Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Encryption Algorithm

Posted by michael on from the ten-times-better-than-ROT-13 dept.

An AC sends "BLiND is a brand new encryption algorithm which is fast, and very easy to implement. Check it out at freshmeat. This is... well... good for a laugh at least." Unfortunately you'll have to download the source and take a look at enc.c to get the joke. I think Lotus uses this level of encryption in some of their products...

10 comments

  1. Wrong name.... by scotpurl · · Score: 2

    They shoulda named it BLoNDe.

    And, no, the Lotus security doesn't suck that much.

  2. Ok, I may be showing some ignorance here... by Anonymous Coward · · Score: 1

    I was expecting something funny - like maybe the encryptor portion of the code changed everything to spaces (hence, the name - it's encrypted when you can't see it). But instead, we see this.

    It looks like a simple substitution cypher - easy to break via frequency analysis. Might be useful in simple contexts, but I wouldn't trust this for any 'real' security uses.

    On top of it all, the code is awful - since it is just a substitution cypher, why not set up a couple of global arrays of chars for the input and output substitution strings, key into the input, and output the character at that position? This guy's way of using a TON of 'if' statements just glares at me.

    Finally (and this may be because my C is rusty), he declares the variable 'c' in the function as an int, but then later tries to compare (in the 'if' statements) 'c' to a character (ie, if(c=='a') fputc('~', dst);) - unless 'a' evaluates in the end to 65, and that is what you are comparing to (which, when I think about it, may be what it does).

    The code also doesn't look quite right - like the syntax is wrong, and it would blow up massively on first compile. I haven't tried compiling it yet, so it may be fine (like I said, my C is rusty)...

    Maybe this is the joke, and I am just stupid.

    1. Re:Ok, I may be showing some ignorance here... by steelhawk · · Score: 1

      Well... you don't even need to break it (even if that would probably be very easy)... just download the blind source and (either compile it and use it to decrypt... or) look at the decryption scheme.. it says exactly what should be substituted with what.

      --

      --
      Ner lbh sebz gur HFN? Gura lbh'ir whfg ivbyngrq gur QZPN!
  3. Encryption is a bit misleading... by steelhawk · · Score: 1

    At first I thought it was some kind of encryption for safety... but it seems that it is only encryption for making things harder to read for humans...
    (Kinda like ROT13, but the replacement scheme seems to be more complex...)

    I just wonder:
    Do we really need a thing like this?

    --

    --
    Ner lbh sebz gur HFN? Gura lbh'ir whfg ivbyngrq gur QZPN!
  4. BLiND in 2 lines of perl by emag · · Score: 2

    I'm too lazy to translate this into 2 lines or less of perl. Maybe someone wants to do so, just for the possible karma?

    Seems tr(1) would suffice, too...

    <sigh>

    --
    It's pretty pathetic when karma can drop when you do nothing

    --
    "The urge to save humanity is almost always a false front for the urge to rule." --H.L. Mencken
    1. Re:BLiND in 2 lines of perl by waynem77 · · Score: 2

      Alright, I'll bite.

      $from = "a-z A-Z1-90~\\`!\@#\$\%^\&*()_\\-+={[}]:;\\\"\\',<.>?\ \/|";
      $to = "~\\`!\@#\$\%^\&*()_\\-+={[}]:;\\\"\\'<, |.?\\/1-90a-ln-zA-H" . chr(241) . "I-Z~";
      while (<>) { eval "tr/$from/$to/"; print }

      Notice how both "a" and "|" get mapped to "~", and nothing gets mapped to "m" or ">". Interesting... I think I'm missing one or two more, as well.

      (I wish Slash let me use <PRE&gt. This formatting sucks.)

    2. Re:BLiND in 2 lines of perl by emag · · Score: 2

      eval "tr/$from/$to/";

      Ick. Why eval tr when you could use the built-in tr/// (or the equivalent, 1-letter-less y///)?

      (I just wish slashcode would allow <code> for things like this)
      --
      It's pretty pathetic when karma can drop when you do nothing

      --
      "The urge to save humanity is almost always a false front for the urge to rule." --H.L. Mencken
    3. Re:BLiND in 2 lines of perl by waynem77 · · Score: 1
      Why eval tr when you could use the built-in tr///

      Good question. Answer: the tr/// operator doesn't interpolate its arguments. So "tr/$from/$to/" just takes "$" to "$", "f" to "t", and "r" to "o". I tried it your way at first, and was very confused for a while. The perlop(1) man page cleared things up.

  5. I could do better by crovax · · Score: 1
    string Encode(string val)
    {
    const char Low='/';
    const char High='z';
    //const char slow='a';
    //const char shigh='z';

    for(int x=0;x<val.length()-1;x++)
    {
    char Letter=val[x];
    if((Letter>=Low)&&(Letter<=High))
    {
    for(int index=38;index>0;index--)//shift chars 38 in ASCII
    {
    Letter=Letter+1;
    if(Letter==High+1)
    Letter=Low;
    }
    val[x]=~Letter;//invert after shift
    }
    }
    return(val);
    }

    And my comments are in english

    --
    Spelling by m-w.com.

  6. New encryption alg? by goeb · · Score: 1
    Actually, BLIND is just good old substitution cipher, which may protect your data from being read by your six-year-old brother. Anyone else will be able to decrypt "encrypted" data by hand.

    Had the author even looked at any crypto-book (e.g. Schneier's "Applied Cryptography" or Menezes's "Handbook of Applied Cryptography"), he'd never posted the algorithm.