#72100 - 2002-12-09 01:22 AM
Re: Wkixcrypt & console
|
MCA
KiX Supporter
Registered: 2000-04-28
Posts: 5152
Loc: Netherlands, EU
|
Dear,
Richard had make a lot of replies to other topics. Only the F2-2560 topic contains
the most general information without a FAQ section. In other topics Richard
explains "how it is working" and "what is and isn't possible". Special problems
he had with the wkixcrypt part, which wasn't a specific kixcrypt problem,
but a windows API problem.
Also we had ask Richard to create a document of it. At this moment he ask other guys
to make some effort for it.
Later this month we will try to collect all feedback from Richard in other topics
and we try to present them in a nice format to you.
greetings.
|
|
Top
|
|
|
|
|
#72101 - 2002-12-10 12:44 AM
Re: Wkixcrypt & console
|
Richard H.
Administrator
Registered: 2000-01-24
Posts: 4946
Loc: Leatherhead, Surrey, UK
|
quote:
ok, actually if his info:
quote:
--------------------------------------------------------------------------------
The encryption is a very simple XOR routine so hopefully I will still be able to travel outside the UK without fear of arrest :-o
--------------------------------------------------------------------------------
is correct, the crypter kix is 100% more affective than kixcrypt.
Phew, just back from vacation and KiXcrypt queries all over the place.
I'm not going to go into a lot of detail about the encryption used in KiXcrypt as any clue will make the encryption easier to break.
The quote above is a little out of date and a little out of context - I don't recall which version of KiXcrypt it applies to.
The basic encryption process remains a simple character-for-character method and the XOR is the base method applied to all characters which are encrypted. However the both the algorithm and additional techniques used are sufficiently complex to make it hard to break. It is not absolutely secure because:
- I'm no security guru.
- It has to be two-way, i.e. unencryptable. More secure (one-way) encryption is fine for passwords but makes a script hard to execute.
- It's purpose is to deter users from browsing for passwords or security exploits which may be present in your scripts. It should not under any circumstances be used to secure nuclear warhead activation codes.
From memory, the main features of the encryption technique are:
- The seed is either a password supplied when encrypting the file, or where no password is supplied then a random password of random length is generated. The only difference between the two methods is that a random password is embedded into the encrypted file so that it can be automatically unencrypted, and a user supplied password is not - it has to be supplied as a parameter to unencrypt the file.
The seed is used both as a start point for the encryption algorithm and also to control it's process. A long password with a good selection of characters will make the encryption less predictable. - All 256 possible byte values are accepted from the source file and used in the encrypted file. This means that any type of file including binary (Word, Excel, EXE) may be encrypted.
- The "XOR" encryption character is taken from a number of "one-time-pads". This means that each character which is encrypted from the source file has a unique character to encrypt.
- The one-time-pad used is selected by algorithm, and the pads are switched frequently.
- The character position in the one time pad is also based on an algorithm, they are not used sequentially, so even knowledge of the values of the one-time-pads would not allow you to decrypt the file.
- There are a further 3 additional methods used to peturb the encryption to make it harder to break. Some, all or none of these may be combined on each character during the encryption process and include:
Rotate higher and lower nibbles (4 bits).
Switch odd and even bits.
Skip a number of iterations of the algorithm (self modifying algorithm).
The decision on whether to use any of these "salts" is of course based on the algorithm.
Hopefully that will reassure anyone who was worried that the encryption technique might be too simple ![[Wink]](images/icons/wink.gif)
|
|
Top
|
|
|
|
Moderator: Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart
|
0 registered
and 601 anonymous users online.
|
|
|
![[Frown]](images/icons/frown.gif){kind=icon}
![[Razz]](images/icons/tongue.gif){kind=icon}
