Results 1 to 5 of 5
  1. #1
    Join Date
    Mar 2002
    Location
    Philadelphia, PA
    Posts
    2,508

    Password Secure program.

    I spent a little time programming a small application which encrypts & decrypts passwords, using the very strong AES encryption algorithm. It can be a security risk if you send your password over the internet whether it be through email, instant messenging or whatever. It also seems to be more common these days, for companies to outsource certain aspects of there companies (security, administration), in almost all cases your sending your password accross the internet.

    Program Features

    Currently uses AES, which is the current standard and is the most powerful encryption available.

    The key for the AES, is xor'd (light encryption) into the program, the key is then decrypted using another strong encryption algorithm. The key is then made private but available to the program.

    Program is wrapped with a packer, and is internally encrypted, with it's own protection scheme.

    Software can output/input ASCII or Hex(default), depending on your preference. Hex output is prefered and more secure.

    Has the ability to encrypt data multipletimes, which would then in result in someone having to decrypt multipletimes to unlock the password.


    Future Plans

    Will add the following commercial algorithms, BlowFish, TwoFish, Triple-Des, DS-2, RSA, GOST, SkipJack, Tea. And a custom algorith, not as secure as the others, but less common.


    Download 470KB http://www.forcepc.com/PassSecure.zip

    Suggestions are welcome.
    Last edited by viGeek; 04-26-2004 at 02:57 AM.
    Linux junkie | steward.io

  2. #2
    I might be missing something here but how is it supposed to work?

    Person A & B have the program

    Person A encrypts the password and sends it to Person B

    Person B decrypts the password for use.

    Whats to stop Person C from snagging it in the middle and decrypting it using the same program?
    Let Google know when your dead | Read More >>
    Submit Your Press Release, Article, or News Tip Today
    W3Reports - News for Webmasters

  3. #3
    Join Date
    Mar 2002
    Location
    Philadelphia, PA
    Posts
    2,508
    Correct.

    However the chances of Person C having the same program, are far less than Person C's ability to read non-encrypted text.
    Linux junkie | steward.io

  4. #4
    Join Date
    Mar 2002
    Location
    Philadelphia, PA
    Posts
    2,508
    I will make an update to where each user has a unique ID which is used with the encryption, however can't be specefied during decryption.
    Linux junkie | steward.io

  5. #5
    Might be a useful script, actually, unless you can make your script popular! If everyone has it, then really, there's no point. You have to think of something better.

    By the way, I think this should be in the Other Offers and Requests forum.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •