Simple but effective encryption program

Doomsday Prepper Forums

Help Support Doomsday Prepper Forums:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.
MNwr786

MNwr786

Demi-God
Joined
Mar 27, 2018
Messages
1,099
Reaction score
3,254
Location
minnesota
Last year sometime I had written a simple text encryption program for windows using C#. It has a box to type in a message, another box to type in a key, and an output box that combines the two using essentially a viginere table. The neat thing is that if one uses a one-time pad as a key, in other words, the key is illogical and never repeating or reused, the code is 100% unbreakable. For the less "security minded", I did add a checkbox that allows the use of a passphrase which will internally repeat as necessary, although that would make for a weak encryption and its use is not recommended for any serious messages. Also build in is the ability to salt the key with a password (in the event your one-time codebook was compromised) ~ call it an added bit of security. With that function is a checkbox that will hide the salted key from the key window so onlookers will not see the true key. There is a help button detailing the use of each function which essentially calls open the help.txt file in the unzipped folder ~ deleting this file will make the help button not work. There is an option to import and export text files into the windows for those confident (and crazy) enough to keep keys stored on their computer, but I wouldn't recommend that unless the PC never sees internet.

I had originally thought I had lost the program, but luckily found the final stable version of the exe sitting in my google drive account. I no longer have the code used to make it, but a free program called JustDecompile is able to let someone see the code it runs on. I originally wanted to edit it because my ham callsign is in the main window of the program, but I decided it wasn't worth removing and, IMO, supports the fact there is nothing shady about the program (for those not interested in using a decompiler to look into it for themselves). I will try to attach it here, not sure if that will work. Any questions about it, id be happy to answer. Heres a screenshot. Some day soon I will be rebuilding this and adding a com port option for sending the output box to a USB to UART serial converter and interface that with my radio, just need to find the time.
screenshot.jpg
 

Attachments

  • TextEncryption-v2.1.zip
    124.4 KB · Views: 12
Last edited:
I work in Information Security as a profession. Nothing is 100% unbreakable. All encryption uses an algorithm that, while many are difficult to break, none, so far, have proven to be "unbreakable". It's an ongoing challenge (usually friendly) within the Information Security world to develop a new algorithm then break it, develop another encryption method, break it, etc... . Currently algorithms based on quantum mechanics and even atomic manipulation are the path. Yes, it's gotten that complex.

That said, most encryption techniques, including this one, are at least "difficult" to break and thus, effective against most hacking attempts. The "breakable" comments I make are based on attacks from persistent nation states (i.e. China) against the encryption methods. We're talking government and military application. Most basement-dwelling black-hats don't have such capabilities.
 
Well, wikipedia agrees with me. Allow me to explain why I think what I do rather than simply argue about what I think, like most people do.

Take the standard viginere table.
VignereTableHighRes.png

Using the plain text HELLO and using something totally random to encode it, say FTOWB, the coded message is MXZHP.
The coded message now carries with it the same amount of random as the key. Because the key is not based on any logical text which might suggest it is the correct key, one could simply say that I had encoded DEATH using something just as random like JTZOI to obtain the same coded message of MXZHP. You see, there would need to be evidence, either in the form of a logical key phrase or a pattern established among many characters to support the idea my key was JTZOI rather than FTOWB. Being no evidence exists, you can say I used whatever code you wanted and Ill let you think what you want.

The unbreakable nature of this one-time pad method comes from the fact there is no repeating pattern or logic to support the idea the decryption was accurate. Which is why having access to how my program works means nothing to the cryptanalyst...
 
Last edited:
Tell ya what, decode this: SJEYFNSYEHFAKSNCNEBWRIAKSMWE

Lol, I can make that code say anything I want just by making the RANDOM key different! Your job is to tell me what RANDOM I used and to prove it without identifying logical segments or patterns to support your claim. I may not be a security expert, but I might surprise you with the broad spectrum of what little I know!

https://en.wikipedia.org/wiki/One-time_pad
EDIT: when you come to the same conclusion, please feel free to distribute that program to anyone you like ~ heck, feel free to take credit for it. Individual privacy is something I would never jeopardize or profit from.
 
