Re: ascii output encryption needed as well

From: Tony Panero (Tony.Panero@eng.sun.com)
Date: 10/30/01


Message-Id: <200110302054.f9UKsGSI225599@jurassic.eng.sun.com>
Date: Tue, 30 Oct 2001 12:56:05 -0800 (PST)
From: Tony Panero <Tony.Panero@eng.sun.com>
Subject: Re: ascii output encryption needed as well
To: secprog@securityfocus.com, josh@ebard.net

The base64 suggestions you got are on the right track, but I suggest
you do a web search for "armored ascii" if the output is to a screen or
printout and if it will become input later on. The problem it solves
is dealing with the visual confusion among "O", "0", "I", "l", "1"
etc.

Tony
 
> Hello list, I echo SJ's need for symmetric encryption.
>
> I was recently delegated a project to build an secure serial
> number/registration number system. Our serial numbers are 18 chars long. We
> would like the output to be a-z, A-Z, 0-9
>
> One approach we have tried is simple xoring the serial string with a
> salt/key. The output, however, falls within 0-255. Not all of those values
> are representable in a string, some are control values, etc. An option to
> fix this is binhexing the string, but that doubles the length of the string,
> making 18 chars, 36 which is too long for a user.
>
> does anybody have any fix?
>
> Joshua P. Luben
> http://www.joshluben.newsmagic.com/
> PGP fprint: 5986 C8BD 8BDC 8024 397B 30EA 1E85 4FF9 EE85 C6F3