# How to apply transpositio encryption and decryption in web?!

• Meemto
• Born
• Joined: Mar 27, 2012
• Posts: 3
• Status: Offline

April 8th, 2012, 2:22 am

Hello ..
We had implement some what near to transpostion cipher in order to encrypt passwords and credit card number in our web site ..
We had used codes aplicable only to fixed size password to be matched with the fixed key length !
All what we need is how to encrypt a password of size (6-14) using a fixed key of length 6 ?!
how to make an array of [3] rows and [6] column for encyption ?!
ex:
Key: 1 2 6 3 5 4
m e m e b e
a u t y 9 0
9.0 x x x x

this is our encryption code , where to use an array and how?! ,

<?php
function encrypt(\$pass)
{
\$passlength = strlen(\$pass); // check the length of the password
\$pass= str_split(\$pass); // create an array of all letters
\$ekey = '126354'; // example key, you can replace it with any key you want, not limited to 6
\$ekeylength = strlen(\$ekey); // check the length of the key
\$ekey = str_split(\$ekey); // create an array of all numbers in the key
\$newpass = ''; // initiate the encrypted password variable

if(\$passlength == \$ekeylength)
{ // do a loop if password length is equal to key length
for(\$x=1; \$x<=\$ekeylength; \$x++)
{
\$newpass .= \$pass[\$ekey[\$x-1]-1]; // do a loop to create the new ecrypted password based on the key provided
}
}

else
{
for(\$x=1; \$x<=\$ekeylength; \$x++)
{ // do a loop to replace any missing value with x. You can replace x with anoy other characters
if(\$x > \$passlength)

\$pass[\$x-1] = '()@';

}
for(\$x=1; \$x<=\$ekeylength; \$x++)
{ // do a final loop to create the new ecrypted password based on the key provided
\$newpass .= \$pass[\$ekey[\$x-1]-1];
}
}
return (\$newpass);
}
?>

We are also finding difficulty to apply decryption ( reverse of this code) !
• Anonymous
• Bot
• Joined: 25 Feb 2008
• Posts: ?
• Loc: Ozzuland
• Status: Online

April 8th, 2012, 2:22 am

• Zealous
• Guru
• Joined: Apr 15, 2011
• Posts: 1194
• Loc: Sydney
• Status: Offline

April 8th, 2012, 9:48 am

I mean no insult to the developing team but when it comes to things like this i suggest having a experienced team work out this kind of stuff for a few reasons. With internet security being what it is today and really no one is safe but i see it as a investment in the way that you know it is going to work first time and be secure also your not posting your source on a public web site which i am sure there is more then that and could pose no threat but no one wants to take a chance when it comes to bank security.

I am sure one of the talented developers here at ozzu could help but i just wanted to say that paying for that module by pro's and then reapplying that source to your other web sites, it could be a good investment to obtain good security.

i mite be over opinionated on the topic but just taking a long term view at the problem. Better small price now then loosing data to black hats i say.
• Meemto
• Born
• Joined: Mar 27, 2012
• Posts: 3
• Status: Offline

April 8th, 2012, 10:59 am

Thank you Zealous for your opinion ..
But actually we are a group of college student and we are suppose to implement one of the algorithms in our project which is " a website " ..
Weather it is stil scure or not but we have to implement it , it is just for education purpose ..
And as you can notice that we have choosed " Transposition Algorithm" ..
This is a machanism that we are going to use to encrypt users password and credit cards ..
We need your help ..
• Zealous
• Guru
• Joined: Apr 15, 2011
• Posts: 1194
• Loc: Sydney
• Status: Offline

April 8th, 2012, 8:48 pm

aaaahhhh, apology. I assumed it was for business use. Let me see what i can pull up from the archives.
• Zealous
• Guru
• Joined: Apr 15, 2011
• Posts: 1194
• Loc: Sydney
• Status: Offline

April 8th, 2012, 8:58 pm

Found some information and just looking over the php site on "Mcrypt" that seams like the way to go making salt and encrypting everything else.

Found some reading material that may help
http://us.php.net/manual/en/book.mcrypt.php

also found some examples with a similar issue post
http://stackoverflow.com/questions/1289 ... nd-decrypt

Could provide some idea's with some light reading? Hope that can help, until a more advanced user then myself can help.

----------
After further research this may be different algorithm, shall continue to research as this is interesting lol.

--------------

http://www.codemiles.com/java/encryptio ... -t613.html

I found a java version example but it is not php so i guess it is useless, but i will say this has been some interesting research.

## Post Information

• Total Posts in this topic: 5 posts
• Users browsing this forum: No registered users and 121 guests
• You cannot post new topics in this forum
• You cannot reply to topics in this forum
• You cannot edit your posts in this forum
• You cannot delete your posts in this forum
• You cannot post attachments in this forum

© 2011 Unmelted, LLC. Ozzu® is a registered trademark of Unmelted, LLC.