An Useless Cipher
on Jul 26, 2009 at 13:47 UTC | by Oromis92 |
| bah... something stupid, just for exercise. |
Yet Another Cryptogram Script
on Mar 20, 2009 at 09:49 UTC | by missingthepoint |
| Yes, another one. |
Blowfish based password hashing
on Dec 21, 2008 at 20:59 UTC | by zentara |
| Many linux/unix distibutions are moving up to a variation of blowfish to hash passwords. See blowfish password hashing for more details. The Crypt-Eksblowfish module gives Perl users the access to this, but the module has many parts and is not crystal clear on usage. This is just a clarified version of one of the modules test scripts, to show how you can use it. |
ARC4
on Nov 29, 2008 at 12:04 UTC | by Oromis92 |
| this is a very simple code to encode a file or a string by ARC4.
I don't use modules.
I'm a relatively perl newbie... so the code isn't perfect
|
A better rand() for Win32
on Jul 30, 2007 at 18:08 UTC | by bitshiftleft |
| With better random number generators in the unix environments (/dev/random). I was looking for something like it on Win32, and there is. My motive is that I think
some games that base there learning on neural nets may
be learning on the poor periodic rand() type of random number generation.
This means that the Neural Net may be learning the next roll
of the dice rather than the game strategy itself.
The Perl rand() repeats every 32000 times.
Cryptographically generated random numbers gather entropy to seed there generators. |
Crypt::Random::ISAAC - secure random number generator
on Jun 10, 2005 at 20:25 UTC | by radiantmatrix |
Update 2005-07.Jul-12: Version 0.92 ; new method for seed generation as a result of code feedback from PerlMonks. Thank you!
Crypt::Random::ISAAC - ISAAC Crypto-secure PRNG, using address allocation as
seed.
This is a drop-in replacement for Perl's rand(), but nothing is exported by
default.
use Crypt::Random::ISAAC 'rand';
print rand();
## OR ##
use Crypt::Random::ISAAC;
print Crypt::Random::ISAAC::rand();
## OR ##
use Crypt::Random::ISAAC qw'rand randinit';
@Crypt::ISAAC::randrsl = @seed0..255;
randinit(1); ## inits using seed value;
print rand();
This can be used with other modules like Crypt::RandPasswd in the following
manner:
use Crypt::Random::ISAAC;
use Crypt::RandPasswd;
*Crypt::RandPasswd::rng = \&Crypt::Random::ISAAC::rand;
since our rand function has the same interface.
A CSPRNG using natural timing (specific to exact CPU and load when run) as a
seed, conforming to the ISAAC spec (considered Cryptograpically Secure).
Core PRNG uses code originally (c)Bob Jenkins, 1996 and ported to Perl by
John L. Allen, 2000. See http://burtleburtle.net/bob/rand/isaacafa.html for
the original C code and the Perl translation.
Initialization is peformed during module load, but can be repeated.
- Seed not tested
-
Although the ISAAC algorithm has been well-tested for security, the method for
choosing the random seed that is employed by this module has not. The seed
is chosen by allocating memory for references, assigning the lower 32 bits of
the address to each seed slot. The results are mixed somewhat before use, and
care is taken to ensure that a contiguous block of addresses are not used.
-
If this is not secure enough, the @randrsl array can be populated with seed
values from a more entropic source (like /dev/random on *NIX). If this is done,
you must call the randinit function to re-seed the generator. For example:
-
if (-f '/dev/random') {
open RAND, '<', '/dev/random' or die('No read on random device');
for (0..255) {
my $bytes;
read(RAND,$bytes,2);
$bytes = (ord(substr($bytes,0,1))<<16) + (ord(substr($bytes,1,1)));
$Crypt::Random::ISAAC::randrsl$_ = $bytes;
}
close RAND;
}
-
But then, if you have /dev/random, you probably don't need this module!
- Rand function wrapper insufficiently tested
-
The replacement rand() relies on isaac() for its randomness. Some
numerical conversion is done. While I don't believe this conversion has any
effect on randomness, it has not been robustly tested. The author welcomes
feedback on this function.
