New Encryption Algorithm 10
An AC sends "BLiND is a brand new encryption algorithm which is fast, and very easy to implement. Check it out at freshmeat. This is... well... good for a laugh at least." Unfortunately you'll have to download the source and take a look at enc.c to get the joke. I think Lotus uses this level of encryption in some of their products...
Wrong name.... (Score:2)
And, no, the Lotus security doesn't suck that much.
Ok, I may be showing some ignorance here... (Score:1)
It looks like a simple substitution cypher - easy to break via frequency analysis. Might be useful in simple contexts, but I wouldn't trust this for any 'real' security uses.
On top of it all, the code is awful - since it is just a substitution cypher, why not set up a couple of global arrays of chars for the input and output substitution strings, key into the input, and output the character at that position? This guy's way of using a TON of 'if' statements just glares at me.
Finally (and this may be because my C is rusty), he declares the variable 'c' in the function as an int, but then later tries to compare (in the 'if' statements) 'c' to a character (ie, if(c=='a') fputc('~', dst);) - unless 'a' evaluates in the end to 65, and that is what you are comparing to (which, when I think about it, may be what it does).
The code also doesn't look quite right - like the syntax is wrong, and it would blow up massively on first compile. I haven't tried compiling it yet, so it may be fine (like I said, my C is rusty)...
Maybe this is the joke, and I am just stupid.
Encryption is a bit misleading... (Score:1)
(Kinda like ROT13, but the replacement scheme seems to be more complex...)
I just wonder:
Do we really need a thing like this?
--
Re:Ok, I may be showing some ignorance here... (Score:1)
--
BLiND in 2 lines of perl (Score:2)
Seems tr(1) would suffice, too...
<sigh>
--
It's pretty pathetic when karma can drop when you do nothing
Re:BLiND in 2 lines of perl (Score:2)
Alright, I'll bite.
$from = "a-z A-Z1-90~\\`!\@#\$\%^\&*()_\\-+={[}]:;\\\"\\',<.>?\ \/|";
$to = "~\\`!\@#\$\%^\&*()_\\-+={[}]:;\\\"\\'<, |.?\\/1-90a-ln-zA-H" . chr(241) . "I-Z~";
while (<>) { eval "tr/$from/$to/"; print }
Notice how both "a" and "|" get mapped to "~", and nothing gets mapped to "m" or ">". Interesting... I think I'm missing one or two more, as well.
(I wish Slash let me use <PRE>. This formatting sucks.)
I could do better (Score:1)
{
const char Low='/';
const char High='z';
for(int x=0;x<val.length()-1;x++)
{
char Letter=val[x];
if((Letter>=Low)&&(Letter<=High))
{
for(int index=38;index>0;index--)//shift chars 38 in ASCII
{
Letter=Letter+1;
if(Letter==High+1)
Letter=Low;
}
val[x]=~Letter;//invert after shift
}
}
return(val);
}
And my comments are in english
--
Spelling by m-w.com [m-w.com].
New encryption alg? (Score:1)
Had the author even looked at any crypto-book (e.g. Schneier's "Applied Cryptography" or Menezes's "Handbook of Applied Cryptography"), he'd never posted the algorithm.
Re:BLiND in 2 lines of perl (Score:2)
Ick. Why eval tr when you could use the built-in tr/// (or the equivalent, 1-letter-less y///)?
(I just wish slashcode would allow <code> for things like this)
--
It's pretty pathetic when karma can drop when you do nothing
Re:BLiND in 2 lines of perl (Score:1)
Good question. Answer: the tr/// operator doesn't interpolate its arguments. So "tr/$from/$to/" just takes "$" to "$", "f" to "t", and "r" to "o". I tried it your way at first, and was very confused for a while. The perlop(1) man page cleared things up.