Javacrypt.com : Form Encryption Crypt30a

Main Menu

Home Page

Features

Wiki Pages

List galleries

List Blogs

File galleries

Forums

All articles

Crypt30a is now Unicode capable

Click to launch the Crypt30a program This program requires you to know how to copy and paste text. CTRL-C copy, CTRL-V paste, CTRL-A select all. It is a fun little program intended for you to be able to play spy games and send secret messages to each other. It is based on secret key encryption which means you have to securely share a password with a friend and then you both use the same password to encrypt or decrypt text that you will paste into an email message.

The program requires you to have JavaScript enabled and that you have Java 1.5 or newer installed on your computer. This program runs in your web page browser and runs entirely on your computer. Once the program is loaded in your browser you could disconnect from the Internet and it will still function. You will want to select your correct language for the interface before disconnecting from the Internet as separate files are used to implement the different languages for the interface.

Background

I have been in the process of revamping some of my old programs that were offered in the past from the javacrypt.com website. I decided to rebuild the Crypt program (last release was Crypt20d in the year 1999) to be able to handle other languages and more importantly to use industry standard algorithms. Previous versions used my own algorithm for encryption and for encapsulation of the cipher text. While my own algorithm has never been broken or cracked the industry standard Blowfish is better known and much more trusted.

Encryption Algorithm

I am using the Blowfish algorithm in the cipher feedback (CFB) mode which makes a block cipher into a self-synchronizing stream cipher. Further I am using a pair of SHA-1 hashes to turn the password into a 320 bit key. I'm using a randomly generated initialization vector (IV) which is used both in the hashed key generation along with the password and in the encryption. Here is a sample of how the key is generated from your password: Click to run See Key Applet.

Strength

Besides the fact that Blowfish has never been broken, the fact that the key size is substantial and secret, and that no two ciphers are the same even when using the same password due to the random initialization vector, my system also has the following additional features. The password is not saved, embedded or verified. You can use an incorrect password and the program will happily proceed to generate what it thinks is the plain text from the cipher text. This has always been the case with the Crypt program and now it is even more significant since the original text and password could have been entered in any language. Now when you try an experimental password with some cipher text you have acquired you will have to put more effort into determining if the "plain text" is the original text or just random data. Or if you are even entering a password in the same language as it was entered. The strength is limited to the strength of your password and the possibility that someone can guess your original language used for the password and data.

Summary

Don't ask me to recover encrypted data! I can't do it. If you forget your password you will not be able to recover the data. It is as simple as that. The only attack possible against the encrypted data is to try passwords and examine the resulting plain text to see if you have entered the correct password.

Last articles

1)	PHP / MYSQL / Authentication
2)	Form Encryption Crypt30a
3)	File Archive and Cleanup using Perl
4)	EMail Error Messages in Perl
5)	CUPS - Common Unix Printing System - My Perl Scripts and Batch Projects

Last blog posts

1)	Admin Log: Articulation Wed 17 of Sep, 2008 [15:16 UTC]
2)	Admin Log: establish Wed 14 of May, 2008 [17:09 UTC]
3)	Admin Log: Initialize... Wed 07 of May, 2008 [18:52 UTC]

Last forum topics

1)	Bugs: Acrobat Feature

Top Images

1)	Bismarck
2)	perlmodules.pl screenshot
3)	basic_auth_use_case
4)	db_tables_auth_uml.JPG
5)	index_dynamic_framecode.jpg

Wiki

Blogs

Articles