Every repository with this icon (
) is private.
Every repository with this icon (
) is public.
| name | age | message | |
|---|---|---|---|
 |
README.markdown | Loading commit data...  |
|
| |
example.rb | ||
| |
four_bites_aes.rb |
Four Bites AES
Author: Mark Percival
Email: mark@mpercival.com
Copyright: Mark Percival 2008
License: MIT
I plan on cleaning this code up quite a bit, but it works in the current state, just a bit messy
This is a simple library that takes any 4 byte integer and encrypts it with a modified version of AES. I designed it for a project where URL brevity mattered, thereby ruling out UUID's. I simply wanted to prevent two things:
- Keep the total number of records somewhat secret
- Prevent people from easily guessing the next record
mySQL integers are 4 bytes long, so I wanted to account for that, and keep the encrypted number the same length.
I certainly wouldn't base my security on this system - there are only 4.3 billion possible combinations of a 4 byte number, so with 1 million records in the system it would be quite trivial to guess a valid record number. This library isn't designed to prevent that. It's simple designed to keep your total record count secret, and prevent the average joe/jane from easily guessing the next number, all in the shortest possible manner.
Details about the code
I followed the AES standard as much as possible, except I used 8 rounds, and a 256 bit unexpanded key. The ShiftRows method became a rotation of the 4 bytes, and the MixColumns became one single column mix. Other than that, it's essentially the same algorithm.
Example code
require 'four_bites_aes'
CRYPT = FourBitesAES.new("key goes here")
100.times do |i|
p enc = FourBitesAES.enc(i)
p dec = FourBitesAES.decrypt(enc)
end
