Member Avatar for ziggystarman

Hi
Just written a small C++ program to try the Public & Private Key Algorithm process, the program seems to function properly as intended in that it decrypts a message sent from Bob using Alice's Public key.

#include <iostream>

using namespace std;


/***********************************************************
XOR Process
for both encryption/decryption processing
***********************************************************/
string XOR_Encryption(string toBeEncrypted, string sKey)
{

    string sEncrypted(toBeEncrypted);
    unsigned int iKey(sKey.length()), iIn(toBeEncrypted.length()), x(0);
    for(unsigned int i = 0; i < iIn; i++)
    {
        sEncrypted[i] = toBeEncrypted[i] ^ sKey[x];
        if(++x == iKey){ x = 0; }
    }
    return sEncrypted;
}


/***********************************************************
Main
***********************************************************/
int main()
{

    /**
    On Bob's PC
    -----------
    Bob wants to send Alice a message
    */
    string message = "Hello Alice, this is a short message from Bob";
    string Alices_PublicKey("AAAAB3NzaC1yc2EAAAABJQAAAIEAlzg30kazy6T+PeqjhFylhMUJNkK4AWU1kL0e2ZraqMw9eK/OzHONNky89oi6ibhn85o5ZOF83P4IJV5WiOrG3nyNif/rqV/Y2glpHodF2PLlWmAHd3bIcdrdnvXnGt70alzbXUPKbGiA2P9BMtmYNwBF/wVka3nx7pnxKmmOaS8=");
    /**
    Bob encrypts the message using Alice's Public key
    */
    string encrypted_message = XOR_Encryption(message, Alices_PublicKey);
    cout << "Bob's encrypted message reads as follows::" << encrypted_message << endl;


    /**
    On Alice's PC
    -------------
    Alice recieves the encrypted message from Bob
    */
    string Alices_PrivateKey("B2odyv0xVcHpM7t1KaeEUd3KlaM3P+48o5ZdXOjWCn2chhiDQqjtHPZ30Icm8lbcmlHJwrCs4BRKmm4/56lDJbGotQwb+B3iQLKhBG61r/ilSV9FyNHH0t6XkDfbz1nXAU8TkXPrfqDVAenTjueEL+MVCREZRzr5O8NE9vTTQx/G8Yv8dGnLkjbcPUkaOdu23khGpKKcVvEM/TyVW9dClt94yy+LTn9+eEIBBUSbxQPzITIVHjHlhjnCQ+ear+JegXWqM58X7LaYEm0Ui35d0jwDKjH36XNugiwRcaJEQbyi1EwNvdZMzO7ckL+k2UEcp+0FbQwWFnaXTi7P8gebA3QJa1XqxZGPnDmfjEut4J/TuoHwWoPgpR5YssTh4F8UYEfUWxKr3AZHxywO9tVjuIwZ/jtVHWfARTv22zIslMrICR7cvj2RY7OpWPsefhpNA+PJktoF8LSDyNze2wCO5w==");

    /**
    According to the rules, certain process's should take place
    for Alice to be able to successfully decrypt the message sent from bob

    Step [1]
    Alices should firstly XOR her Private key against her Public key
    */
    string XOR_ed_keys = XOR_Encryption(Alices_PublicKey, Alices_PrivateKey);

    /**
    Step [2]
    Then take the results from Step [1] XORed keys & XOR them against the
    encrypted message from Bob
    */
    string result = XOR_Encryption(encrypted_message, XOR_ed_keys);

    /**
    Step [3]
    Decrypt the message using the results from Step [2] & XOR them
    against Alice's Private key
    */
    string decrypted_message = XOR_Encryption(result, Alices_PrivateKey);

    /**
    Finally Alice reads the message from Bob
    */
    cout << "Bob's decrypted message reads as follows:: " << decrypted_message << endl;


    return 0;
}

My understanding is that Public & Private Keys need to be paired in order to work properly, so I used a program called PuTTY to do just that.

