Elysian Shadows

Hey people, I would like to know what's the best C\++ cryptography lib there is currently. If you could write the why it's the best lib, I would be really greatful. I'm considering speed, size and security. Portability is of no matter right now.

Bubble sort the data then use caesar cipher on it (but offset by 4 instead of 3 and nobody will EVER crack it).

A quick search turned up this. Looks pretty functional. Was updated last march so it's not too horribly deprecated.

dandymcgee wrote:Bubble sort the data then use caesar cipher on it (but offset by 4 instead of 3 and nobody will EVER crack it).

A quick search turned up this. Looks pretty functional. Was updated last march so it's not too horribly deprecated.

Thanks dandymcgee, I'll try that out. I was already using caesar cipher but wasn't so efficient. With bubble sort it probably will be. Thanks again.

Singleton wrote:

dandymcgee wrote:Bubble sort the data then use caesar cipher on it (but offset by 4 instead of 3 and nobody will EVER crack it).

A quick search turned up this. Looks pretty functional. Was updated last march so it's not too horribly deprecated.

Thanks dandymcgee, I'll try that out. I was already using caesar cipher but wasn't so efficient. With bubble sort it probably will be. Thanks again.

Uh, if you bubble sort it, I don't think you can retrieve the original message.

This is my though process
"Hello world"
*bubble sort*
"delllorwH"
*caesar cipher*
(something like)
"123.753.732.753."
So there it is encrypted, then you go and decrypt it right?
*decrypt caesar*
"delllorwH"
Now what?

Bubble sort is irreversible. Just use a vigenere cipher. They're quite easy to code.

xiphirx wrote: This is my though process
"Hello world"
*bubble sort*
"delllorwH"
*caesar cipher*
(something like)
"123.753.732.753."
So there it is encrypted, then you go and decrypt it right?
*decrypt caesar*
"delllorwH"
Now what?

Now it's an anagram.. much more secure that way.

@xiphirx & @SD021

Indeed, I could not decrypt the data back. But anyway I won't need cryptography anymore as I decided to not make an online game anymore(cryptography would be necessary for the passwords and stuff like that). I will wait until the engine is done and then(with more experience) I'll consider making it online or not.

Singleton wrote:@xiphirx & @SD021

wat

Singleton wrote:cryptography would be necessary for the passwords and stuff like that

incorrect. All you need is a good hash function. Any of the SHA hashes would work, and you might even be able to get by with MD5 (though md5 has been proven to be pretty imperfect). Store the hash sum of the password on creation, then hash any password inputted, and compare the hashes. If the hashes match, let the guy in because either they have the correct password or they're extremely lucky/clever.

ever try and write your own rsa encryption?

short wrote:ever try and write your own rsa encryption?

he probably hasn't, and I have been at a bit of a loss how to get that sorta thing to work, but w/e. Anyway, RSA wouldn't be good for password storage, because it would take up just as much space, and would overall be too much effort when he can use a fairly simple hash to do the same work better.

Ginto8 wrote:

Singleton wrote:cryptography would be necessary for the passwords and stuff like that

incorrect. All you need is a good hash function. Any of the SHA hashes would work, and you might even be able to get by with MD5 (though md5 has been proven to be pretty imperfect). Store the hash sum of the password on creation, then hash any password inputted, and compare the hashes. If the hashes match, let the guy in because either they have the correct password or they're extremely lucky/clever.

SHA and MD5 are forms of cryptography because the data's integrity is dependent on the cryptographic hash value returned by those ciphers. Not that you asked.

Singleton wrote:cryptography would be necessary for the passwords and stuff like that

If we lived in a perfect world, then it shouldn't be necessary to apply any cipher to your password before it is sent to the server, but since we don't live in a perfect world, we have to accept that hackers will try using hooks, bots, and proxies to try and beat the system, and some users will even put backdoors in their proxies before releasing them to others. Because of this, it is important to note that all data sent to and from the client should be encrypted, and some particular data even doubly encrypted.

For example: two notably simple cipher strategies which have been implemented in some form for a few popular MMO's has been the RC5 cipher for passwords before structuring them into a net message, and a custom XOR cipher on top of that data. This, although light, is effective enough for a lot of games.

Variants of the Blowfish cipher have been used in MMO's as well, usually in unicen with a DH Key Exchange.

I'll continue to support using:

wearymemory wrote:libeay32.dll

or some other equally good, OpenSSL library.

With all of that said, it's important that you know that as long as you've used some reversible encryption (which you obviously should if you plan on knowing that data), then there's the possibility that someone could reverse engineer it, but you are less likely to have that problem unless you're working on the next upcoming MMO.

wearymemory wrote:SHA and MD5 are forms of cryptography because the data's integrity is dependent on the cryptographic hash value returned by those ciphers. Not that you asked.

Singleton wrote:cryptography would be necessary for the passwords and stuff like that

If we lived in a perfect world, then it shouldn't be necessary to apply any cipher to your password before it is sent to the server, but since we don't live in a perfect world, we have to accept that hackers will try using hooks, bots, and proxies to try and beat the system, and some users will even put backdoors in their proxies before releasing them to others. Because of this, it is important to note that all data sent to and from the client should be encrypted, and some particular data even doubly encrypted.

For example: two notably simple cipher strategies which have been implemented in some form for a few popular MMO's has been the RC5 cipher for passwords before structuring them into a net message, and a custom XOR cipher on top of that data. This, although light, is effective enough for a lot of games.

Variants of the Blowfish cipher have been used in MMO's as well, usually in unicen with a DH Key Exchange.

I'll continue to support using:

wearymemory wrote:libeay32.dll

or some other equally good, OpenSSL library.

With all of that said, it's important that you know that as long as you've used some reversible encryption (which you obviously should if you plan on knowing that data), then there's the possibility that someone could reverse engineer it, but you are less likely to have that problem unless you're working on the next upcoming MMO.

I agree. I'll check libeay32.dll and OpenSLL and see what I think about it, as well as those cipher algorithms you refered to. Thanks