Development of your own symmetric encryption algorithm in Php

Once, several years ago, I had a chance to do a test task for employment in one company, where the task was to develop a non-standard symmetric encryption algorithm at a high-level yap, ideologically somewhat unlike the classics of the genre - the operation xor of the original message and the secret key ... The task was poorly done, but the very idea of ​​creating an interesting non-trivial algorithm stuck in my head for a long time.



And, at the moment, what I called GenCoder has turned out from it .



Anticipating comments about special organs and aspects of the relationship with them, if the activity is related to cryptography, looking ahead, I will say that the work is carried out exclusively for experimental and research (non-commercial) purposes.



Actually, the source code of the class can be viewed here , and you can test it here .



So, the task (of this research experiment, as we will call it) was as follows:



Develop your own reversible encryption algorithm, while:



  • Each time the same message will be encrypted in a unique way and will not be repeated.
  • Introduce the so-called " randomization " of the secret key - find a way to encrypt messages not with the same secret key all the time, but with a secret string that is a function of the secret key and the original message.
  • As an unimportant addition, make the secret key variable in length while maintaining the high cryptographic strength of the algorithm (in the current version - from 64 to 100 characters).
  • , , , , .


.



.



, , . , , , . , .



, .



, , , . , , , , , .



, , , (pathKeySignature ), . β€” sha-512 , , uniqid, .



? , . , , 14-, 22-, 37-, 49- .. β€” ( pathKeySignature).



, ( , - , ). , " " xor-.



"" , (pass1 pass2, 4 ), , , , - .



. , , (, ) .



.



private function attachKey($message, $salt)
    {
        return md5(hash('sha512', $message . uniqid() . $salt) . hash('sha512', $salt));
    }

    private function pathKeySignature($user_code_1, $user_code_2, $attach_key)
    {
        return hash('sha512', $user_code_1 . $attach_key . $user_code_2);
    }


, md5 - , , ( sha512) attachKey. uniqid , , . ? , . β€” , . ? , , "!", " ", "", " ", " ?". , , . , 1 2 "0372985dee", 2 5 "0372985dee" . ? .

uniqid, .



. , cipher $path_key_signature, byteShifting .



private function cipher($path_key_signature, $message, $generateKey)
    {
...
        for ($i = 0; $i < count($message); $i++) {
            if ($sign_key >= self::hash_length) $sign_key = 0;
            $key_code_pos = hexdec($path_key_signature[$sign_key]);
            $cur_key_pos = $cur_key_pos + $key_code_pos;
            if ($cur_key_pos >= $key_length) {
                $cur_key_pos = $cur_key_pos - $key_length;
            }
            $shifted_key_symbol = $generateKey[$cur_key_pos];
            // byte shifting
            $shifted_key_symbol = $this->byteShifting($i, $shifted_key_symbol);
            $shifter = $this->mb_ord($message{$i}) ^ $this->mb_ord($shifted_key_symbol);
            $cipher_message .= $this->mb_chr($shifter);
            $sign_key++;
        }
        return $cipher_message;
    }


, attachKey pathKeySignature . , , $attach_key



public function codeMessage($message, $generateKey, $user1_pass, $receiver_hashcode)
    {
        $sender_hashcode = $this->sender_hashcode($user1_pass);
        $attach_key = $this->attachKey($message, $this->salt);
        $path_key_signature = $this->pathKeySignature($sender_hashcode, $receiver_hashcode, $attach_key);
        $result_cipher = $this->cipher($path_key_signature, $message, $generateKey) . $attach_key;
        $result_cipher = base64_encode($result_cipher);
        return gzencode($result_cipher, 9);
    }


, . attachKey, ? , "" β€” attachKey , , . , , , "" . , , . . .



decodeMessage , , .



, .



:



  • / ( )
  • ,


:



  • ( , ) , .


.



In terms of the speed of the algorithm, it is relatively fast (of course, everything is relative and is learned in comparison, we are talking about the speed of encryption in the framework of high-level yap in general and in the framework of php in particular). 2 megabytes of random text was encrypted and decrypted in 4 seconds using php 7.2. System: Intel Core i7-8700 CPU @ 3.20GHz Γ— 12, a browser with a bunch of tabs and a virtual machine were still running. Summary - encryption speed ~ 1 mb / s on an average hardware with php7.0 and higher.




All Articles