{"id":22894912,"url":"https://github.com/duzun/cycle-crypt","last_synced_at":"2025-05-07T19:49:58.177Z","repository":{"id":42500647,"uuid":"241998378","full_name":"duzun/cycle-crypt","owner":"duzun","description":"Variable size symmetric key encryption algorithm. PHP \u0026 JavaScript implementation, small, portable and fast.","archived":false,"fork":false,"pushed_at":"2023-10-18T18:05:50.000Z","size":343,"stargazers_count":5,"open_issues_count":1,"forks_count":0,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-04-23T06:42:28.035Z","etag":null,"topics":["browser","cycle-crypt","encryption","encryption-algorithm","nodejs","php","salt","symmetric-encryption"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/duzun.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-02-20T21:54:33.000Z","updated_at":"2024-01-12T18:12:03.000Z","dependencies_parsed_at":"2024-09-18T16:29:10.967Z","dependency_job_id":null,"html_url":"https://github.com/duzun/cycle-crypt","commit_stats":{"total_commits":42,"total_committers":3,"mean_commits":14.0,"dds":0.0714285714285714,"last_synced_commit":"caffe48648ec460afa5e70336a0de8f93f3db1e9"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/duzun%2Fcycle-crypt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/duzun%2Fcycle-crypt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/duzun%2Fcycle-crypt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/duzun%2Fcycle-crypt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/duzun","download_url":"https://codeload.github.com/duzun/cycle-crypt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":229345297,"owners_count":18058472,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["browser","cycle-crypt","encryption","encryption-algorithm","nodejs","php","salt","symmetric-encryption"],"created_at":"2024-12-13T23:27:31.507Z","updated_at":"2024-12-13T23:27:31.984Z","avatar_url":"https://github.com/duzun.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# cycle-crypt [![codecov](https://codecov.io/gh/duzun/cycle-crypt/branch/master/graph/badge.svg)](https://codecov.io/gh/duzun/cycle-crypt)\n\nVariable size [symmetric](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) key encryption algorithm.\n\nPHP \u0026 JavaScript implementation, small, portable and fast.\n\nThe cipher-key is generated by cycling the input key with a variation of [XorShift+](https://en.wikipedia.org/wiki/Xorshift#xorshift+) random number generator. The bigger the key-size, the longer the period.\n\n## Install\n\n### PHP\n\n```sh\ncomposer require duzun/cycle-crypt\n```\n\n### JS\n\n```sh\nnpm i -S cycle-crypt\n```\n\n### Browser\n\n```html\n\u003cscript src=\"https://unpkg.com/cycle-crypt\"\u003e\u003c/script\u003e\n```\n\n\n## Usage\n\nHere is an example of encrypting on server and decrypting on client, salt auto-generated.\n\nPHP:\n\n```php\n// index.php\n\nuse function duzun\\cycleCrypt;\n\n$key = '*** *** ***'; // any length\n$message = 'Lorem Ipsum is simply dummy text of the printing industry...';\n$ciphered = cycleCrypt($key, $message, true);\n\n// send $ciphered to the client\necho base64_encode($ciphered);\n```\n\nExpress.js:\n\n```js\n// index.js\nconst cycleCrypt = require('cycle-crypt');\n//   or\n// import cycleCrypt from 'cycle-crypt';\n\nconst key = '*** *** ***'; // any length\n\n// ...\n\napp.get('/', function (req, res) {\n    // const salt = cycleCrypt.randomBytes(17);\n    let message = 'Lorem Ipsum is simply dummy text of the printing industry...';\n    let ciphered = cycleCrypt(key, message, true);\n\n    res.send(Buffer.from(ciphered).toString('base64'));\n});\n\n```\n\nBrowser:\n\n```js\n// site.js\nconst key = '*** *** ***'; // must be the same key used for encrypting\n\nlet message = await fetch('/')\n.then((r) =\u003e r.text())\n.then(atob)\n.then((ciphered) =\u003e cycleCrypt(key, ciphered, false));\n\nconsole.log(message.toString('utf8')); // 'hex' | 'base64'\n```\n\nIt is also possible to do the reverse: encrypt on client and decrypt on server.\n\nYou can also use your salt:\n\n```php\n// index.php\n\n// ...\n\n$salt = random_bytes(17); // any length\n$ciphered = cycleCrypt($key, $message, $salt);\n\n// Have to send the salt to the client too\necho json_encode([\n    'salt' =\u003e base64_encode($salt),\n    'ciphered' =\u003e base64_encode($ciphered)\n]);\n```\n\n```js\n// site.js\n\n// fetch ciphered \u0026 salt from server and base64 decode ...