Recent posts regarding file encryption prompted me to dust off this old thing and recode in perl.

It uses "alleged RC4" which generates numbers 0-255. The RNG stream is XOR'd with the input stream to create the output stream.

The period of ARC4 is about 256**256, there is little chance of being able to reproduce the initial RNG state by brute force. If you lose the key phrase, you are toast.

Needless to say, the perl version is about 1/8 the size of the original C version. :)

#!/usr/bin/perl
# symmetrical cipher STDIN to STDOUT
use warnings; 
use strict;

@ARGV or die "Usage $0 keyphrase < source > dest\n";
my @key = unpack "C*", "@ARGV";

# init ARC4 state from key
my @s = (0..255); 
my $i=0; 
for (0..255)
{       
  $i+=$key[$_%@key]+$s[$_], $i%=256;
  ($s[$_],$s[$i])=($s[$i],$s[$_]);
}

# do the magic
my $x=0; my $y=0; my $t;
print pack "C*", map          
{
  $x++, $x%=256;
  $y+=$s[$x], $y%=256;
  ($s[$x],$s[$y])=($s[$y],$s[$x]);
  $_^$s[($s[$x]+$s[$y])%256];
} unpack "C*", $t while read STDIN, $t, 32768;

[download]

Replies are listed 'Best First'.
Re: REAL unbreakable crypto
by hardburn (Abbot) on May 20, 2004 at 02:51 UTC

    No, it's not unbreakable. In cryptography, you don't throw around terms like "unbreakable" without a very solid mathmatical proof, and the only algorithm that has that is OTP. The recent obfu in question implemented an OTP, provided the files you told it to use were the same size.

    Further, both RC4 and OTP are very fragile. Used incorrectly, they are completely insecure. That's why WEP is no good.

    ----
    send money to your kernel via the boot loader.. This and more wisdom available from Markov Hardburn.

[reply]
Re: REAL unbreakable crypto
by Anonymous Monk on May 20, 2004 at 00:26 UTC
    If you're thinking of using this for a real application, remember that encrypting two files with the same key is a deadly mistake with RC4 and many other stream ciphers.
[reply]

Back to Cool Uses for Perl