Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/decipher2k/librincewind

A library for hardening symmetrical encryption algorithms against "known keyspace" attacks
https://github.com/decipher2k/librincewind

encryption known-keyspace-attacks symmetrical symmetrical-encryption

Last synced: 15 days ago
JSON representation

A library for hardening symmetrical encryption algorithms against "known keyspace" attacks

Awesome Lists containing this project

README

        

# LibRincewind

A bruteforce protected aproach for encryption using plain text ASCII passwords.



What is it about?



Normal encryption of plain text passwords can theoretically be cracked because decryption attempts with a failure password will result in non-ASCII data.

(Known Key Space Attack)



LibRincewind combines any symmetrical algorithm with a rotational algorithm so that false tries can't be distinguished from valid ones.



How does it work?



1.) The plain text gets encrypted using a password

2.) The encrypted result is rotated using a random key for each character until it is valid ASCII

3.) The key gets encrypted with another password



Caveats:



-The length of the plain text can be guessed, because it equals the length of the encryption/decryption key

-The algorithm is still prone to wordlist attacks

-The Demo is using Blowfish as the base algorithm, which is vulnerable to attacks using quantum computers. Yet the library is independend of the base algorithm, thus Blowfish can easily be replaced with AES or RC6 by creating a custom Plugin.

-The Demo is using the DotNet Pseudo-RNG. Replace it with a QRNG in real world applications.

-The method practically halves the password length compared to the really used password.



Usage:



Encryption of passwords using a main password (password managers):

CRincewind rw=new CRincewind("pluginlibrary.dll", 512);

String enc=rw.encryptString("data","password1","password2");

String dec=rw.decryptString(enc,"password1","password2");



Password authentication (password login):

CRincewind rw=new CRincewind("pluginlibrary.dll", 512):

//store this in the db

String enc=rw.generatePwAuth(password);

//test for validity

bool valid=isPwAuthValid(password,enc);



Creating custom plugins:



Implement the interface found in LibRincewindPlugin.



ToDo:

IV's for each character


Update v1.1:

-Added demo sourcecode

-Added password authentication



Contact E-Mail: [email protected]