Login [Register]
Don't have an account? Register now to chat, post, use our tools, and much more.
This is an archived, read-only copy of the United-TI subforum , including posts and topic from May 2003 to April 2012. If you would like to discuss any of the topics in this forum, you can visit Cemetech's TI-BASIC subforum. Some of these topics may also be directly-linked to active Cemetech topics. If you are a Cemetech member with a linked United-TI account, you can link United-TI topics here with your current Cemetech topics.

This forum is locked: you cannot post, reply to, or edit topics. TI-Basic => TI-BASIC
United-TI Archives -> TI-Basic
 
    » Goto page 1, 2  Next
» View previous topic :: View next topic  
Author Message
Fr0sty


Member


Joined: 27 Nov 2003
Posts: 202

Posted: 30 Nov 2003 02:29:55 pm    Post subject:

Me and my friend are making an alg prog and I kinda wanted to know a couple things. We're trying to make it secure and we don't want anyone stealing it and claiming it as theirs, so for now we're making it untradeable through calculators. I'm kinda trying to keep it to the simple stuff right now (meaning as much as I can understand) and from memory (my sis borrowed my calc) this is what I came up with:
First off, we make two versions of every prog: a protected one and an unprotected one (meaning they can't edit the code on the protected one). We keep the unprotected one and distribute the protected one.
Second, to keep distribution rates low, I'm trying to prevent trading. So I made it where you not only have to enter in a password, but you also have to have the correct numbers in a list (sent by an installation program puts the lists in). A couple of problems: First, my password is stored in Str 1 and anyone who goes to Str 1 can see it. Second, my list is stored in L1 and anyone who goes to L1 can see it. Is there any way to hide my password? Also, is there anyway to make my password a certain length as in 3-5 characters? The only solution I can think of (with my limited knowledge of TI-Basic) are to confuse them by using all lists and strings with different words/numbers in each so that they have to re-enter each number/word by hand thereby confusing them.
I was also thinking about using Get( and Send( but I'm not exactly sure how they work. My idea is to get variables form a calculator and if they are all equal, then the program will work, but if they're not, then it won't. Any help would be nice. Laughing
Back to top
SnugenZ


Advanced Newbie


Joined: 20 Nov 2003
Posts: 52

Posted: 30 Nov 2003 03:14:23 pm    Post subject:

Thats an exceelent idea --If any can figure this out, i'd be just as happy as frosty -- Like disable send or something -- that;d be amazing -- I bet its near impossible to tdo in basic though -- prolly need asm
Back to top
DarkerLine
ceci n'est pas une |


Super Elite (Last Title)


Joined: 04 Nov 2003
Posts: 8328

Posted: 30 Nov 2003 03:59:17 pm    Post subject:

Get( and Send( are functions that do something with CBL/CBR. If you want to transfer something from one calc to another, use GetCalc(.

In order to make the password invisible, you could type it into the program instead of storing it to a variable.

About making it untradeable - I've noticed a program with Omnicalc tokens can't be sent to another calculator. Maybe someone (not me - I know no Asm) could write an assembly program that 1)Inserts an Omnicalc token into the program 2)Protects the program from being edited 3)Deletes itself. You would send the assembly program and run it once on the other calculator. The problem with putting the token in yourself is you will then be unable to send the program in the first place.
Back to top
Basjuh


Advanced Newbie


Joined: 19 Nov 2003
Posts: 56

Posted: 30 Nov 2003 04:04:29 pm    Post subject:

HASH the list and str so it will be unreadable...
look in the encyption thread i posted a basic hasher there...
Back to top
Fr0sty


Member


Joined: 27 Nov 2003
Posts: 202

Posted: 30 Nov 2003 04:06:15 pm    Post subject:

So an Omnicalc token can't even be sent to another calc with Omnicalc?
Btw: thanks for the help =D
too bad my sis borrowed my calc Mad I wanted to try some of this stuff.
Back to top
DarkerLine
ceci n'est pas une |


Super Elite (Last Title)


Joined: 04 Nov 2003
Posts: 8328

Posted: 30 Nov 2003 04:14:34 pm    Post subject:

Fr0sty wrote:
So an Omnicalc token can't even be sent to another calc with Omnicalc?

