Jump to content




Password security

Started by Jarle212, Jan 07 2013 01:22 AM

  • You cannot reply to this topic
13 replies to this topic

#1 Jarle212

  • Members
  • 198 posts
  • LocationNorway

Posted 07 January 2013 - 01:22 AM

Here is a hashing function that allows for storing passwords secure on CC computers. As far as I know there is no way to decrypt the password

EDIT: Code updated
local function encrypt(Str)
  local OriginalString = tostring(Str)
  local cry = {}
  local randomSeed = 0
  local cryptedOut = ""
  local lenght = string.len(OriginalString)
  local randomNumberAmmount = 255 --Dosn't need to be = lenght+10
  local numberS = {}
  for i=1, lenght do
				numberS[i] = string.byte(OriginalString,i)
				randomSeed = randomSeed + string.byte(OriginalString,i)
  end
  math.randomseed(randomSeed)
  for i=1, lenght do
				cryptedOut = cryptedOut .. math.random(randomNumberAmmount*(lenght+1)*(numberS[i]+1))
  end
  return cryptedOut
end

#2 Orwell

    Self-Destructive

  • Members
  • 1,091 posts

Posted 07 January 2013 - 01:35 AM

Aren't you hiding/overriding the string api? Does that even run?

#3 Jarle212

  • Members
  • 198 posts
  • LocationNorway

Posted 07 January 2013 - 01:35 AM

Yeah it runs. Wut string api?
string.byte is standard in lua library


Edit:
It is just a function that can be accessed via os.loadAPI or just coded into a program

#4 Orwell

    Self-Destructive

  • Members
  • 1,091 posts

Posted 07 January 2013 - 01:38 AM

I'm thinking that by naming the function argument 'string', the string variable no longer holds the table/api. So you'd be indexing a string. I can't test it to be 100% sure, I'm on the phone.

#5 Jarle212

  • Members
  • 198 posts
  • LocationNorway

Posted 07 January 2013 - 01:40 AM

oh, didn't think of that, but I have tested it with (string). Changed now tought

#6 theoriginalbit

    Semi-Professional ComputerCrafter

  • Moderators
  • 7,332 posts
  • LocationAustralia

Posted 07 January 2013 - 01:45 AM

yeh the code works...

Orwell I think string api should be fine. the whole scope. since string is an argument it would be local, and it should try to call the function on it first, once that doesn't work it would check global.

#7 Jarle212

  • Members
  • 198 posts
  • LocationNorway

Posted 07 January 2013 - 01:54 AM

Here is small change to the program making it more secure(there was an error):


local function encrypt(Str)
  local OriginalString = Str
  local cry = {}
  local randomSeed = 0
  local cryptedOut = ""
  local lenght = string.len(OriginalString)
  local randomNumberAmmount = 255 --Dosn't need to be = 255
  for i=1, lenght do
		randomSeed = randomSeed + string.byte(OriginalString,i)
  end
  math.randomseed(randomSeed)
  for i=1, lenght do
		cryptedOut = cryptedOut .. math.random(randomNumberAmmount)*lenght
  end
  return cryptedOut
end

#8 theoriginalbit

    Semi-Professional ComputerCrafter

  • Moderators
  • 7,332 posts
  • LocationAustralia

Posted 07 January 2013 - 02:11 AM

View PostJarle212, on 07 January 2013 - 01:22 AM, said:

Importand change (if not used the password will only encrypt the first letter):

I was just about to tell you about this bug :)

#9 Orwell

    Self-Destructive

  • Members
  • 1,091 posts

Posted 07 January 2013 - 02:13 AM

View PostTheOriginalBIT (OnHoliday), on 07 January 2013 - 01:45 AM, said:

yeh the code works...

Orwell I think string api should be fine. the whole scope. since string is an argument it would be local, and it should try to call the function on it first, once that doesn't work it would check global.
That seems to be the case, it doesn't seem very logic to me and in most languages this would be the case only when string was undefined.

#10 Jarle212

  • Members
  • 198 posts
  • LocationNorway

Posted 07 January 2013 - 02:16 AM

View PostTheOriginalBIT (OnHoliday), on 07 January 2013 - 02:11 AM, said:

I was just about to tell you about this bug :)

:)

#11 theoriginalbit

    Semi-Professional ComputerCrafter

  • Moderators
  • 7,332 posts
  • LocationAustralia

Posted 07 January 2013 - 02:23 AM

View PostOrwell, on 07 January 2013 - 02:13 AM, said:

That seems to be the case, it doesn't seem very logic to me and in most languages this would be the case only when string was undefined.
most languages aren't like Lua though and allow functions or any variable to be assigned to a variable. however they do, do similar things with scope.

#12 Orwell

    Self-Destructive

  • Members
  • 1,091 posts

Posted 07 January 2013 - 02:34 AM

View PostTheOriginalBIT (OnHoliday), on 07 January 2013 - 02:23 AM, said:

View PostOrwell, on 07 January 2013 - 02:13 AM, said:

That seems to be the case, it doesn't seem very logic to me and in most languages this would be the case only when string was undefined.
most languages aren't like Lua though and allow functions or any variable to be assigned to a variable. however they do, do similar things with scope.
In practically every language I know (and I'm 100% sure about the lower level ones like C++ and Java), the variable is either defined or not and the inner scope has priority. So it's not really similar, it's much strict and straight forward. So it would be either be a string or a table (a string in this case because of the local scope). But in this case the rvalue is a string, but when indexed it's a table. Quite confusing :P

#13 FUCKCOMPUTERCRAFT!"£

  • Validating
  • 87 posts
  • LocationBasement

Posted 07 January 2013 - 03:16 AM

So this is a hashing algorithm not encryption then if it is 'irreversible'? Also test it works, look good :)

#14 Jarle212

  • Members
  • 198 posts
  • LocationNorway

Posted 16 April 2013 - 02:08 AM

Code updated and is now more secure.
Back to Programs


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users



  1. ComputerCraft | Programmable Computers for Minecraft
  2. ComputerCraft
  3. Programs