Last edited:
Update: I found my old hard drive that had essentially failed and gave her one last try and managed to locate the source code so here is the entire visual studio project folder for that program in case anyone wanted to look at the code.
 

Attachments

  • TextEncryption_v2.1.zip
    1 MB · Views: 5
That's cool MNwr786. About twenty years ago I was working at a company that needed to transmit sensitive information over the Internet, including Social Security Numbers and credit card numbers. Public key encryption was garbage then. So I came up with an encryption scheme of my own. As part of it, I used a hash of a password to seed a random number generator. The password was never transmitted over the Internet, not even encrypted. Every location used a different password. I don't believe there is any possible way to break that encryption scheme without knowing the algorithm, which was not in any way like any other encryption algorithm.

Then I compressed the encrypted file with encryption, which would really frustrate someone trying to crack it because the first step is to decrypt gibberish, LOL.

I would love to give a file to somebody to try to crack.
 
DrHenley said:
That's cool MNwr786. About twenty years ago I was working at a company that needed to transmit sensitive information over the Internet, including Social Security Numbers and credit card numbers. Public key encryption was garbage then. So I came up with an encryption scheme of my own. As part of it, I used a hash of a password to seed a random number generator. The password was never transmitted over the Internet, not even encrypted. Every location used a different password. I don't believe there is any possible way to break that encryption scheme without knowing the algorithm, which was not in any way like any other encryption algorithm.

Then I compressed the encrypted file with encryption, which would really frustrate someone trying to crack it because the first step is to decrypt gibberish, LOL.

I would love to give a file to somebody to try to crack.
Click to expand...

Unfortunately, nobody takes on cryptography challenges any more because too many people waste their time with completely random stuff that has no true meaning. I remember when the NSA had an MD5 hash circling their emblem which decoded to, essentially, an application for employment, saying "if you can read this, do such and such and we will contact you", but by todays standards, MD5 hashes are laughable (even though I don't understand any of it without the aid of another website to decode it, lol). My favorite quote is "if a wise man knows anything, it's that he knows nothing at all" and I take that to heart every day. I do not fear being told I am wrong, it merely informs me that I need to further my research. And I will, rest assured!

That said, I stand behind everything I say, right or wrong,, and when I am PROVEN wrong, I will certainly admit so and educate myself accordingly!

The library of congress has one REALLY BIG FUNCTION. It serves as a collection of text that most people would use as "encrytion key" text. History has shown that many lazy people would rather choose specific page from a specific book to use as a key in a cypher than to try sharing/transporting a random one secretly. Well, the library of congress has that text and it is ran through a table like above faster than you can imagine.

My friend and I concocted a basic encryption scheme using morse code (which we learned in a day and a half with neon strips of paper between prison cell windows across the day room). It ended up with 3 staff members posted full time for a week and the inevitable relocation of one of us (me). Thats a whole different story, which leads to an entirely different story of internal network hacking between prisons lol... Needless to say, DOC regulations were re-written in Minnesota because of me, a friend, and their poor choice in IT techs. I'm a completely different person now, although, i have the same sense of privacy today.

Feel free to contact me any time about one-time pad encryption and keeping prying eyes out, it is a subject I am passionate about. "This many kilobits of this or that" "RSA or whatever" interests me NONE. Pre-shared, one-time pads are where its at if you value privacy!
 
Last edited:
I kinda think most viewers of these threads work for the government after it was learned Bill Clinton was monitoring all white men with guns and who stored food. The government can probably defeat any measures anyone here would dream up.
 
My friend made huge improvements to my program and made it into an android APK (which I never could have done alone) intended for use with tablets and other android devices that will never see the internet. Now, the program generates and captures QR codes using the camera that represent the encrypted data so that a networked phone can send it without the program or keys ever seeing the internet. We put our one-time random pad keys on an SD card, partitioned them to remove the majority of free space, then filled in all remaining free space with useless text data so the cards are completely full ~ then shared them in person. Now, when it rewrites used key data, it forcefully overwrites the same spot with zero's. As for the wear leveling algorithm and potential for memory available to the hardware only, after rewriting the used portion of the keys, it shuffles the rest around several times to limit the possibility of residual key data remaining on intact portions of the hardware-only accessible memory used for wear leveling (assuming it exists like it does with SSD drives). It was my intention to physically damage the hardware in the tablets or corrupt the modem/radio firmware to prevent any communication to and from the device wirelessly, but so far, with no service plan and in airplane mode, my spectrum analyzer has detected not a peep from it (to the surprise of my paranoid side). Now, when we want to talk, we just text a picture of what the offline device generated as a qr code or use the offline devices' camera to grab the QR from the online device that received it and nothing with encryption keys ever sees a networked device, and is destroyed instantly upon use! Not to mention, we do not keep the SD cards in the tablets, good luck finding that just to see what we will say next lol. Funniest part, we really have nothing to hide, just a means to defend privacy and ruffle the feathers of those who don't value it :) I hope they get paranoid like they want us to be! F*** 'em!
 
