logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 



Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



Performing exclusive OR between text characters

 
Post new topic   Reply to topic    Apache Forum Index -> Coding & Scripting Corner



View previous topic :: View next topic  
Author Message
walt



Joined: 24 Oct 2015
Posts: 25

PostPosted: Sat 24 Oct '15 10:16    Post subject: Performing exclusive OR between text characters Reply with quote

Hello, I'm experimenting with simple ways to scramble email addresses. The code below seems to work well, even on Chinese characters.

What I'm concerned about is if this behavior of the OR operator, on strings, might change in the future. For example, would it be better to first convert the characters (original and coding character) into binary numbers, then do the 'oring'?

Code:

<?php
 $char = 'a';
 $code = 'x';
 $encodchar = $char ^ $code;
 $unencodechar = $encodchar ^ $code;
 
 echo "Original char: ".$char."<br>";
 echo "Encoded char: ".$encodchar."<br>";
 echo "Decoded char ".$unencodechar."<br>";
?>

Output:
Original char: a
Encoded char: 
Decoded char a
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6202
Location: Germany, Next to Hamburg

PostPosted: Sat 24 Oct '15 13:23    Post subject: Reply with quote

It is very unlikely that this will change. However it might be easier to use something different like

Code:

/**
 * encrypt()
 *
 * @param mixed $string
 * @param mixed $key
 * @return mixed $retrun
 */
function encrypt($string, $key){

   $result = '';
   $lentgh = strlen($string);
   for($i = 0; $i < $lentgh; $i++) {
      $char = substr($string, $i, 1);
      $keychar = substr($key, ($i % strlen($key))-1, 1);
      $char = chr(ord($char) + ord($keychar));
      $result .= $char;
   }

   return base64_encode($result);
}

/**
 * decrypt()
 *
 * @param mixed $string
 * @param mixed $key
 * @return mixed $return
 */
function decrypt($string, $key){

   $result = '';
   $string = base64_decode($string);
   $lentgh = strlen($string);

   for($i = 0; $i < $lentgh; $i++) {
      $char = substr($string, $i, 1);
      $keychar = substr($key, ($i % strlen($key))-1, 1);
      $char = chr(ord($char) - ord($keychar));
      $result .= $char;
   }

   return $result;
}



The longer the key the harder to crack. If you use 32 charakters or even longer it is almost impossible to crack it.
Back to top
walt



Joined: 24 Oct 2015
Posts: 25

PostPosted: Sat 24 Oct '15 16:33    Post subject: Reply with quote

James, thank you very much. I need to study your code with pencil and paper, and also look up chr() and ord(). I have been reading about base64_encode(), but am still not 100% comfortable with what it means. I guess it doesn't matter as long as when used with base64_decode(), it always gives you back the original.

What I have tried is using the length of the string, as the basis for creating the encoding code. This way I would not have to worry about forgetting it, and it would also be different most of the time.

Another twist is only using the code string on one character, then using that encoded character to encode another character, use that encoded character to encode another etc. This way the coding for each character is different, and the encoded string is the same size as the original.

It may not be super secure, but it only takes 30-60us each, to encode and decode an average email address on my ISP's server. I assume that's fast, but I don't know. I have about 1k emails to protect, and search through every once in a while. I haven't even created the database yet. I have been doing it manually for years.

thanks again
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6202
Location: Germany, Next to Hamburg

PostPosted: Sun 25 Oct '15 18:48    Post subject: Reply with quote

The code that I posted above is so fast that you don't have to worry. Transporting the data from apache to the client takes longer than the encryption / decryption.
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Coding & Scripting Corner
Page 1 of 1