-<h2> ZIP Encryption </h2> Standard Zip Encryption is Weak.
+<h2> ZIP Std Encryption </h2> Standard Zip Encryption is Weak!
<!--border--> <date> 15. July 2002 </date>
first of all the standard zip-encryption has not been strong enough
for modern computers, and there are hacker tools that even a
half-literate computer-user can use to crack the password of a
- zip-archive. Furthermore, adding real encryption is a heavy weight
+ zip-archive. In other words: <b> every encrypted zip file can be
+ cracked using freely downloadable helper tools </b>. That's because
+ standard zip encryption is weak regarding modern personal computer
+ power. Furthermore, adding <em>real</em> encryption is a heavy weight
that many people do not need, see the last argument for seeing the
standard one is useless anyway, and adding a non-standard one
should not be the case of the standard zziplib either, ye know.
</P><P>
On the other hand, obfuscation is a means to fear off half-literates
- just as well - there are no premade tools for the obfuscation you
+ just as well - there are no <em>premade</em> tools for the obfuscation you
can invent from the xor examples. And a hacker that can de-obfuscate
- such a dat-file is able to dissassemble your program as well thereby
- going to see your decryption routine <em>and</em> the decryption key.
- Although there is a difference, it just ranges on about times and
- exprience, not magnitudes. Remember the old saying: you can irritate
+ such a dat-file is able to dissassemble your program as well - just to
+ remind you that the disassembly of a program will reveal the decryption
+ routine <em>and</em> the decryption key, even for a heavyweight crypt
+ algorithm. Although there is a difference, it just ranges on about times
+ and exprience, not magnitudes. Remember the old saying: you can irritate
some people for some time but not irritate all people for all the time.
As for encryption of artwork and AI scripts in games and applications,
just keep in mind that the final recipient has the decryption key on
his system anyway, just obfuscated. So each such encryption is nothing
- more than just a clever form of obfuscation, nothing mathemetical strong.
+ more than just a clever form of obfuscation, nothing mathematical strong.
</P><P>
Some other people might ask why to obfuscate anyway. Well, the reason
is theft. Even people who write opensource free software generally
--- /dev/null
+<h2> ZIP Ext Encryption </h2> ext/io used for cryptoid plugins
+
+<!--border--> <date> 11. May 2004 </date>
+
+<h3> Stronger Obfuscation For ZZip </h3>
+
+<P>
+ Some people feel that a simple bytewise xor is not strong enough
+ as an obfuscation for the data. There we have the question how to
+ implant a stronger obfuscation routine to protect that data of an
+ application from artwork theft. Perhaps there is even the idea to
+ use an obfuscation in the range of a real crypt routine - in which
+ case I want to recommend strongly to read the
+ <a href="zzip-crypt.html"> reasoning page </a> why it can not be
+ real encryption and that the resulting obfuscation has an upper
+ limit being <em>lower</em> than the crypt routine complexity.
+</P>
+
+<P>
+ After reminding you of this fact we can go at evaluationg how to
+ implant a stronger obfusction routine to protect your data. The
+ ext/io feature uses a callback routine "read" that must read a
+ block of the given size - for the obfuscation case it will call
+ the "read()" function of the underlying operation system, and
+ the obfuscated block will be deobfuscated before returning it to
+ the caller.
+</P>
+
+<P>
+ In this mechanism there is not asseration at which file-offset
+ the ext/io-read() callback is triggered. That is the reason we
+ have shown obfuscation with bytewise xor-key example - formally
+ this is using obfuscation blocks of 8bit width being aligned
+ on 8bit boundaries in the data file, and our decryption stream
+ is stateless being the same for each obfuscation block (of 8bit
+ width).
+</P>
+<P>
+ In order for a stronger obfuscation we have to break those
+ limitations which are directly derived from the natural way
+ of the handling of files by a contemporary operating system.
+ This is triggered as the call synopsis of the ext/io read()
+ callback matches <em>exactly</em> the one of posix, so that
+ one can use the posix read() function reference as the default
+ for ensuring the most minimal overhead in accessing non-obfuscated
+ zip files.
+<br><small>And btw, the abbreviation "posix" stands for
+ "Portable Open System in Unix".</small>
+</P>
+
+<P>
+ The trick we show here: the first argument of the ext/io read
+ callback is the file descriptor of the underlying operationg
+ system. While we can not add another argument to the ext/io
+ read call we can pick up additional information with the help
+ of that file descriptor id being globally unique even across
+ multiple threads. One solution would make the application map
+ that descriptor id to a special argument but this is often too
+ much overhead: the current file position is enough.
+</P>
+<P>
+ The current file position is managed by the operation system
+ via the file descriptor table. There is a function call to
+ map a file descriptor to the current read position offset
+ usually named "tell(fd)". Since this call is not mandated by
+ posix, you can emulate it with the posix lseek() call which
+ returns the resulting offset after the operation was performed,
+ so we just seek by a zero offset:
+<br><code>#define tell(fd) lseek(fd,0,SEEK_CUR)
+</P>
+
+<P>
+ That file offset is measured from the start of the zip archive,
+ not per each zipped file. Remind yourself of that fact when
+ creating your own "zzobfuscate.exe" which should work on the
+ zip archive and not per file before zipping. That is a difference
+ over normal zip archives where the user can atleast recognized the
+ dat file as a zip archive and see a list of files contained in the
+ archive, atleast their names and data start offset.
+</P>
+<P>
+ Now, let's use the file read offset to break the blocking
+ limitations of 8bit/8bit to a larger xor-key. In our example
+ we expand to a 32bit/32bit xor-key giving a search space of
+ 4<>billion keys instead of the just 256<>keys in 8bit blocking.
+ That is simply done by a static 4<>byte xor-key sequence and using
+ modulo operations for alignment. For the 2^X cases any modulo
+ operations shrink to a set of ultra-fast bitwise-and operations.
+</P>
+
+<pre>
+ static char xor_value[4] = { 0x55, 0x63, 0x27, 0x31 };
+ static zzip_ssize_t xor_read (int f, void* p, zzip_size_t l)
+ {
+ zzip_off_t y = tell(f);
+ zzip_size_t r = read(f, p, l);
+ zzip_size_t x; char* q = p;
+ for (x=0; x < r; x++) q[x] ^= xor_value[(y+x)&3];
+ return r;
+ }
+</pre>
+
projects / zziplib / commitdiff