Topic: Data-stream encryption - page 2. (Read 441 times)

I am not anyone and ho fucking dear, I have seen that name which i will come too.



I don't think I have many other options, encryption is ten a penny but unfortunately not just anyone will do.


I pulled the bitcoin Secp256k1 from a windows library and I use that for key exchange because it is second to none
but after that the code in Bitcoin uses AES for the signature from what I had seen. Here is the code that's in the project I pinched the Secp256k1 from.

I could dig deeper into this but here is another bit of code from the same project !


The header for encryption reads


This is why I stated that Bitcon uses AES after key exchange but now I have to question this myself
but this project I pulled this code from is quite a common one so I am not sure what to make of this.

A lot of people do that. And the majority get burned.
Probably the best example: Brainwallets.




 




I guess you didn't understand my statement.
The point is that it is senseless to create an 'encryption' which can easily be reverted.




What are you talking about? 




I did not intend to 'knock' you.
I just tried to show you why it is a bad idea to 'create' an own 'encryption' algorithm.

You seem to lack the basic knowledge about cryptography.
Substitution is an easily breakable approach (i.e. known-plaintext attack / frequency analysis).
Even in combination with linear functions this can not be considered safe. In no way.
Your 'encryption' will be attackable without a big effort.

Encryption is no use if it's too slow and in my case cannot be streamed and unfortunately for the PTB
I tend to trust my own judgment.


Yes Linux is better but I am too much of an expert with windows and the bloated .NET framework to just jump ship, too old too.


My code would be open source and must stand up to peer review and I am sure no one would say a world if i just pasted the AES keys over to
microsoft to process the encryption because that's just whats happen already with windows based wallet on Bitcoin so please don't knock me for
at least trying something new.

here is what I am trying to deal with

Browser --------Entry-Node------Relay-Node--------Exit-Node-------Web-site

The trouble is some web-sites use chucked data and pages are not simply send as ........
but are sent as 'Chunks' for the browser to process and waiting for the exit-node to collect and then encrypt the
whole page is not an option and you have to bear in mind that the entry node might no receive the data as one
big long packet.

Throw in that nodes are stateless apart from knowing the key and you start to see what I am up against and i just tried
putting in a few flag switches on the encryption but that didn't work because packets might be sent out as
[------100k-----------][------20k-----][--------50k--------]
but could be received as
[--1k---][---2k---][----something k-----------------------]

lucky I already have good encryption working on the HTTP request headers used to set up the circuit
but i don't think much more can be done on the payload of the page without breaking some pages so it's
a toss up between good encryption and broken pages as I see it.

1GB encryption/decrytion in under ten seconds is not something that I can just pick up off the shelf or I would believe me.

Instead of creating a (very) simple encryption by yourself, which is not just unsafe but also easy to 'crack', you might consider using an known (and trusted) algorithm.
Encryption through substitution and a few linear(!) functions can always be reversed without to much effort.

If you are not trusting windows, why not simply switch to linux? You don't even have to switch completely. You can just use a dual boot system.

Even if you want to stay on windows, it would be way easier and safer to just use an open source implementation of a well tested encryption algorithm.
You can even implement an encryption yourself. But you should really use an known (and tested) encryption algorithm.

This eliminates the risk of any closed source software / malicious implementations without exposing yourself to the risk of an easily reverted encryption.

it says

performance wise it's going to be too slow compared with


I could do something using BigInts with a bit of maths on 64 bits of data but it needs to stream
and the CPU would be running at a high rate and inserting markers into a byte array means copying the
array to make the space needed so again that's not an option.

Will keep banging away and let you know if I find a solution 

This is not so easy as you think on windows and I want the code in C# and not as a Dll since I want my program
to work as a single stand alone .exe

I am not after bloatware where you need 5,000 lines of code, it must be fast and work on the fly so it can be
used with a socket stream so that movies and big files can be streamed across an unreliable network.

Just buffering up the data before sending it back in a fixed sized blocks on the server nodes is not really an option
and even then the client might not receive the block on the network as a full block so this is why I am after on-the-fly
encryption.

Yeah something like triple DES should suit the needs of most paranoid person on earth https://en.wikipedia.org/wiki/Triple_DES

it also free, opensource and easy to implement.

Kudos for being extra paranoid.

On the side note why not use some known open-source encryption algo?

Top notch man and i will check "Veracrypt" out if I can get the source code and not just a Dll plus it's not bloated and
runs fast then I might use it.

The trouble is you can find lots this type of code but it's all Linux based and I manged to rip out Bitcoins encryption that
I trust for key exchange but it's much too slow for bulk data and "on-the-fly" encryption.


Building a network and trying to address all the problems created by criminals is a problem and on one hand we have microsoft scum
and it's new user agreement.


acting like big brother and on the other hand we have homosexual sex perverts using the network so when it comes to privacy it's becomes
all or nothing and I fear the fascist state doing more damage than the perverts myself.

Tor with just a few hundred exit nodes and slow speeds has not really advanced much in ten years and all the exit node address are known
plus onion sites only work if the server stays connected and on-line so i am trying to to develop something similar to smart contracts but instead of
just hosting bean counters the nodes host onion type sites instead

Been cutting too much code and putting it in the bin so i missed the post but will pop over now
 

If you use Windows and don't trust AES what about Veracrypt? you can use cascaded encryption settings that not include AES, you got Whirpol, Serpent, Twofish... anyway, why even use Windows? it's reasonable to assume that you are compromised by default using Windows to be honest.

dm-crypt and LUKS as Linux options but if you still need Windows then Veracrypt has insant on-the-fly decryption but im not sure how I would even go around adding that into a onion style network. I was about to make a thread about how attackers will try to incriminate people running nodes by claiming the blockchain has illegal data on it such as links to drug and CP sites and other crap which would mean anyone hosting a full node would by default be a criminal... which is why I wanted a forum dedicated to encryption only, I think it will be a must in the future for people running nodes specially, just be sure to do it right, I bricked a couple of hard drives testing things out, my password doesn't work, luckily I don't have anything of value in there.

Also please check this thread.

I rolled my own encryption regardless of all the advice not too (they would say that !) because I work on windows and will not trust any
of the Microsoft's black-box encryption tools and passing keys to Microsoft for AES encryption is a big red flag for me.

What i need is fast encryption for a Tor style network that will work with data streams for sending large volumes of data
but the trouble is the data might be send/received in random sizes and i want to relay the data as soon as it comes in

incoming upstream node [------300k-----] [-----200k-----][-----67k-----]
receiving local node        [------200---][----467k--------------------------]

So i can swap all "A's" to become "Z's" and "Z''s" becomes "A's" based on a secret key used to mix the data up
but this encryption would be easy to crack and because of the speed I don't want to keep inserting points into the
byte array being encrypted.

Now i could added extra shift into byte codes based on looking for the letters 'HTTP' but the trouble is that the
data could arrive in a blocks starting with 'TP' or ending in 'HT'  so it would be a bit hit and miss and I don't even know
the type of data that will be sent because the nodes act as SOCK4/5 and HTTP Proxy servers which you guys might like
for running nodes on Bitcoin.

So far my code is sweet but generating the CypherCode is slow so it's cached and is returned from MakeCypherCode as a 512 byte array
and the speed is second to none.


HTTPS traffic is already semi safe on this network because the CONNECT request that includes the domain name is encrypted before being sent but
the certificate response could still be sniffed but after that I plan on just sending the data "as is" since it's already encrypted

Too be honest I don't think there is a real good solution to this problem but i thought I would try anyway.