Here the problem:
If I generate a second set of paired keys and substituted Alice's orignal Private Key with a new Private Key[Below] & still use the original Public Key the program still decrypts Bob's message, Why?

uDLtytuUhYPduFe3vO7sRxO2MJ2KwoB0Hc9GbPDWxt30IqV9TQhxe2vdMmCKILeB
D7BlYl3t5Vl0iu+aGOQ3OAbKkJJtzOZdkRbC/horVTxFbpOjbCWpMxruaoZdySgK
Q+LPMs0c1VMdESiMU4yIzRVjvGv9H13LIuB5S1s/ipc3R0ux9xW/n08t/UlOFUSu
SvmbPQ1rgCgY6S4aqXPkZjRKbP8Bv9zI3ZDE6kOGgUwtWNH+ITeTsMv/Fl6i9b6m
XEeHOHCsBymhVt+KkZVtrbL5Zsh7+Q3Y1sladjVii7T7zqUx4np4NVjcqivnwTPe
PumtKbrrzwQPPlgEIn3TdzTN/PB1fq46c6lTMj14a4izT5e1yIqMhxRajQTTd1Cz
ozfEvJhI8lPldxhortVO6J7rJMHc08I4XbBCWN5AcOBD+imkDkdthHqsXeChhCq0
wAu67lAKD5QrC8IlQ4Z5lQ==

I was on the understanding that one Private Key was unique to it's Public Key counter part.

Or am I simply missing something here?

Best Regards

  • 2 Contributors
  • 4 Replies
  • 4K Views
  • 7 Hours Discussion Span
  • Latest Post Latest Post by ziggystarman

Recommended Answers

All 4 Replies

Member Avatar for VernonDozier

This isn't encryption. No private keys are needed at all. Toss them out. All you're doing is XORing things, which means the next XOR with the exact same public key "decrypts" the message:

#include <iostream>

using namespace std;


/***********************************************************
XOR Process
for both encryption/decryption processing
***********************************************************/
string XOR_Encryption(string toBeEncrypted, string sKey)
{

    string sEncrypted(toBeEncrypted);
    unsigned int iKey(sKey.length()), iIn(toBeEncrypted.length()), x(0);
    for(unsigned int i = 0; i < iIn; i++)
    {
        sEncrypted[i] = toBeEncrypted[i] ^ sKey[x];
        if(++x == iKey){ x = 0; }
    }
    return sEncrypted;
}


/***********************************************************
Main
***********************************************************/
int main()
{

    /**
    On Bob's PC
    -----------
    Bob wants to send Alice a message
    */
    string message = "Hello Alice, this is a short message from Bob";
    string Alices_PublicKey("AAAAB3NzaC1yc2EAAAABJQAAAIEAlzg30kazy6T+PeqjhFylhMUJNkK4AWU1kL0e2ZraqMw9eK/OzHONNky89oi6ibhn85o5ZOF83P4IJV5WiOrG3nyNif/rqV/Y2glpHodF2PLlWmAHd3bIcdrdnvXnGt70alzbXUPKbGiA2P9BMtmYNwBF/wVka3nx7pnxKmmOaS8=");
    /**
    Bob encrypts the message using Alice's Public key
    */
    string encrypted_message = XOR_Encryption(message, Alices_PublicKey);
    cout << "Bob's encrypted message reads as follows::" << encrypted_message << endl;
	
	// On Charlie the thief's PC
	string stolenMessage = XOR_Encryption(encrypted_message, Alices_PublicKey);
    cout << "Bob's decrypted/intercepted message reads as follows::" << stolenMessage << endl;

    return 0;
}
Edited by VernonDozier because: n/a
Member Avatar for ziggystarman

Cheers for pointing that out.

It's just that the sources I've visited/read describe the process of Public Key encryption & Private Key decryption by following a mathematical process of XORing.

Do you know of any good resources with code examples. I've look at some of the encryption libs to take care of this process, but to be quite honest there not much by way of example code to get you started.

Best Regards

Member Avatar for VernonDozier

>> Cheers for pointing that out.

You're welcome. Just about all of these techniques involve Bob using both his private key and Alice's public key and then Alice using Bob's public key and her private key. If you have an encryption method that uses the exact same key for both encryption and decryption and that key is public, it can't work.

>> It's just that the sources I've visited/read describe the process of Public Key encryption & Private Key decryption by following a mathematical process of XORing.

Most of them involve a lot of XORing, but there's usually some bit shifting and modular arithmetic in there too. The whole thing is to get two huge prime numbers as the keys somewhere, then multiply them together. In order to break it, the attacker has to find the two prime numbers, which is pretty much impossible. But being prime numbers, they have some nice modular arithmetic properties so it all works and everyone who needs to know knows just enough. Basically Alice and Bob know 2 of the 3 crucial numbers, but the attacker only knows 1.

>> Do you know of any good resources with code examples. I've look at some of the encryption libs to take care of this process, but to be quite honest there not much by way of example code to get you started.

I'm trying to dust off the cobwebs. It's been a while. Short answer, no, but I would suggest studying Diffie-Hellman. The wikipedia article is pretty good and it has some links which look OK.

http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange

http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange

Member Avatar for ziggystarman

Thank you very much for time & advice. I'll visit the links & have a look

Best Regards

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.