4

I want to create a nice cryptography using bitwise operators. However I fail to do so.

I want it to have bitwise operators using a byte array to encrypt and decrypt my byte array.

public class Cryptographer
{
    private byte[] Keys { get; set; }

    public Cryptographer(string password)
    {
        Keys = Encoding.ASCII.GetBytes(password);
    }

    public void Encrypt(byte[] data)
    {
        for(int i = 0; i < data.Length; i++)
        {
            data[i] = (byte) (data[i] & Keys[i]);
        }
    }

    public void Decrypt(byte[] data)
    {
        for (int i = 0; i < data.Length; i++)
        {
            data[i] = (byte)(Keys[i] & data[i]);
        }
    }
}

I know this is wrong, thats why I need help. I simply want it to use 1 string to encrypt and decrypt all data.

Improve this question
4
  • 1
    Telling what is holding you back helps other people help you. Commented Sep 14, 2010 at 15:04
  • What is holding me back is I find the operators very hard to understand, and also I don't know a technique to make this cryptography a bit more secure. Commented Sep 14, 2010 at 15:05
  • 3
    If you are serious about using this to protect anything, you are ill-advised to write your own code here. If this is practice code, then fine. Commented Sep 14, 2010 at 15:08
  • Note edit regarding DPAPI which may give you what you need Commented Sep 14, 2010 at 15:37

5 Answers 5

Reset to default
26

This is what is sometimes known as 'craptography', because it provides the illusion of security while being functionally useless in protecting anything. Use the framework classes if you want to do cryptography right, because it's extremely difficult to roll your own.

Take a look at this for advice on what you are trying to do (encrypt/decrypt) - http://msdn.microsoft.com/en-us/library/e970bs09.aspx. Really your requirements should determine what classes you decide to use. This has good background: http://msdn.microsoft.com/en-us/library/92f9ye3s.aspx

For simple encrypt/decrypt (if this is what you need) DPAPI may be the simplest way.

Improve this answer
Sign up to request clarification or add additional context in comments.

9 Comments

I do not know a lot about cryptography, and I certainly do not know how to implement them.
@Basser You don't need to "implement" the framework classes. You just need to click the link.
@bzlm, I've never used one of those classes, I will need to set them up correctly and secure.
@Basser: The only security mechanism that I'm aware of that is easy to get right is SSL/TLS ( SslStream ). Any homegrown mechanism that combines popular algorithms like AES, SHA-1 from the System.Security.Cryptography Namespace is a placebo at best and a danger at worst.
While I agree that using some cryptography framework is best for real-world scenarios, I believe OP was trying to learn basic cryptography and the only good way to learn it is to start from the beginning and roll your own simple xor code. Thats exactly how i just found this post, trying to learn simple xor for learning purposes. I would never write my own for my sensitive data.
|
10

You seem to be trying to implement the XOR cipher. XOR is ^ in C#:

public void Crypt(byte[] data)
{
    for(int i = 0; i < data.Length; i++)
    {
        data[i] = (byte) (data[i] ^ Keys[i]);
    }                             ↑
}

Since the Encrypt and Decrypt method do exactly the same, you need only one method.

Note, however, that this is just a toy and not suitable to secure data in real-world scenarios. Have a look at the System.Security.Cryptography Namespace which provides many implementations of proven algorithms. Using these correctly is still hard to get right though.

Improve this answer

1 Comment

A (silly) nitpick: XOR encryption can be secure if (a) the key is at least as long as the message, (b) the key is truly random, and (c) the key is never re-used. Voila! A one-time pad.
6

Use Xor ^ operator and not And &. Also you should not assume that data and key are the same length.

public class Cryptographer
{
    private byte[] Keys { get; set; }

    public Cryptographer(string password)
    {
        Keys = Encoding.ASCII.GetBytes(password);
    }

    public void Encrypt(byte[] data)
    {
        for(int i = 0; i < data.Length; i++)
        {
            data[i] = (byte) (data[i] ^ Keys[i % Keys.Length]);
        }
    }

    public void Decrypt(byte[] data)
    {
        for (int i = 0; i < data.Length; i++)
        {
            data[i] = (byte)(Keys[i % Keys.Length] ^ data[i]);
        }
    }
}
Improve this answer

2 Comments

But I want it to be a bit more advanced, and I am really confused right now.
Check this for example code of using .Net classes for encryption: obviex.com/samples/…
0 
    static void Main(string[] args)
    {

        Int32 a = 138;
        Console.WriteLine("first int: " + a.ToString());

        byte[] bytes = BitConverter.GetBytes(a);

        var bits = new BitArray(bytes);
        String lol = ToBitString(bits);
        Console.WriteLine("bit int: " + lol);

        lol = lol.Substring(1, lol.Length - 1) + lol[0];
        Console.WriteLine("left   : " + lol);

        byte[] bytes_new = GetBytes(lol);

        byte[] key = { 12, 13, 24, 85 };
        var bits2 = new BitArray(key);
        String lol2 = ToBitString(bits2);
        Console.WriteLine("key    : " + lol2);

        byte[] cryptedBytes = Crypt(bytes_new, key);
        var bits3 = new BitArray(cryptedBytes);
        String lol3 = ToBitString(bits3);
        Console.WriteLine("    XOR: " + lol3);

        byte[] deCryptedBytes = Crypt(cryptedBytes, key);
        var bits4 = new BitArray(cryptedBytes);
        String lol4 = ToBitString(bits4);
        Console.WriteLine("  DEXOR: " + lol4);

        int a_new = BitConverter.ToInt32(bytes_new, 0);
        Console.WriteLine("and int: " + a_new.ToString());

        Console.ReadLine();
    }

    public static byte[] Crypt(byte[] data, byte[] key)
    {
        byte[] toCrypt = data;
        for (int i = 0; i < toCrypt.Length; i++)
        {
            toCrypt[i] = (byte)(toCrypt[i] ^ key[i]);
        }
        return toCrypt;
    }

    private static String ToBitString(BitArray bits)
    {
        var sb = new StringBuilder();

        for (int i = bits.Count - 1; i >= 0; i--)
        {
            char c = bits[i] ? '1' : '0';
            sb.Append(c);
        }

        return sb.ToString();
    }

    private static byte[] GetBytes(string bitString)
    {
        byte[] result = Enumerable.Range(0, bitString.Length / 8).
            Select(pos => Convert.ToByte(
                bitString.Substring(pos * 8, 8),
                2)
            ).ToArray();

        List<byte> mahByteArray = new List<byte>();
        for (int i = result.Length - 1; i >= 0; i--)
        {
            mahByteArray.Add(result[i]);
        }

        return mahByteArray.ToArray();
    }
Improve this answer

Comments

0

Remember, there is no such thing as a 'secure' cipher. Any encryption method that can be written can be broken. With that being said, using simple bitwise techniques for encryption is inviting a not too bright hacker to break your encryption. There are guys/gals that sit around all day long with nothing better to do. Use one of the encryption libraries that uses a large key and do something 'unusual' to that key before using it. Even so, remember, there are people employed and not employed to do nothing but break cryptographic messages all around the world; 24 by 7. The Germans thought they had an un-breakable system in WW II. They called it Enigma. Do some reading on it and you will discover that it was broken even before the war broke out!

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.