Schattentarn said:
Well, if you want encryption, there is a very easy way to do it. Secure email: ProtonMail is free encrypted email. It is all encrypted, free.
Click to expand...
My GMX emails are all also encrypted free, from servers in Germany, not the US, not available to the NSA and I have a Norton VPN with which I can daily choose where I am located in the internet, any nation I choose from before I go online...
The only thing most people never know or hear about...if you have an encryption software in America and want to sell it online and use it online...you must first give a copy of it to the ABC companies there so that they can "TRY IT" first:
""just to make sure it does not compromise theirs"".
Which means any software you have not written yourself and privately shared with your receiving partners...THEY already have a copy of it, sorry folks. Gary
 
I have a paid protonmail account too, I use their VPN also most of the time I'm online. The original concept behind my program was to allow for the input of a truly random key rather than depending on algorithms and logic. The reasoning, as explained in an above post, was to eliminate any possibility of cracking the code without having the key, as unlike codes produced with algorithms, there is no way to validate the key because it is not tied to logic or pattern. The result is that the coded message can be decoded to anything you want simply by using a different random key, and without a copy of the original, there is no way to tie it to a message. XYZ could mean "cat", but with an equally random key, it could also mean "dog". As long as both parties burn that key soon as its used, the truth is gone forever. I now have a cheap tablet that is completely dedicated to the use of the program.
 
I got a VPN question, Lets say I fire up my vpn connection and open a private browser and start looking at websites that I dont want others knowing I was on. At the ssame time, my phone or computer continues to do background stuff like talk to google to see if I have an email or whatever it may be in the background. My device, regardless of VPN, is still reporting my CURRENT IP to several places, not just the site I am on. What stops those two companies from getting together and saying "today, brandon was here as this IP address during this time, do you have the same IP logged in over at XXXXXXXXX.com?" And whats stopping ISP's from accessing that same data pool? I assume a VPN is like a combination lock on the shed, it just keeps honest people out...
 
Over a VPN, the sites you visit see the IP address of the endpoint of the VPN, not your IP address, and it's not coming from your ISP.
Look at it like this. You mail a package using the U.S. Postal Service (which is like your ISP connecting to the VPN) to a courier (who is like the VPN) who then flies to Paris and mails your package for you to the destination address using La Posta in France. La Posta just sees what mailbox the courier mailed the package from, they don't know how he got it.
 
DrHenley said:
Over a VPN, the sites you visit see the IP address of the endpoint of the VPN, not your IP address, and it's not coming from your ISP.
Look at it like this. You mail a package using the U.S. Postal Service (which is like your ISP connecting to the VPN) to a courier (who is like the VPN) who then flies to Paris and mails your package for you to the destination address using La Posta in France. La Posta just sees what mailbox the courier mailed the package from, they don't know how he got it.
Click to expand...
Very good explanation.
 
You must log in or register to reply here.

Similar threads

B
Helpful Info. Want to get away from Big Tech? Here’s how
Replies
3
Views
838
Arcticdude
Arcticdude
B
Quite good article on EDC etc from Offgrid
Replies
1
Views
545
bigpaul
B
Ben Harris
"SALIENT OBSERVATIONS" :-)
Replies
18
Views
444
Warriorhealer22
Warriorhealer22
B
Interesting article on Flour shortages (Uk)
Replies
0
Views
453
BillMasen
B
Silent Earth
OFFGRID on Gray man prepping
Replies
0
Views
380
Silent Earth
Silent Earth

Latest posts

Back
Top