minds in cryptography thrown at it and it still held up pretty well (not perfectly, mind you, but better than most stream ciphers). WEP wasn't broken because it used a bad cipher--it was broken because it used it wrong.

Fortunatly, you don't need to be a math major to know how to implement a cryptographic solution well. You'll need to know about the various ciphers in use and their flaws (both theoretical and practical). All the math-major stuff is already done for you in most langagues (such as ciphers, RNGs, hashes, compression, etc.). You just need to put the pieces together.

If you're set on writing your own cipher, might I suggest trying your hand at a pen-and-paper cipher, such as Solitaire (external link). That particular cipher has some problems (bias in its RNG), but I'd like to see more clever ideas for secure ciphers that don't need a computer to be used.

----
I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident.
-- Schemer

Note: All code is untested, unless otherwise stated

Hi everyone, I have always been fascinated by encryption and it's algorithms, so I was wondering if any one had any suggestions for getting started on writing my own.

Many interesting and useful links have already been suggested, but none of them directly answer your question. I would suggest Bruce Schneier's essay, So, You Want to be a Cryptographer. Basically, it says "study math; break codes." In particular, I direct your attention to the following:

Almost certainly you will get the urge to invent new cryptographic algorithms, and will believe that they are unbreakable. Don't resist the urge; this is one of the fun parts. But resist the belief; almost certainly your creations will be breakable, and almost certainly no one will spend the time breaking them for you. You can break them yourself as you get better.

you can download the Handbook of Applied Cryptography in PS or PDF.

Applied Crytography++ for a very detailed explanation of the concepts behind current day cyphers. I only wish my math was up to some of the latter chapters. =P

But if you’re just getting into cryptography and enjoy a good book (don’t we all?) I’d suggest The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Crytography by Simon Singh. It's a wonderful narrative going from the earliest stegranography and substitution cyphers all the way to, well, quantum cryptography as the title suggests. It has enough technical details to explain the core concepts while glossing over enough to maintain a good story flow. The Appendicies and Further Reading sections provide the more technical details and good external resources. And it has exercises!

For a bit more pure history, David Khan’s The Code Breakers chronicles the history of code breaking, with a heavy emphasis on military applications. His account of the Allied effort to crack Germany’s Enigma encoders is enthralling. Also a good read if you're interested in the development of some of the first computers. (This write-up doesn’t even approach doing it justice)




P.S. If you ever get a chance to hear Simon Singh speak, I highly recommend it. I had the priveledge of speaking with him when he visited the Perimeter Institute for Theoretical Physics, a very enjoyable and enlightening evening.

artist

andramoiennepemousapolutropon

#! /usr/local/bin/perl -w
use strict;
# --------------------------------------------------------------
#     the essence of RSA algorithm -- assymetrical\public-key cryptogr
+aphy
# --------------------------------------------------------------
use Math::Pari qw(gcd PARI) ;
# --------------------------------------------------------------

# m -- message 
my $m = 'IBM' ;
print "original: $m\n" ;
my $tmpl = 'C*' ;
my @m = unpack($tmpl, $m) ;        # string -> unsigned char values
print "coded: @m\n" ;

# n = pq -- in RSA, p & q = prime, each 1024 bits/308 digits long
my $p = PARI("prime(".int(rand 50).")") ;
my $q = PARI("prime(".int(rand 50).")") ;
my $n = $p*$q ;            # $n = Pari's obj

# choose a random number r, s.t.
#     1 < r < (p-1)(q-1) = b
#     gcd(r, b) = 1 -- relative prime
my $b = ($p-1)*($q-1) ;
my $r ;
do {$r = int rand $b ; } until (gcd($r,$b) == 1) ;
$r = PARI $r ;

# rk = 1 mod (p-1)(q-1) -- d = private key; (n, r) public
my $k = (1/$r)%$b ;        # the math operators are Pari's, since vars
+ = Pari

# encrypt -- c = (m ^ r) mod n
my @c ;
map { $c[$_] = ($m[$_]**$r)%$n } 0..$#m ;            # Perl uses ** fo
+r power
print "ciphered: @c\n" ;

