Two goals were critical in development - to protect the cipher against cryptoanalysis and brute-force attack.
Dynamic key is main protection against cryptoanalysis and long key length (to 65 600 bytes) against
You can encrypt any string (binary or text) by calling
function (all functions
are described in API
in detail). This function checks the key at first - key
length must be between 4 and 65 500 bytes and divided by 4. If some condition fails, function returns
error values (see API
). We recommend to generate key with
function in value at least 1000 bytes for better security.
Text for encryption (thereinafter a message) is divided into blocks, whose length corresponds to the key
length. If the last block is smaller than the key length, it is completed with a random bytes.
First two bytes of message are 16-bit value indicating the number of random bytes.
E.g. you have message with length of 13 bytes and key with length of 7 bytes:
After this step main encrypting starts, that is dived into 3 steps. Every step means different
data transformation. Encrypting is applied to blocks. If system is encrypting first block, it uses
main key, decrypted previous block is key for other blocks. So we talk about dynamic key system.
Step 1 - byte substitution
Let the key length be
. System generates
values in interval from 0 to
. Then every byte from 0 to
changes position with byte at
value. Following picture demonstrates 8-byte key and block no. 2 from previous picture.
It is clear, that the greater key length the better encrypted string we get.
Step 2 - XOR
In this step the XOR operation is done - the bit complement block to key. The XOR is well know bit operator
so we do not describe it in greater detail.
Step 3 - Number transformation
In this step system counts up ASCII values of n-character from block and n-character from key.
String is created from these values. Let us show 4 byte key and imaginary string example.
Final message is 3 times longer then the original one, so it is appropriate to you basic compression
at least. We chose very simple method. Every two characters from encrypted message determines number
from 0 to 99. So we replace this value with characted with the same ASCII values.
Decrypting is the same, but inverse order.