Simple stream cipher - key generation

closed account (Lv0f92yv)
So I have a simple (read not very effective) "stream cipher" program, with the encipher function defined as follows:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
 
void encipher( const char* key, const char* filename )
{
	string outfilename = prefixExtension( "_ciphered", filename );

	ofstream cipherfile( outfilename.c_str(), ios::binary );
	ifstream plainfile( filename, ios::binary );

	if ( !cipherfile.is_open() || !plainfile.is_open() )
	{
		if ( !cipherfile.is_open() )
			cerr << "Cannot open " << filename << "\n";
		else
			cerr << "Cannot open " << outfilename.c_str() << "\n";
		return;
	}

	int encipherkeylen = strlen( key );
	int encipherkeypos = 0;
	char plaintext[1];

	cout << "Enciphering [" << filename << "] with key [" << key << "]...\n";

	plainfile.read( plaintext, 1 );

	while ( !plainfile.eof() )
	{
		if ( encipherkeypos >= encipherkeylen )
			encipherkeypos = 0;

		char cipherChar[] = { ( plaintext[0] ^ key[encipherkeypos++] ) };

		cipherfile.write( cipherChar, 1 );
		plainfile.read( plaintext, 1 );
	}
	cipherfile.close();
	plainfile.close();
}


Basically, I take a key (which is a md5 sum of a plaintext key input by the user), iterate byte by byte of the key over each byte read from a file, XOR them together, and write the 'ciphered' result to a file.

What I am looking for is some advice on how a better key generation scheme would work. I know that pseudorandom numbers (ideally truly random numbers) are used in key generation in many schemes, but if it is random, how is the message deciphered on the other end?

Thanks for any advice on this, and any criticisms of the code in general.
closed account (Lv0f92yv)
It's been a few days and still no responses, so I think I'll narrow my question a little...

My biggest conceptual hangup here is, how, if the encryption key is generated partially by using pseudo random or truly random values, can the decryption process take place?
bigearsbilly (143)
it can't of course. you need the same key to decrypt.


I did a similar thing for a laugh using another file as the key.
i.e. XOR encrypt using an image file, jpg or whatever.
Last edited on
closed account (z05DSL3A)
Desh,
The following may be of interest (all chapters are available for free download from the link).
Handbook of Applied Cryptography
http://www.cacr.math.uwaterloo.ca/hac/
closed account (Lv0f92yv)
Thanks for the response (I thought this topic was dead).

Grey Wolf - excellent - exactly what I was looking for. I will be sure to read that - thanks.
ultifinitus (1446)
Sorry for not replying earlier. But if you look at my tiny article involving encryption you'll see that someone can simply xor the end data with the original data in your file and the result will be your key... over and over and over and over.

A really simple thing you can do is increment your key by a number each time you use it, and use the modulus operator to make sure you don't overflow.

But I like Grey Wolf's link =)
closed account (Lv0f92yv)
Indeed - thanks for pointing that out. Previously I had been aware that spaces in the data would result in just the plain key being displayed.

Hadn't thought to try it with the same data.
Topic archived. No new replies allowed.