encryption in zip or xor?

New to FreeBASIC? Post your questions here.
deltarho[1859]
Posts: 4292
Joined: Jan 02, 2017 0:34
Location: UK
Contact:

Re: encryption in zip or xor?

Post by deltarho[1859] »

Just to satisfy myself that EncDecFile was behaving as it should, I dumped the decrypted file and compared it with the original 10MB plaintext file, and they were identical. Just as well, really. Image
maurosebastian91
Posts: 30
Joined: Mar 21, 2021 18:22

Re: encryption in zip or xor?

Post by maurosebastian91 »

deltarho[1859] wrote:@maurosebastian91

Even at 1MB of data we are only talking about 4.5 milliseconds for 32-bit. I am getting old and impatient, but I reckon I could wait that long. Image
I don't have the PCG32II.BAS file, should it be in the include folder?
I wanted to avoid being pushy - you may not have been interested.

PCG32II.bas latest version (23 Nov 2020)

You could strip it down, but it is only 223 lines and has a small binary footprint. In the future, you may want a PRNG for another purpose and PCG32II is one of my favourites. It comes with a Help file as well, but I cannot find it on the forum at the moment. Forget that, here is a link to my website: PCG32IIHelp.zip
I remember that I had read that post, but since I was given several options, I have to take the time to evaluate all of them, although your option seems the best, thank you very much for the code and the manual.
deltarho[1859]
Posts: 4292
Joined: Jan 02, 2017 0:34
Location: UK
Contact:

Re: encryption in zip or xor?

Post by deltarho[1859] »

@maurosebastian91

Horses for courses. The caseih/coderJeff embedding should definitely find its way into the docs, as paul doe suggested, but I think that your horse is called obfuscation.

Now that we have the code belting along at a fair old rip and your sound files may not be that large, it may be worthwhile to up the rounds to three or even five.
deltarho[1859]
Posts: 4292
Joined: Jan 02, 2017 0:34
Location: UK
Contact:

Re: encryption in zip or xor?

Post by deltarho[1859] »

@maurosebastian91

Just to make life a little harder for an attacker, you could use something like

Code: Select all

pcg.MyRandomize( 12345, 67890 )
at some point before, EncDecFile is called. The point being that it is nowhere near the Sub. The ciphertext cannot be brute forced, so an attacker will have to get their disassembler out. It may take a while for the penny to drop that the asm for MyRandomize is related to a PRNG and used in EncDecFile; if ever, the penny does drop. I reckon that your sound file will be safe.
deltarho[1859]
Posts: 4292
Joined: Jan 02, 2017 0:34
Location: UK
Contact:

Re: encryption in zip or xor?

Post by deltarho[1859] »

The way exes are made up I doubt that the following will make it more difficult for an attacker but no harm will be done.

Code: Select all

Dim As Ulongint seed = 12345, sequence = 67890
...
...
...
pcg.MyRandomize( seed, sequence )
...
...
...
EncDFecFile( a(), -1 )
fxm
Moderator
Posts: 12081
Joined: Apr 22, 2009 12:46
Location: Paris suburbs, FRANCE

Re: encryption in zip or xor?

Post by fxm »

About embedding a text file embedding and accessing binary data in an executable file:
paul doe wrote:This is an incredibly helpful post. Any chance it could make its way to the docs?
deltarho[1859] wrote:The caseih/coderJeff embedding should definitely find its way into the docs, as paul doe suggested
Do you want me to take care of it?
- I would lean towards an example of the simplest application program, but still in a multi-platform and multi fbc version, therefore starting from the caseih example, but with the 'Extern' commands thus modified::

Code: Select all

Extern "C"
    #if defined(__FB_WIN32__) and not defined(__FB_64BIT__)
        Extern hello_txt_start Alias "binary_hello_txt_start" As Const Byte
        Extern hello_txt_end Alias "binary_hello_txt_end" As Const Byte
    #else
        Extern hello_txt_start Alias "_binary_hello_txt_start" As Const Byte
        Extern hello_txt_end Alias "_binary_hello_txt_end" As Const Byte
    #endif
End Extern

Dim hello_ptr As Const Byte Const Ptr = @hello_txt_start
Dim hello_length As Const Uinteger = @hello_txt_end - @hello_txt_start

For i As Uinteger = 0 To hello_length - 1
    Print Chr(hello_ptr[i]);
Next
Print

Sleep
- I could add it as a new article in the Programmer's Guide / Technical Articles : Embed Text and Access binary Data file in Executable
Last edited by fxm on Oct 20, 2021 5:15, edited 4 times in total.
Reason: Updated, according to following post of caseih.
caseih
Posts: 2157
Joined: Feb 26, 2007 5:32

Re: encryption in zip or xor?

Post by caseih »

I think that would be a fine addition to the wiki, however you wish to do it. Maybe you should call it "Embed and access binary data in executable" rather than text. Because it would be more useful for binary blobs such as images or audio than it would be for text files. Text files are simply an easy way to demonstrate and test it.
Last edited by caseih on Oct 19, 2021 14:15, edited 1 time in total.
fxm
Moderator
Posts: 12081
Joined: Apr 22, 2009 12:46
Location: Paris suburbs, FRANCE

Re: encryption in zip or xor?

