Encoder R3

Motivation

During my last year of high school, I was quite interested in cryptography, and wanted to try my hand at writing my own tool for personal use. Additionally, I was learning about DLLs and runtime extensions, so I also included plug-and-play support for custom cryptography extensions.

Enigma-Inspired

The cryptosystem I wrote was based on Enigma, and trying to overcome its two main flaws: a character could not be encoded as itself, and the procedural misuse (such as by having certain reliable header properties). My cypher works on the basis of applying two transformations to each byte in the plaintext, and requires several passwords. The first transformation works similarly to a padding technique, where the input byte is added to the appropriate byte in the first password. The second transformation depends on a random number draw - if it is below a certain threshold, then we subtract the result of the first transformation by the appropriate byte in the second password. If it is above a different threshold, we instead add the result of the first transformation to the appropriate byte in the second password. If it is between these two thresholds, we do not change the result of the first transformation.

Note that the RNG mentioned above is seeded by a third password, and also used to draw initial offsets into both the first and second password.

The final effect of this should be a reproducible one-time pad, as by introducing the second transformation it removes any cyclical behaviour. I have not done any rigorous mathematical proofs regarding the security of this cypher, as it is for learning purposes only.

Streaming Cryptography

Sometimes files need to be encrypted that are far too large to be comfortably held in RAM (or a user might have other reasons for not loading an entire file at a time), and so it is necessary to support streaming inputs. In streaming mode Encoder currently passes in files one byte at a time to a streaming encryption handler, allowing the cypher to operate on a smaller chunk. For the RNCypher described above, this is functionally identical behaviour, as it only looked at the input data one byte at a time to begin with.

Pluggable Modules

As cryptography is a constantly evolving field, I felt it was important not to have the cyphers compiled into the primary application binary. Not only would this allow the introduction of new cyphers, but it would also allow existing cyphers to be updated - for example, patched for security vulnerabilities. This also meant that I could focus on creating a "hub" application and a good API, and not worry about all the possible cyphers that may be needed.

Current Thoughts & Learnings

Encoder was a really awesome project which greatly helped develop my interest for and intuition of cryptography. It was also the first - and possibly only - project I created that supported externally compiled code. I sadly haven't used it for personal usage as much as I had hoped when I wrote it, but I don't see that as a shortcoming of this project as much as a testament to the quality of other free and open source cryptography tools available.