- Version 0.9
-
Released on PerlMonks http://www.perlmonks.com - original version.
- Version 0.91
-
Not released, testing version
- Version 0.92
-
Released on PerlMonks http://www.perlmonks.com - new random-seeder method;
uses the lowest 32 bits of a series of addresses belonging to references. This
should be hard to reproduce or guess.
Darren Meyer <darren.meyer@gmail.com>, making heavy use of others' code.
Original ISAAC code (c)1996 Bob Jenkins under a ``code is free and may be used as
you wish'' license.
Perl port (c)2000 John L. Allen under the same license as the original ISAAC
code.
This module is available under the terms of the MIT License, though the code by
the above authors is unencumbered.:
Copyright (c)2005 Darren Meyer
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the ``Software''), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
of the Software, and to permit persons to whom the Software is furnished to do
so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED ``AS IS'', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE. |
Decrypt and encrypt CVS password in .cvspass
on May 17, 2005 at 12:15 UTC | by bsdz |
| This script descrambles CVS passwords normally found in your ~/.cvspass file. It also can generate scrambled passwords. I originally converted the C source code to Perl to recover an old CVS password. |
Crypt::OpenPGP - finding and using preferred SK algorithm
on Feb 03, 2004 at 16:40 UTC | by hv |
Crypt::OpenPGP provides no overt mechanism to interrogate a self-signed key to determine the owner's preferred encryption mechanisms. After pointers in Crypt::OpenPGP - determining which cipher to use I came up with this sample code that shows how you can do that.
Caveats: delves into object innards, provided for education only, tested only with modern (v4) signatures, assumption that code is self-documenting may be dubious. |
CipherSaber
on Jun 27, 2003 at 19:44 UTC | by beretboy |
| This is my own personal implementation of CipherSaber. It adheres to the CipherSaber-1 standard. It is slow, but if you want speed, use a C version. |
Crypt::Navajo
on Jan 17, 2003 at 08:45 UTC | by Cybercosis |
| This module implements the code that was devised and used by the Navajo Code Talkers in the Pacific theater of WWII. The Code was instrumental to the Allied victory there. |
HPUX password merger
on Dec 05, 2002 at 20:18 UTC | by Limbic~Region |
| http://www.users.dircon.co.uk/~crypto/ requires to work against a file in the format of /etc/passwd.
Unfortunately on HPUX in trusted mode, the encrypted passwords for each user
is stored in /tcb/files/auth/<first character of user name>/<user name>
This little program goes through and creates a /tmp/passwords file with the encrypted password back in the second field. |
CryptoPad v2.00
on Nov 29, 2002 at 17:21 UTC | by sifukurt |
| Here's the latest incarnation of CryptoPad. I've added two more encryption algorithms and moved the algorithms to a drop-down list, rather than each one having a separate button. Hopefully you'll find it useful. As always, constructive comments are welcome. |
Supervisor
on Jun 18, 2002 at 06:18 UTC | by zejames |
Supervisor is a set of 2 script :
- Supervisor, that compares file md5 checksums with the ones stores in a fingerprint file
- update, that updates information about supervised file into the fingerprint file
|
SpamStego
on Apr 22, 2002 at 02:28 UTC | by beretboy |
| Inspired by spammimic.com this code turns your message into spam-like text. Especially useful for hiding the true nature of encrypted messages. |
Transformation
on Jan 28, 2002 at 15:58 UTC | by Alex the Serb |
This script is tested on Linux platform, but could probably be run under Cygwin if Perl and GNU C compiler are installed.
The script changes the original Perl script text by some values stored in @codes variable. Then, it makes the C file and make script for it to be compiled.
After compilation the script is embeded in exe file, but its not visible in original form, so it will be not easy to change it in Hex editor. You could use this script with changed numbers in @codes variable every time you compile a new script.
This will add additional difficulties to anyone who tries to crack it. Many thanks goes to Damian Conway, who told me to read perlembed, perlxs and stuff like that, because his module Morse.pm was not good enough! .. thanks dude!
