[GitHub] Open Source Secure Encryption Class

26-04-2015, 02:24 PM

Sozin Wrote: Any hash is crackable via Bruteforce.

Its not really the hash you should care about, you should focus on prevention of BruteForcing.

Mission impossible, there's no brute forcer on the market that can reverse this.
You'd need to make a custom one and even then, it'd be really hard to decrypt.
Unless you have the source too. (Of the one using it)

26-04-2015, 08:56 PM

Repentance Wrote:

26-04-2015, 02:24 PM

Sozin Wrote: Any hash is crackable via Bruteforce.

Its not really the hash you should care about, you should focus on prevention of BruteForcing.

Mission impossible, there's no brute forcer on the market that can reverse this.
You'd need to make a custom one and even then, it'd be really hard to decrypt.
Unless you have the source too. (Of the one using it)

Dude, do you know what a bruteforcer is? LOL

26-04-2015, 09:11 PM

Sozin Wrote:

26-04-2015, 08:56 PM

Repentance Wrote:

26-04-2015, 02:24 PM

Sozin Wrote: Any hash is crackable via Bruteforce.

Its not really the hash you should care about, you should focus on prevention of BruteForcing.

Mission impossible, there's no brute forcer on the market that can reverse this.
You'd need to make a custom one and even then, it'd be really hard to decrypt.
Unless you have the source too. (Of the one using it)

Dude, do you know what a bruteforcer is? LOL

Well, I'd call hashcat as an example. It has a bruteforce function with mode 3.
But the hash isn't symmetric.
abc -> amoned
abc -> pdaxon

26-04-2015, 09:20 PM

Repentance Wrote:

26-04-2015, 09:11 PM

Sozin Wrote:

26-04-2015, 08:56 PM

Repentance Wrote:

26-04-2015, 02:24 PM

Sozin Wrote: Any hash is crackable via Bruteforce.

Its not really the hash you should care about, you should focus on prevention of BruteForcing.

Mission impossible, there's no brute forcer on the market that can reverse this.
You'd need to make a custom one and even then, it'd be really hard to decrypt.
Unless you have the source too. (Of the one using it)

Dude, do you know what a bruteforcer is? LOL

Well, I'd call hashcat as an example. It has a bruteforce function with mode 3.
But the hash isn't symmetric.
abc -> amoned
abc -> pdaxon

that means each time i hash abc, i get a different hash?

26-04-2015, 09:26 PM

Sozin Wrote:

26-04-2015, 09:20 PM

Repentance Wrote:

26-04-2015, 09:11 PM

Sozin Wrote:

26-04-2015, 08:56 PM

Repentance Wrote:

26-04-2015, 02:24 PM

Sozin Wrote: Any hash is crackable via Bruteforce.

Its not really the hash you should care about, you should focus on prevention of BruteForcing.

Mission impossible, there's no brute forcer on the market that can reverse this.
You'd need to make a custom one and even then, it'd be really hard to decrypt.
Unless you have the source too. (Of the one using it)

Dude, do you know what a bruteforcer is? LOL

Well, I'd call hashcat as an example. It has a bruteforce function with mode 3.
But the hash isn't symmetric.
abc -> amoned
abc -> pdaxon

that means each time i hash abc, i get a different hash?

Different hash & Salt, yes.
So every hash stored in the database isunique, even with the same password.
You can set your own private key & amount of rounds to make your own hashes that much different from the others.
(thekey is used in XOR & NAND encryption)

Performance Comparison:

1. AmN's upcoming CMS:


2. NullCrypt:


To keep it fair, I only checked one string, as I would if I were to use your encryption.

But its nice if we neglect the performance

27-04-2015, 06:58 AM

Sozin Wrote: Performance Comparison:

1. AmN's upcoming CMS:


2. NullCrypt:


To keep it fair, I only checked one string, as I would if I were to use your encryption.

But its nice if we neglect the performance

Bit of a weird comparison you're doing here.
The encrypt function is only used when registering.
While the comparison function isused when logging in.

Adding both execution times together is a bit weird.
But keep in mind that you can edit the amount of rounds yourself to make it slower.