XOR is a very powerful encryption, possibly one of the most powerful. I've seen a few encryption topics coming up, and some which offer XOR, but noticed that none of them were very fast. I've just recently learned C, and knowing that it's one of the fastest languages (second only to ASM probably), I figured it would be perfect for this purpose. So I wrote it up over the course of 3 days, and thorougly tested and debugged it. On my not-so-impressive machine, it was able to encrypt a 46 MB file in 4 seconds, and decrypt in the same amount of time, using the slowest of the 4 scripts. At first it was just an experiment, but after seeing those results... I just had to share it with the GMC.
On a side and more somber note, please realize that encryption is not the end-all-solve-all. Many people go crazy and start encrypting things just because they want their game to be a "black box" and the user is just playing it. If it's not an online game, there really should not be a reason to prevent a user from modifying their own files. They have their own copy of the game, and they're not harming anyone but themselves. Furthermore, if they really want to steal resources, they're going to do it, encryption or not. DLLs are far from perfect - they can be hacked or replaced, and even with the gex encryption, they can still be hacked. What I have found in my years of experience is if you make your game open source, and your resources freely available / open source, the benefits are greater from people creating plugins of better resources etc, and will usually far outweigh the people who steal your resources. To top that all off, once your game earns a reputation, those stolen resources are essentially useless to that person, because people will recognize it from your game. Thus it is my personal belief, along with the belief of many followers of the open source movement, that open source may very well be the end-all-solve-all, or at least the next step up in the evolution of software from proprietary copyrights.
Warning: I am not responsible for any damages done from the use or misuse of this dll. I have thoroughly tested it and it shouldn't corrupt any files, but if you lose the seed used to encrypt a file, you will not be able to decrypt that file. If you do run into any problems with the dll, I will try to fix it, but am not obligated to. If you use this dll, please credit IsmAvatar (and get the capital letters right). If you choose to modify the source code, please give me credit for the original, and credit yourself for any changes. Do not use this dll for malicious purposes.
Inside you will find 3 files:
crypt.c - the source code (if you're interested. If not, you can discard it). It might seem strange to provide the source code to an encryption, but rest assured, it's all in the seed. This code might actually be a little outdated, so use at your own risk.
crypt.gml - the scripts for GM. You may import them by going to Scripts > Import Scripts...
I did not make a GEX for this dll, DFortun81 made one, but may have used an outdated version of the dll. You can find a link for it in his post below.
There are 6 scripts - one to initialize (which you must do before calling any of the other scripts), one to free (which you should do once you are done with the dll), and 4 different ways of cryption. Look inside each of these scripts for information on how to use them and what they do.
XOR cryption is interesting because you decrypt the same way you encrypt. You just xor the file with the same seed. Thus, you only need one of the 4 crypt scripts - which one you need depends on exactly how you want it to work.
All 4 crypt functions return 0 on failure and 1 on success.
crypt - This will crypt a given file with a given seed string, and output the results to a separate file. To decrypt, you switch the input and output files (and/or provide a new output file).
cryptf - Similar to crypt, only you provide a seed File instead of a seed String. The dll will handle the rest, but how it works is it will read the file into a buffer string and then pass it to crypt. WARNING: this will load the entire seed file into memory, so ensure that the seed file is small enough to be held in memory. 10 MB is relatively safe, but 1 GB is NOT.
crypto - This will crypt a given file with a given seed string, and output the results back into the same file.
cryptof - This will crypt a given file with a given seed File instead of a seed String. It will overwrite the original file with the results. WARNING: this will load the entire seed file into memory, so ensure that the seed file is small enough to be held in memory. 10 MB is relatively safe, but 1 GB is NOT.
How powerful is this encryption?
XOR encryption is only as secure as the seed. I recommend the seed being as random as possible, and if it's a very short one, hash it. It might also be a good idea to run through a few different keys for best results. (Thanks Core_12)
I've also been told that XOR encryption works very well when the seed is very similar to the input file. This is because bytes with the same value will result in a 0 byte, which is very hard to recover if you don't have the seed or don't know the original format.
Please also take a note at the small text below the "philosophy" bold point. If your seed is out in the open, your seed isn't very secure either. It's not too difficult to find the seed when your game is running. Also see this post for more information: http://gmc.yoyogames...dpost&p=2323813
Errors or "What If..."
If you do not have proper permissions/privilidges to perform the operation (eg, attempting to access a folder that your login account cannot access, or attempting to write to a file that is read-only), the dll will likely return 0 indicating failure.
If you provide a non-existing file for the seed file or the input file, the dll will likely return 0 indicating failure.
If you provide an existing file for the output file, the dll will overwrite it, no questions asked.
I do not have any particular future plans with this. I would welcome other projects similar to this to feel free to incorporate this into them - such as XRP (I've already talked with EDP and they are already planning on using it) and the other encryption examples.
Please feel free to post questions, comments, suggestions, critiques, etc. If there already exists a dll for this purpose, I deeply apologize, but it was not posted in the pinned topic or Hobbel's database, so I figured there are none.
Edited by IsmAvatar, 09 September 2007 - 05:41 PM.