You call this script with one argument that points to Perl script that you want to transform. After transformation of the script, you should run make that was created during transformation. After that the file called "exe" is created. That is executable created from your script that will be executed real fast, much faster than using Damian's Morse or Bleach modules!!!
Important: This script was tested on many Perl scripts, however, because the Perl interpreter is statically linked into executable, the size of new script will be: (the size of Perl interpretter) + (the size of integer) * (number of characters of your script)
Also, the modules that are dinamically linked during execution must be available on the server that you are porting to. However, the most of you are like me (I don't port the scripts from one server to another that often), so you should probably
compile Perl interpreter with dinamic library option libperl.so that will render Perl interpreter to only 15 Kb or so!
Important2: Its after nearly 3-4 months of succesfull execution of executables made by this script that I dared myself to put it in here .. so there is no fear of bad stuff happening to your computer :)
So, if you are paranoic like me or if you are surrounded by sharks .. like me .. feel free to use this script to protect your work from "accidental" change.
Update: Its acctually a good thing to repeat some of the codes, because the fact that every code is different from any other incresses the probability of cracking! |
Blowfish using Inline::C
on Jan 26, 2002 at 04:41 UTC | by ton |
| I wrote a C implementation of Crypt::CBC in Blowfish mode, and tied it to Perl using the excellent Inline module. The result is a perl package that is roughly ten times faster than Crypt::CBC. All comments are welcome!
Sample Use my $obj = Blowfish->new($passphrase, length($passphrase));
my $crypttext = $obj->Encrypt($text, length($text));
my $plaintext = $obj->Decrypt($crypttext, length($crypttext));
|
Vigenere Cipher: Encode and Decode
on Jan 18, 2002 at 06:14 UTC | by mrbbking |
This is a complete and historically accurate implementation of the Vigenere cipher. According to The Code Book, by Simon Singh, (Doubleday, 1999, ISBN 0385495315) Blaise de Vigenere formalized
this cipher system based on the earlier work of Battista Alberti, Johannes Trithemius and Giovanni Porta.
This cipher is defined to function only on letters, and only with a key comprised exclusively of letters. Among this cipher's strengths is that only the encrypted letters are included in the ciphertext.
All punctuation and spaces are removed, so the ciphertext is an unbroken string of letters. No word breaks or punctuation to help in cryptanalysis.
Don't take that to mean this is secure against anyone serious.
It isn't.
There is a recent reference to a module called Crypt::Vigenere by Alistair Mills, but a CPAN search does not locate it as of 2002-01-13.
Discussion of the submission of that module is at:
http://archive.develooper.com/modules@perl.org/msg08962.html
|
Shred
on Jan 04, 2002 at 22:38 UTC | by descartes |
| A quick-and-dirty script I whipped up to securely delete files up to and beyond Orange Book standards. The default is seven passes over overwriting first with 0's, then with 1's, then with a cryptographically secure mechanism (In this case, blowfish using /dev/urandom). It is very messy, in that it uses /dev/urandom for all of its input, so on a very large file (or after many files), the entropy will become less and less random, but I'll likely do something about that when I get some time. Any other input would be appreciated. |
CryptoPad
on Dec 28, 2001 at 23:49 UTC | by sifukurt |
This script started off as one of those "I wonder if I can do this" sort of things. I wanted to get more proficient at using Tk, and I really just did it for the challenge and for the fun. I can't make any claims as to the overall level of security it provides. If you use it insecurely, it'll be insecure, simple as that. It does require several modules, all of which are listed at the top of the script. I really only designed it with mild security in mind, so if you use it for matters of national security, you do so at your own risk.
Hopefully you'll find it at least somewhat useful.
UPDATE: The problem with the zero length file output (detailed below) was a very careless error on my part. I apologize for any inconvenience this may have caused. I have corrected the error in the code contained herein. |
Ximp
on Dec 02, 2001 at 04:27 UTC | by beretboy |
| A encryption algorithm. That I whipped up. Takes file name as command line argument, -d switch sets it into decrypt mode. Key can be anything but the longer the better.XIMP stands for XIMP Is Mucho Polyalphabetic.
