Symmetric integer to integer encryption

2020-02-26 07:06发布

问题:

I need some pointers or a practical example on how to encrypt an int to another int, and a secret key would be required to decrypt the value.

Something like:

encrypt(1, "secret key") == 67123571122
decrypt(67123571122, "secret key") == 1

This guy asks pretty much the same question: Symmetric Bijective Algorithm for Integers
however me being a total encryption "n00b" I would like some more practical examples, in python if possible.

I understand I need to use some kind of block cipher, but I'm pretty lost on the part about keeping the encrypted result still be numeric and somewhat short (maybe a long instead of an int)

Any pointers? Thanks

UPDATE- Why do I want to do this?
I have a web service where each "object" gets a URL, e.g.: example.com/thing/123456/

Right now, those IDs are sequential. I want to hide the fact that they're sequential (database IDs).

The stuff on those pages is not "top secret" or anything like that, but it shouldn't be as easy for someone to snoop in some other random' object as just incrementing that ID in the URL.

So with some kind of two-way numeric encryption, the URL IDs will not be sequential at all, and it would take someone quite a bit of time to find more of these objects. (Additionally, requests are throttled)

And the only reason I want to keep this numeric instead of an arbitrary string is so that the change is a total drop-in replacement, and things will just work without any other code changes.

Also, I can't just generate new random database IDs. I have to handle this encrypt/decrypt in the application.

回答1:

It depends how cryptographically secure you want to be. For not-very-secure (in the crypto sense - probably fine for everyday use if you don't really expect serious attack) then XOR with a fixed secret key will work. Just be aware that it will be vulnerable to some fairly basic cryptanalysis.

If you want real encryption, you'll probably have to use a stream cipher like RC4. You can grab 32 bits of keystream and XOR it with your value to encrypt it. As long as you get a new 32 bits of keystream for each value you'll be fine.

RC4 has some caveats, however, so read up on it first.

Block ciphers will not be your friend in this case as they all have block sizes of 64 bits or more. This means you need to pad your 32 bit integer to 64 bits and you'll get 64 bits back out...but you can't choose which 32 to keep. You won't be able to decrypt it with only half the bits. If you're happy to move to longs then you can use 3DES or Blowfish.

It all depends on exactly what you are encrypting and why, so it's hard to give a definitive answer. I hope this gives an idea of where to start, at least.



回答2:

You may look at this paper: Perfect Block Ciphers with Small Blocks and the slides of the presentation at the FSE 2007 conference.

The paper explains how to randomly select a permutation of n elements (e.g. the integer between 0 and n-1) which can be viewed as a cipher for this set of n elements.



回答3:

The answer I posted to that question applies to yours as well: use a short block cipher. Assuming your identifiers are 64 bits, in fact, you can simply use the XTEA cipher as-is, with a 64 bit integer as the data block.



回答4:

You want to encrypt just a single 'int' ie q 32/64 bit number?
Then the easiest way is to just XOR it with a 32/64bit secret key.



回答5:

Simple XOR cannot be called encryption. Obfuscation is a more appropriate word for it. I have developed a compact, fast and hopefully secure algorithm that I call it Ayden. It is on public domain and can be downloaded from Github. Hope it is useful.