\nlet message = cycleCrypt(key, ciphered, salt);\n```\n\nOn the JS end, `message` is an instance of `Uint8Array` with a custom `.toString(encoding)`,\nwhere `encoding` is one of  'binary', 'hex', 'base64', 'utf8' or undefined (guess).\n\nFor older browsers you should use a [DataView](https://gist.github.com/mika76/20b86c76afb77c35e0b4) polyfill.\n\n### Encrypt in chunks\n\nHere is an example of encrypting a big file in small chunks,\nthus avoid using lots of memory.\n\n```php\nuse duzun\\CycleCrypt;\n\n$cc = new CycleCrypt($key/*, $salt=true*/);\n$salt = $cc-\u003egetSalt(); // required for decryption\n$chunkSize = $cc-\u003egetKeyByteSize();\n\n$in = fopen('/path/to/file', '+r');\n$out = fopen('/path/to/encrypted_file', '+w');\nwhile(!feof($in)) {\n    $chunk = fread($in, $chunkSize);\n    fwrite($out, $cc($chunk));\n}\nfclose($in);\nfclose($out);\n\nfile_put_contents('/path/to/encrypted_file.salt', $salt)\n```\n\nYou don't have to write the code to encrypt a file for yourself, cause there is a CLI for that:\n\nNode.js\n\n```sh\nnpm install -g cycle-crypt\n\ncycle-crypt -k '**** ****' -s 'the salt' -i /path/to/file -o /path/to/encrypted_file\n```\n\nPHP\n\n```sh\ncomposer global require duzun/cycle-crypt\n\ncycry.php -k '**** ****' -s 'the salt' -i /path/to/file -o /path/to/encrypted_file\n```\n\nNote: The Node.js CLI version is much faster than the PHP one.\n\n## CLI Usage\n\n    cycle-crypt -k \u003ckey\u003e [-s \u003csalt\u003e | -si \u003csalt_in\u003e | -so \u003csalt_out\u003e] [-sr \u003csalt_rounds\u003e] [-i \u003cfile_in\u003e] [-o \u003cfile_out\u003e]\n    cycle-crypt -h|--help\n\n    -h, --help      Show this help\n    -k, --key       The encryption key. Could be hex if starts with '0x'.\n    -s, --salt      Random bytes to be used as salt. Could be hex if starts with '0x'.\n                    Can contain the salt-rounds as \"0x\u003csalt_in_hex\u003ex\u003csalt_rounds\u003e\".\n    -si, --salt-in  Filename or - from where to read the salt.\n    -so, --salt-out Filename or - where to output the generated salt.\n    -sr, --salt-rounds Number of rounds of initial state generated from salt + key\n    -i, --in        Input file to encrypt or - for STDIN\n    -o, --out       Output file or - for STDOUT\n\n    You can not combine -s and -si, use just one of them.    \n\n    -i and -o default to -\n\n## Warning!\n\nIf you deal with a security critical application, please consider using one of the NIST approved standard encryption algorithms like [AES](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard).\n\nIf you don't trust any encryption algorithm, here is a hint:\n\nChoose two or more ciphers `C1`, `C2` ... `Cn` from two or more vendors.\n\nWhen ciphering the message `M` with `C` = `M` ^ `C1` ^ `C2` ^ ... ^ `Cn`, the secrecy of the cipher-text `C` is not worse than the best of `Ci`.\n\nIn other words, it can't hurt the secrecy when `xor`ing more independent ciphers.\n\nThe theory behind this property is analysed and proven in my Masters Thesis:\n\nThe sum **c** = r\u003csub\u003e1\u003c/sub\u003e  ⊕ r\u003csub\u003e2\u003c/sub\u003e ⊕ ... ⊕ r\u003csub\u003em\u003c/sub\u003e, where **c**, r\u003csub\u003ei\u003c/sub\u003e ∊ 𝔹\u003csub\u003ek\u003c/sub\u003e (string of bits of length k), i=1,m, is a [perfect secret](https://www.wikiwand.com/en/One-time_pad#Perfect_secrecy) if and only if there is at least one r\u003csub\u003ei\u003c/sub\u003e perfect secret and the operation ⊕ is a [cryptographic safe](https://www.wikiwand.com/en/Cryptographic_hash_function) operation.\n\n## To Do\n\nThe JS version uses Uint32Array and Uint8Array, which use little endian or big endian, depending on hardware. The current implementation has been tested in little endian HW only!\n\nHave to implement the alternative to big endian too.\n\n[link](https://stackoverflow.com/questions/7869752/javascript-typed-arrays-and-endianness)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fduzun%2Fcycle-crypt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fduzun%2Fcycle-crypt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fduzun%2Fcycle-crypt/lists"}