DISCLAIMER:
This should by no means be taken seriously! It was simply an experiment! This is by no means real crypto and could be cracked by anyone with even limited knowledge of cryptography. |
Personal crypting algorithm
on Nov 05, 2001 at 00:59 UTC | by Asmo |
This is my first package. It seems to work fine ;) It's some sort of personal encryption algorithm that uses XOR, pack, tr, and some weird key transformations.
To use it :
require 'asmocript.pl';
AsmoCrypt::acrypt($sentence,$key); to crypt a sentence and
AsmoCrypt::adecrypt($sentence,$key); to uncrypt a crypted sentence.
I apologize for my bad english ;)
Asmo |
crypt_edit.pl
on Oct 10, 2001 at 03:00 UTC | by ichimunki |
| Extremely light-weight Tk text editor that saves text to an encrypted file using GnuPG or PGP (or any other reasonably similar encryption utility). Does not yet include the ability to sign text. Will not protect you from keyboard sniffers, shared memory issues, x-ray vision, or users of PSI::ESP. This script's only intent is to make it possible to type some text and encrypt it to disk without first having to save the text to a file. Saving the plain text to a file may be fine for information in transit, but if your machine starts out secure, but is later compromised, data that was stored in a non-encrypted state may be recoverable. I realize that there are some privacy modules on CPAN and that I did not use them. They can be difficult to install, and as far as I know will not enhance the security of this script. |
Web Cryptomatic
on Sep 21, 2001 at 18:40 UTC | by oakbox |
| Update: Read the reply by no slogan about why this is NOT secure. Hopefully, you'll find this as educational as I am. ;)
A simple encrypt-decrypt web program that uses MD5
and One Time Pad together.
It's as secure as: The 'seed' key used by the sender and the SSL encryption in
your web browser.
What happens:
Read incoming text to encrypt and a unique 'seed'.
Get a MD5 hexhash of the seed, this produces a string of letters and numbers
that will be used as the pad.
Pad the incoming text against the pad.
Hex encode the text so that it will fit over a 6-bit connection.
Checksum the hex code with another MD5 Digest
Display the encoded text and checksum to the sender.
Sender emails the endcoded text and checksum
Recipient enters encoded text, checksum, and 'seed'
Program reverses the above steps and prints out the original text
As long as the 'seed' is sufficiently unique (RANDOM), is only used ONCE, and
is SECRET, I think this scheme is pretty secure. This is my first shot at a
crypto program and I would very much appreciate your input, suggestions, and
corrections.
You can see a working version of this
script here. DEMO ONLY, it's not a SSL connection and is NOT SECURE. |
CipherTextI
on Jul 17, 2001 at 06:10 UTC | by Steeeeeve |
Improved string cipher. Useful in protecting content of HTML textareas where a Javascript implementation is used by the client. The algorithm has also been implemented in Visual Basic.
This improved version uses a randomly sorted key domain table to build a modified key used in a second cipher pass. The key domain now includes ASCII values from 32 to 96 decimal. Output domain is 32 to 159 but the values 128 to 159 are shifted so as to be compatible with all ISO-8859-1 implementations in transmission equipment as well as all Windows implementations.
A patent is being sought to protect the author's right to his own innovation which uses a key attribute to articulate shifts applied to the modified key string. Its thought that the implementation demonstrates that there is some cryptographic value of a somewhat unique key attribute. The attribute is used to mask the values in the modified key as they are taken from the randomly sorted domain table. The attribute is also used to articulate shifts applied to the modified key. Applying these shifts is what creates a difference between the resulting cipher bits applied by very similar keys.
Solving a CipherText message is not trivial. To date it has not been done. An attack will require some known plaintext and sufficient data for frequency analysis. Applying a truncated modified keystring of cipher bits in the second pass diffuses the recurring pattern to N*(N-1) message elements. It also serves to mask the actual key in the event that a message is broken and the same key is used to protect other items. The algorithm uses a data-dependent shift based on message length. This results in two different results when ciphering the word "Hello" and the word "Hello ". The feature is desireable for applications that would apply the same key to a series of short strings.
