Can I put text string (serving as password) and binary data (an image file actually) together and encrypt them and then save into new a file. To view the image, first, check if password matches, if yes, read the binary data and save as image. I have to use C++.
Very new to C++. Is that technically possible? Can someone give me some ideas how to start?
If you want it to be actually secure, use somebody else's implementation of an encryption algorithm. What you're looking for is a symmetric key encryption algorithm, such as AES. You'd use the password to encrypt the image, not save the password, and then the password would decrypt said image.
And, as luck would have it, somebody else asked about using AES to encrypt and decrypt things in C and C++ here.
Related
It is new for me to work with the Crypto++ library and I'm not going to understand why they say CBC-Mode is usually not enough to protect/secure my data.
So can I deal with the CBC-Mode if I would like to use it with user passwords or not?
EDIT (from the comments):
I would like to create a program that encrypt strings with the Crypto++ library. I would like to transform data in order to keep it secret, like user passwords from a program/website, I mean like a password saver/container, with AES.
Using fstream, what file type would you recommend that I can read and write to for save files? I'm attempting to make a program where the user enters a username and a password and it'll output it to a file. I'd like a filetype that isn't very easy for the user to edit. (so not a .txt or .ini)
Thanks in advance
fstream doesn't really have a sense of a "file format" outside of being in text mode vs pure binary mode (there are some nuances with newlines for example). You would typically use some sort of intermediate library to generate or directly write XML files, JSON files, INI files, etc. SQLite is a popular library/format to store database tables in a file. Mozilla Firefox uses it for their bookmarks and history for example.
What you're talking about is security through obscurity. By using using some sort of encoding, perhaps ultimately binary so it wouldn't even be printable at all without a hex editor, it would obscure things a bit. If you used encryption it wouldn't be readable until decrypted, but you could always reverse engineer the program to determine the encryption/decryption keys and algorithms.
The most secure option is to not store the password at all, but a hash of the password. This means that even with reverse engineering the program, you wouldn't be able to directly extract the stored password. Instead, whenever the user attempted to enter a password, it would compare use the same hashing algorithm and compare the results.
This doesn't always work though, because sometimes you are storing the password to submit to a 3rd party, in which case you do have to ultimately recover the stored password into plaintext for transmitting to the 3rd party.
I hope this gives you some ideas!
I'm working on a text based adventure game in C++ and I would like to store quests in a text file,but I don't want the player to read it.
Is there an easy way to encrypt it?
Another way to "hide" content of your file to player is to encrypt the file.
You can use openssl for instance.
In this thread you can have an idea on the usage.
Velthune's OpenSSL suggestion is fine but it is arguably overkill. I would try something simple like XOR encryption instead.
Of course XOR encryption is not secure, but neither is the OpenSSL approach, since your program must store the encryption key somewhere in the executable file in order to be able to do the decryption.
There is no way to truly secure the file's contents against a determined user and still have it be accessible to a program that runs on the user's machine.
So, I'd suggest XOR encryption as a simple form of obfuscation that will deter someone from changing the file casually, yet won't make your program dependent on an external library.
The following project is done in C++ with WinAPI, for encryption/encoding I am using CryptoC++ but I am open to better libraries. I need to encrypt/encode email data, transmit it, then decrypt it at the other end so privileged users can read the email.
My original idea was just to encrypt the email text using SHA256 using my key(eg "MYKEY"). But I think I don't fully understand what hashing is. I understand that a string encrypted with SHA256 or MD5 or AES is impossible to decrypt, BUT I thought that if I encrypt the string with my special key("MYKEY") that I could then decrypt it aslong as I know the special key. Is that correct?
If not can you suggest a library, algorithm or method I can use to achieve my task of encrypting/encoding email text & ONLY being able to decrypt it if I have a key or some shared secret that will allow me to decrypt the data?
As said by Captain Giraffe, a hash algorithm is not an encryption algorithm (though they are both counted in the area of symmetric cryptography). A good hash function has no way to recover a message which fits to the produced hash (other than trying all possible messages to see if they give the same hash). (And also, a hash function has fixed size output, but has a variable size input, which means that there are many messages giving the same hash. It still should be difficult finding even one pair of messages giving the same hash, or a message for a given hash.)
You need an encryption algorithm. Most probably asymmetric encryption (using public keys to encrypt, private keys to decrypt) is a good idea.
Don't invent new cryptographic data formats or protocols. You will make mistakes, which make your product insecure.
For email encryption, use either OpenPGP (RFC 4880) or S/MIME (RFC 3851), or some subsets of one of these.
You can then use any library which supports the necessary algorithms, or some library which supports specifically these file formats.
SHA256 and MD5 are One way functions. i.e. There is no decryption. See Hashing http://en.wikipedia.org/wiki/Cryptographic_hash_function.
But you really need to read up on encryption procedures before attempting to create a secure communication.
That being said wikipedia has an article dedicated to implementations http://en.wikipedia.org/wiki/AES_implementations
Although the PDF specification is available from Adobe, it's not exactly the simplest document to read through. PDF allows documents to be encrypted so that either a user password and/or an owner password is required to do various things with the document (display, print, etc). A common use is to lock a PDF so that end users can read it without entering any password, but a password is required to do anything else.
I'm trying to parse PDFs that are locked in this way (to get the same privileges as you would get opening them in any reader). Using an empty string as the user password doesn't work, but it seems (section 3.5.2 of the spec) that there has to be a user password to create the hash for the admin password.
What I would like is either an explanation of how to do this, or any code that I can read (ideally Python, C, or C++, but anything readable will do) that does this so that I can understand what I'm meant to be doing. Standalone code, rather than reading through (e.g.) the gsview source, would be best.
A plugin for GSview for viewing encrypted PDFs is here.
If this works for you, you may be able to look at the source.
If I remember correctly, there is a fixed padding string of 32 (?) bytes to apply to any password. All passwords need to be 32 bytes at the start of computing the encryption key, either by truncating or adding some of those padding bytes.
If no user password was set you simply have to pad with all 32 bytes of the string, i.e. use the 32 padding bytes as the starting point for computing the encryption key.
I have to admit it's been a while since I've done this, I do remember that the encryption part of the PDF is an absolute mess as it got changed significantly in nearly every revision, requiring you to cope with a lot of cases to handle all PDF's.
Good luck.
xpdf is probably a good reference implementation for this sort of problem. I have successfully used them to open encrypted pdfs before.