# decrypt -- m = (c ^ k) mod n
my @d ; 
map { $d[$_] = PARI("($c[$_]^$k)%$n") } 0..$#c ;     # Pari uses ^ for
+ power
print "deciphered: @d\n" ;
print "decoded: " . pack($tmpl, @d) . "\n" ; 


# just checking....
print "\nprimes: $p, $q\n" ;
print "n: $n; (p-1)(q-1): $b\n" ;
print "rand: $r; key: $k\n"
[download]

#! /usr/local/bin/perl -w
use strict;
# --------------------------------------------------------------------
+------
#     the essence of RSA algorithm -- assymetrical\public-key cryptogr
+aphy
# --------------------------------------------------------------------
+------ 
use Math::Pari qw(gcd PARI) ;

my $msg = 'ibm%^&*"<>`' ;

my $cipher = cipher->new() ;
my @c = $cipher->cipher($msg)  ;
print "@c\n" ;
print $cipher->decipher(\@c) . "\n"  ;


{
    package cipher ;
    use strict ;
    use Math::Pari qw(gcd PARI) ;
    
    my ($int, $p, $q, $n, $b, $tmpl) ;        # declared here, or won'
+t share
    
    BEGIN {
        $int = 40 ;
        $p = PARI("prime(".int(rand $int).")") ;    # Pari: prime(n) -
+- the n-th prime
        $q = PARI("prime(".int(rand $int).")") ;
        $n = $p*$q ;
        $b = ($p-1)*($q-1) ;    # s.t. 1 < e < (p-1)(q-1), gcd(r, b) =
+ 1
        $tmpl = 'C*' ;            # template for pack, unpack
    }
    
    sub new {
        my $class = shift ; my $self  = {} ;
        # - - - - - - - - - - - - - - - - - - - - - - - - - -
        do {$self->{e} = int rand $b ; } until (gcd($self->{e},$b)==1)
+ ;
        $self->{e} = PARI $self->{e} ;        # public key, along with
+ $n
        $self->{d} = (1/$self->{e})%$b ;    # private key
        # - - - - - - - - - - - - - - - - - - - - - - - - - -
        bless($self, ref($class) || $class) ;
        return $self ;
    }
    
    sub cipher {
        my $self = shift ;
        my @m = unpack($tmpl, shift) ;
        my @c ; map { $c[$_] = ($m[$_]**$self->{e})%$n } 0..$#m ;    #
+ encrypt -- c = (m ^ e) mod n
        return @c ;
    }
    
    sub decipher {
        my $self = shift ;
        my @c = @{shift(@_)} ;
        my @d ; map { $d[$_] = ($c[$_]**$self->{d})%$n } 0..$#c ;    #
+ decrypt -- m = (c ^ d) mod n
        return pack($tmpl, @d) ;     
    }
}
[download]

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*"
+,<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|
+dc`
[download]

I think you´re talking about the wonderful algorithm which also found a place for itself in Cryptonomicon ;-)

It was nice to see Perl code in the pages of a best selling techno-thriller ;-)

2c2 is a simple symmetric file encryption utility. It comes with an interesting optional feature - it is capable to embed an additional file within an encrypted data. This is done in a way that cannot be detected without knowing the passphrase protecting the "hidden" file, even if the password for the primary file is disclosed. The design is such that the fact of using this method alone does not constitute a credible evidence of data hiding (IANALBMSUTDO). This kind of encryption is also called "subpoena-proof" or "deniable". Now that the courts can force you to reveal the passphrase to an encrypted file, this allows you to do that, yet still have a secret file, with plausible deniability.

That would be a useful feature in your new crypto algorithm. (Please destroy this node after reading :-))

Wow, I'm torn, but I think I'll do it just to see if I'm cool enough to pull it off. Thanks for the advice, wish me luck!!!

---

Ergo!!! Vis a Vis!!! Concordidly!!! Mr. Timberlake. I apologize. I don't usually like to use my big voice.
Will Ferrill as the Architect from the Matrix 2:Reloaded