It is currently Thu Apr 26, 2018 9:57 pm

All times are UTC - 7 hours





Post new topic Reply to topic  [ 36 posts ]  Go to page Previous  1, 2, 3
Author Message
 Post subject:
PostPosted: Sun Aug 15, 2010 5:59 am 
Offline

Joined: Sun Sep 19, 2004 11:12 pm
Posts: 19966
Location: NE Indiana, USA (NTSC)
Bregalad wrote:
tepples wrote:
I just finished a demo of password generation, entry, and validation.
Your method looks similar to what I'd have done if I were to code a password system.

May I ask how you encrypt the bits ? It's not clear in the doccumentation.

Before I implemented it in assembly language, I prototyped it in C so that I could make sure my logic was correct. This is tools/pw.c.

Quote:
It says it's inspired by TEA, but where can I find info about that ?

http://en.wikipedia.org/wiki/Tiny_Encryption_Algorithm

Like TEA, this cipher derives its diffusion from shifting two other bytes left and right and derives its nonlinearity from mixing xor and add operations.

Quote:
If I were to do that I'll scrable the bits in a random order and EOR them with some constant to make it impossible to "guess" their order originally. Is it what you're doing ?

Sort of. Most modern ciphers use a Feistel network so that every bit can affect every other bit in hard-to-predict ways. Yes, it finishes in one frame.

Quote:
So I guess the minimal lenght of a password of a 32 caracter set is (8/5)*(#of bytes + 1)
Your case is for a # of bytes of 7 (since there is one validation byte).

There are 32 bits; 8 of them are for validation. Using more than one character defeats "I'll try a random cuss word with every single possible character after it". It has only 1/8 chance of working.


Top
 Profile  
 
 Post subject:
PostPosted: Sun Aug 15, 2010 6:52 am 
Offline
User avatar

Joined: Fri Nov 12, 2004 2:49 pm
Posts: 7418
Location: Chexbres, VD, Switzerland
Quote:
There are 32 bits; 8 of them are for validation.

I guess you mean 32 bit + 8 for validation (what I said before was wrong too anyway). So there is 32 actual bits, or 4 bytes. My formula gives : 8/5 * (4 + 1) = 8 chars.

In theory you could make any very complex RPG use passwords, but all it comes to the length of it. For example an RPG which would require 2kb to save would make a 3'277 letter password, even worse than those Golden Sun passwords.

Thank you for the link. Well it looks like your system works very well I tried to input random stuff and I never hapened to find any valid password. If I understand well, 1/256 of possible passwords are valid (those who gives that 0x2A byte at the end after being decoded). I guess that's a good balance between increasing the password length and increasing the chances of a user making up a valid password by luck.
You'd also want to make sure no valid password is made of only one character repeated or something close to it (remember that Kid Icarus password : uuuuuuuuu8 ??).
It looks like none of single-letter password is valid in your demo, but I wonder if a single letter + a different letter exists (there is far too many possibilities for me to try all of them - so even if one exists it's not an issue).

Quote:
Yes, it finishes in one frame.

Not that this really matters (as long as your sound engine is in a separate NMI thread), it's not like any game were generating passwords every frame. However, if the encryption algorithm is so complex it needs extra RAM, you might as well attach a battery to it / set the battery bit in iNES header.

_________________
Life is complex: it has both real and imaginary components.


Top
 Profile  
 
 Post subject:
PostPosted: Sun Aug 15, 2010 10:02 am 
Offline
User avatar

Joined: Fri Nov 12, 2004 2:49 pm
Posts: 7418
Location: Chexbres, VD, Switzerland
Sorry to double-post, but I just don't understand a single bit of the wikipedia page you linked. The french version is completely lacking so it's not of any help either.

Also I managed to enter a valid password by luck. It's : 11289LNK
I had to do this for some time before it happened, but it happened.

_________________
Life is complex: it has both real and imaginary components.


Top
 Profile  
 
 Post subject:
PostPosted: Sun Aug 15, 2010 1:51 pm 
Offline

Joined: Sun Sep 19, 2004 11:12 pm
Posts: 19966
Location: NE Indiana, USA (NTSC)
Bregalad wrote:
Sorry to double-post, but I just don't understand a single bit of the wikipedia page you linked.

Did you understand not one bit of any of the three Wikipedia pages? If so, then you're probably brand new to cryptography. Does the Block cipher article help any? Yes, the French version of this article still appears to be what English Wikipedia calls a "stub", as is the article about TEA itself, but Or does this French article about a TEA variant and its English counterpart appear more complete.


Top
 Profile  
 
 Post subject:
PostPosted: Mon Aug 16, 2010 2:05 am 
Offline
User avatar

Joined: Wed Feb 13, 2008 9:10 am
Posts: 631
Location: Estonia, Rapla city (50 and 60Hz compatible :P)
Regarding saves, one could use a 5V flash chip and just divide it into small blocks and successively fill them, once all are filled you erase the chip and start over. You'd be using the last saved block every time when loading... this helps with extending the life of the flash, plus you got backup saves ^^
You can program individual bytes on a typical NOR flash, but erase is in blocks or whole chip at once. You can program ones to zero but not the other way.

_________________
http://www.tmeeco.eu


Top
 Profile  
 
 Post subject:
PostPosted: Mon Aug 16, 2010 2:07 am 
Offline
User avatar

Joined: Fri Nov 12, 2004 2:49 pm
Posts: 7418
Location: Chexbres, VD, Switzerland
Quote:
If so, then you're probably brand new to cryptography.

I am indeed.
What I figured is that if I just scramble and XOR the bits like I suggested, if only one bit is changed in the memory, only one bit will change in the password, and this can be easily "attacked". For this reason your complex method sounds better.

Anyway, all it takes is to do any reversible opperation on the bits. This include :
- Changing bits order (shifting left and right with the bits that goes to the left fall on the right and vice-versa goes into this cathegory). Reverse operation : Change the bits so they are like they were before (or shift in the opposite direction)
- Add a constant to the word or a part of it (reverse opperation : add the constant's two's complement, relying on overflow/underflow of course)
- XOR with a constant (reverse operation of itself)

Maybe (likely) there are other reversible opperations I missed but in any cases after a decently long chain of the opperations I listed, it should be enough crypted so that it takes some effort to reverse enginner (and after all this is very fun stuff ! Letting no chance to the reverse engineer is not fair).

To have a selectable "ultimate password" that have a meaning in an human language such as english you should add a final XOR at the end of the chain of operations so that it gets you the desired password. Or do it the lazy way and hard-code it.

_________________
Life is complex: it has both real and imaginary components.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 36 posts ]  Go to page Previous  1, 2, 3

All times are UTC - 7 hours


Who is online

Users browsing this forum: No registered users and 8 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group