If required, an ASCII compliant version can be obtained. |
Polyglot (crypto)
on Jun 10, 2001 at 20:56 UTC | by beretboy |
| polyalphabetic encryption algoritm. CANNOT HANDLE MULTILINE. enter on line to be encoded and it will spit out cipher text. run with -d and it will decipher ciphertext |
Rabin Miller
on May 23, 2001 at 00:55 UTC | by Adam |
| These functions provide a fast approach to testing the primality of numbers. Very useful in public key cryptography. This is based on the Rabin-Miller algorithm.
Many thanks to MrNobo1024 (and Euclid) for gcd and to Tye for helping me debug. |
SabreHex
on May 08, 2001 at 21:50 UTC | by TStanley |
An encryption/decryption program using chromatic's Crypt::CipherSaber module.
I also included an option to output the encrypted material in a hexidecimal format. |
Solitaire Crypto.
on Mar 20, 2001 at 01:39 UTC | by one4k4 |
| I found this rather old (year or two) article on /., and thought this might be a worthy submission into the cryptography category. Its rather fun, and quite the interesting idea. See here for a more detailed description. |
Frequency Analyzer
on Mar 16, 2001 at 04:00 UTC | by Big Willy |
| Updated as of March 16, 2001 at 0120 UTC
Does frequency analysis of a monoalphabetic enciphered message via STDIN.
(Thanks to Adam for the $i catch). |
Wombat's Bit Scrambler
on Mar 10, 2001 at 00:24 UTC | by wombat |
I recognize that this is not a security group, but I figure there must be at least a few cypherpunks in the lot of you. I came up with this scheme for encrypting text, and submit it to you to see if anyone can come up with any obvious holes.
The way this works, is a user types a passphrase which gets turned into a number between 0 and the maximum size of an integer (4,294,967,924). This number then is used to seed the random number generator. The program then collects single numbers between 0 and 7 by repeatedly calling rand(), until it has a bit vector. Then for each character of input, it maps the characters bits to the bit vector producing a scrambled character which it prints to STDOUT. By entering the same passphrase again, you get the same srand seed and thus can decrypt your bits at a later date.
Features include:
Arbitrarily long passphrases: Type as much as you like, the seed won't mind.
Non-portability: (It's not a bug!) I realize that everyone has different random number generators. That's okay. I'm mostly using this to lock down my own personal secret files. I don't think the security would be compromised too much if a person sent the particulars of their random number generator along with cyphercode if they wanted a friend to get a message.
No way to decrypt the text: I haven't coded the decryptor yet, so as of now, once encrypted, things STAY encrypted! :-)
So yeah! Like, peer-review me and stuff! BTW: I do realize that this is "Weak security" at best, and probably can be defeated by brute force if so desired. I know. But BESIDES that... :-)
~W |
cbc
on Nov 16, 2000 at 18:25 UTC | by jettero |
A niffty utility to crypt text files using a password.
It uses blowfish to do it. Sadly, because I used stty,
I suspect that this program will not work under windows.
bash$ cbc some_text_file
bash$ cbc some_text_file.cbc
bash$ cbc -c some_text_file.cbc
|
pat - find words by matching pattern (for crypto)
on Aug 21, 2000 at 07:26 UTC | by merlyn |
| Usage: pat ABCABC finds any word that has three repeated characters twice in a row (such as "murmur" in my dictionary). pat XYYX finds words that are four-character palindromes, such as "deed". In the result, X and Y must be different.
So pat ABCDEFGHAB finds ten-letter words whose first two and last
two characters are identical, but the remaining letters are all distinct, such
as "thousandth" or "Englishmen".
To require literal characters, use
lowercase, as in pat fXXd, requiring an f, two identical letters, and a d,
such as "food" or "feed".
For grins, dumps the regex that the pattern has been
transformed into, so you can write your own, or see how much work you're avoiding
by using this program.
| |
"Fun for the entire family!"
|
-- Rolling Stone magazine (but not
about this program)
|
|
Cheesy Encryption
on Apr 27, 2000 at 18:04 UTC | by ergowolf |
| creesy ROT13 or caeser encryption. This was one of the first
programs I wrote on my own. It does not preserve case. |
