Writing an image encryption class

Hi, your program seems pretty cool :)
I’m still learning how to program, in which language is this?

PHP fkpuzat

Of course it’s something usual to be taking that amount of vRAM to process your algorithm. But as for your cipher to be non-crackable you’ll need a key larger than your plaintext value. But hop on to the one-time pad (Vernam cipher) if you want something secure. Vigenere even combined with tons of functions for substitution or whatever it is will still be vulnerable to excessive amount of analysis. Consider just the Kasiski examination for breaking it. Once the key length has been estimated, you’ll algorithm is down. Whereas Vernam applied modular arithmetics which is something that prevents most types of brute-forcing. I have a tutorial on this (actually it’s in the articles' section). Since Vernam is the only cipher proven to be mathematically impossible to break under certain conditions, it still requires a long key which from its side requires more vRAM applied. Your other bet is as they say ‘security through obscurity’ or in other words - steganography.

My key is generated by first making an md5 and a sha1 hash and then adding the original phrase at the end, these are then split by character and each character is turned into its ascII vlaue , the entire thing is imploded and split again , so 97 will be a 9 and a 7 , and so on, zero’s are then removed and the remaining values is looped until it fits the length of the string , How does this sound Keeper ?

That doesn’t matter as long as the above (what I wrote) is not fulfilled.

Ok I read about Kasiski method , interesting , what if i used above mentioned mixing function to mix the key up a little , so it wont loop , thus avoiding the key length detection , sorry for bothering you keeper I just want to learn , also read on the vernam cypher , very interesting, might try to write something to implement it , also started reading your article , very nice :) . Thanx for all help

What is with this “key detection”? I just meant that key should be longer than the plaintext?

To answer your main question from a “programmers perspective”:

As Keeper said, the way you seems like to proceed for encrypting your values consume a lot of memory and that’s normal.
Why ?
Since you’re fully mapping your data, key and output in memory first, you’re approximatively taking more than 3 times the data size in the heap (assuming all input/output are of the same size).

What you could do instead, is using a stream and process your encryption by block.
Here is a quick implementation of a Cypher XOR function that’s take its information from files:
(I made it in C# but I hope it’s understandable for you)
```
public void Encrypt(string dataPath, string keyPath, string outputPath)
{
System.IO.FileStream fsData = new System.IO.FileStream(dataPath, System.IO.FileMode.Open, System.IO.FileAccess.Read);
System.IO.BinaryReader rData = new System.IO.BinaryReader(fsData);

System.IO.FileStream fsKey = new System.IO.FileStream(keyPath, System.IO.FileMode.Open, System.IO.FileAccess.Read);  
System.IO.BinaryReader rKey = new System.IO.BinaryReader(fsKey);  

System.IO.FileStream fsOutput = new System.IO.FileStream(outputPath, System.IO.FileMode.Create, System.IO.FileAccess.Write);  
System.IO.BinaryWriter wOutput = new System.IO.BinaryWriter(fsOutput);  

int bufferSize = 1024;  
byte[] bufferData = rData.ReadBytes(bufferSize);  
byte[] bufferKey = rKey.ReadBytes(bufferSize);  

while (bufferData.Length > 0)  
{  
    byte[] bufferOutput = new byte[bufferData.Length];  
for(int i = 0; i < bufferData.Length; ++i)  
    bufferOutput[i] =  (byte)(bufferData[i] ^ bufferKey[i]);  
    wOutput.Write(bufferOutput);  

    bufferData = rData.ReadBytes(bufferSize);  
bufferKey = rKey.ReadBytes(bufferSize);  
}  

wOutput.Close();  
fsOutput.Close();  
rKey.Close();  
fsKey.Close();  
rData.Close();  
fsData.Close();  

}
```
Notes:
- This is assuming data and key are of the same size.
- You can see the buffer size set to 1024, it will process the cypher method by block of 1024 bytes.
- Since system call are quite consuming, you should try to reduce them as much as possible so avoid to read/write only one byte into the stream (by the way, some stream implementation are semi intelligent and won’t actually write directly for one byte).
- For performance, you can estimate a buffer size depending the file size so you can map a small file directly into memory and process the big ones by blocks.

Cons:
- This method doesn’t allow you to process encryption that’s need the whole data content while processing, you need make sure it is feasible by blocks.
- You’re locking the files on the system during the time you’re using them so don’t forgot to close all handles at the end !

@Pinkponyprincess: I don’t quite understand about the objective of this method. Did you create your encryption method to learn more about programming, or was it safer when having our encryption method in our website/database (not using common methods such as MD5, SHA1….)?

The objective is to be able to reverse the encryption, since “MD5, SHA1…” are considered as one-way algorithm, you cannot perform “decryption” on this.

Thank you Memoria , you gave me a great idea :) , freewind1012, this is for learning purposes(the full script is hundreds of lines by the way ) and i might use it someday for securing data on a website i make, or something like that . Md5 and Sha1 is one way as mentioned by Memmoria , and is not what i want , also i am currently writing a new key function as i realized the repetitive nature of the key makes it somewhat vulnerable , as brought to my attention by Keeper.. Thanx again Memoria

@Pinkponyprincess: I see. Then good luck to you. :p

hmmm….

how about you provide me your script, and some long paragraph(more than 250 words) encrypted with it and i get you your original text back???

Yes ADIGA , this pleases the princess :) , I did not have a chance to write any code last night , so ill finish the new key generation function tonight :) , when someone actually tries to decrypt it, it will make me so happy, interestingly if you have the script , you will technically be able to brute force the text. But doubt that is a option ;)

i love reversing scripts :P, no brute force for me.

Thanks, will start working on it soon.