Post by fxm »

Done:
- ProPgDataExecutable → fxm [new page 'Embed and Access binary Data in Executable']
- ProPgExecutables → fxm [added link to new page 'Embed and Access binary Data in Executable']
- CatPgProgrammer → fxm [added link to new page 'Embed and Access binary Data in Executable']
- PrintToc → fxm [added link to new page 'Embed and Access binary Data in Executable']
paul doe
Moderator
Posts: 1730
Joined: Jul 25, 2017 17:22
Location: Argentina

Re: encryption in zip or xor?

Post by paul doe »

Looks nice. A very useful addition to the Programmer's Guide, indeed.
adeyblue
Posts: 299
Joined: Nov 07, 2019 20:08

Re: encryption in zip or xor?

Post by adeyblue »

deltarho[1859] wrote: Just to make life a little harder for an attacker, you could use something like

Code: Select all

pcg.MyRandomize( 12345, 67890 )
at some point before, EncDecFile is called. The point being that it is nowhere near the Sub. The ciphertext cannot be brute forced, so an attacker will have to get their disassembler out. It may take a while for the penny to drop that the asm for MyRandomize is related to a PRNG and used in EncDecFile; if ever, the penny does drop. I reckon that your sound file will be safe.
Since I occasionally figure out game formats and write modding tools for them, if you're interested in how a motivated person might approach getting the plaintext for a file like this:
1: Run the app in WinDbg or similar debugger.
2: Put a breakpoint on the Windows ReadFile function
3: When that's hit, put a memory-read breakpoint on the buffer the file data was read into
4: When that breakpoint fires, now we know where the code that first uses the file data is. And if the data is compressed or encrypted, generally the first thing that'll happen to it is to decompress or decrypt it.

In the simple/common cases, the code we found in 4: will be in the middle of a loop and there'll be an output buffer. You then put a normal breakpoint at the end of the loop and voila, the output buffer (and I) now have the plaintext. In these cases you'd only see the ciphertext and the plaintext, the actual transformation algorthm could be anything from xor to RNG scambling to AES - the how, where and when would only matter if I intend to write tools to encode new music files for the game.

Not that the OP should worry about this. The sound file will be safe enough.
deltarho[1859]
Posts: 4292
Joined: Jan 02, 2017 0:34
Location: UK
Contact:

Re: encryption in zip or xor?

Post by deltarho[1859] »

So find the buffer and we find the plaintext. How the ciphertext was created is academic and, therefore, so is the decryption — the application does it for us. However, knowing how to do something is not the same as being able to do it. I am not confident that I would be competent enough. Of course, it is a different story for experienced attackers.

That application I mentioned earlier that employs many anti-hacker techniques blocks debuggers. I tried OllyDbg on some code and it failed. As mentioned, the software was not cheap and has an annual fee. One of the PowerBASIC members uses it.
jj2007
Posts: 2326
Joined: Oct 23, 2016 15:28
Location: Roma, Italia
Contact:

Re: encryption in zip or xor?

Post by jj2007 »

adeyblue wrote:2: Put a breakpoint on the Windows ReadFile function
3: When that's hit, put a memory-read breakpoint on the buffer the file data was read into
4: When that breakpoint fires, now we know where the code that first uses the file data is. And if the data is compressed or encrypted, generally the first thing that'll happen to it is to decompress or decrypt it.
Do I detect a hint of irony there? ;-)

5: Find the destination buffer of the decrypting routine
6: After decryption, write its content to file

Yes, that's how I would do it, and yes, OP should be reassured that 99.9% of all users can't do it. The problem is an academic one, but still, it's fun to reflect on how to make life difficult for the imaginary hacker.
deltarho[1859]
Posts: 4292
Joined: Jan 02, 2017 0:34
Location: UK
Contact:

Re: encryption in zip or xor?

Post by deltarho[1859] »

Of course, with embedding, we would not do step 2:.

However, it is inevitable that at some point the sound will exist as plaintext, even if the embedded sound is 'encrypted'.
jj2007
Posts: 2326
Joined: Oct 23, 2016 15:28
Location: Roma, Italia
Contact:

Re: encryption in zip or xor?

Post by jj2007 »

deltarho[1859] wrote:Of course, with embedding, we would not do step 2:.
That would be LoadResource instead of ReadFile.
However, it is inevitable that at some point the sound will exist as plaintext, even if the embedded sound is 'encrypted'.
Not exactly plaintext but yes, the content will be visible.
deltarho[1859]
Posts: 4292
Joined: Jan 02, 2017 0:34
Location: UK
Contact:

Re: encryption in zip or xor?

Post by deltarho[1859] »

jj2007 wrote:it's fun to reflect on how to make life difficult for the imaginary hacker.
I spent an afternoon once reading a few websites on anti-hacking techniques. Some techniques were extraordinarily clever, and the coding was very low level. In fact, to go any lower we'd need a diving suit. Image
Post Reply