I've tried it, with version 1.10, and it didn't work. Apparently it can't even ungroup something if a variable to be ungrouped has an Omnicalc token. I found that out the hard way. Sad

An easy-to make hasher:

Code:
your favorite number -> rand
operation with 1 rand and N (example: N - 2Nrand) -> N

to unhash:
y. f. n. -> rand
inverse of that operation (example: N/(1-2rand)) -> N


If your program is protected so no one knows y. f. n., it is nearly impossible to break.
Back to top
Fr0sty


Member


Joined: 27 Nov 2003
Posts: 202

Posted: 30 Nov 2003 05:06:30 pm    Post subject:

Would the tokens make it able to send progs on demand? Because me and him keep improving on this prog and keep sending it back and forth as we upgrade it.
Also how does the hasher work? Is that all I put in and then it affects my string? Or what? I don't get it.
Back to top
Basjuh


Advanced Newbie


Joined: 19 Nov 2003
Posts: 56

Posted: 30 Nov 2003 05:12:58 pm    Post subject:

try using this..


Code:
Input Str1
1\->\A
"ADINSXBEJOTY CFKPUZ:GLQV\theta\?HMRW3026159487\->\Str2
For(I,1,length(Str1
inString(Str2,sub(Str1,I,1
\root\(AIAns\->\A
End
A\->\rand
"*\->\Str1
For(I,1,16
Str1+sub(Str2,int(rand39)+1,1\->\Str1
End
DelVar ADelVar Str2DelVar I
0\->\rand
ClrHome


this one is much better, it cant be reverse engineered. you can adapt to fit your needs ...
Back to top
Fr0sty


Member


Joined: 27 Nov 2003
Posts: 202

Posted: 30 Nov 2003 05:25:00 pm    Post subject:

Anybody know how I might be able to test some of these without a graphlink and/or a ti calc(my sis borrowed mine and she's in college)? I have an old graphing calc (El-9200C Sharp-Casio) but I'm not sure if it'll help... and a broken Silver Edition that I'm about to send back to TI (they sent me a replacement) and I know that won't help... I tried Virtual TI but I was stupid enough to not send myself a copy of my calc's Rom... Any help would once again be appreciated.
Back to top
Basjuh


Advanced Newbie


Joined: 19 Nov 2003
Posts: 56

Posted: 30 Nov 2003 05:31:07 pm    Post subject:

download the TI flash debugger it has the ROM built in and get TI graphlink...
type the program in TI Graphlink and save it as .8xp file, then open the TI flash debugger start a 83+ session and then click load->ram file ,search your .8xp file and click OK and then start the ti83 by clicking on the > (play) icon.
Back to top
Fr0sty


Member


Joined: 27 Nov 2003
Posts: 202

Posted: 30 Nov 2003 05:45:53 pm    Post subject:

Thanks, didn't know that I could do that Laughing
Also, anyone know a way that Protected items can be unprotected? (I'm not talking about Mirage's Lock, I'm talking about the application known as Protect that is kinda buggy- it protects like 5 more progs than I want it to).
Sorry for all the questions Sad
Back to top
Basjuh


Advanced Newbie


Joined: 19 Nov 2003
Posts: 56

Posted: 30 Nov 2003 05:55:39 pm    Post subject:

Confused looks like the prog is kind of buggy and very beta... you can't unprotect with that program/app you'll have to find another one Sad
Back to top
Fr0sty


Member


Joined: 27 Nov 2003
Posts: 202

Posted: 30 Nov 2003 07:22:29 pm    Post subject:

Cool encrypter, how do you find out the pw though? That's what I'm wondering Shock
Would it be...
That code... inputting your pw, then making them input theirs to see if it equals each other? I'm not sure how I could make a security thing out of that, can't think >.<
Back to top
Darth Android
DragonOS Dev Team


Bandwidth Hog


Joined: 31 May 2003
Posts: 2104

Posted: 30 Nov 2003 07:45:11 pm    Post subject:

to unprotect a basic program:
copy prog from calc to comp. open in graphlink. uncheck box that says "protected"
to hack a asm program:
convert hex code into asm code. hunt through asm code for password routine. check where it stores password in memory. find a on calc hex editor and edit the memory.

i know asm.
Back to top
NETWizz
Byte by bit


Bandwidth Hog


Joined: 20 May 2003
Posts: 2369

Posted: 01 Dec 2003 04:00:24 pm    Post subject:

Fr0sty wrote:
Cool encrypter, how do you find out the pw though? That's what I'm wondering Shock
Would it be...
That code... inputting your pw, then making them input theirs to see if it equals each other? I'm not sure how I could make a security thing out of that, can't think >.<

Simple:

His hashing routine takes input from string 1 and returns output to string 1, so instead of rewriting it, we can backup str1, so it isn't overwritten.

Str1->Str3
Input "Password>",Str1

Run the dudes hashing routine

Str1=Str2->A

Str3->Str1
Delvar Str3

If A
Then
Disp "CORRECT
Else
Disp "SORRY
End
Back to top
NETWizz
Byte by bit


Bandwidth Hog


Joined: 20 May 2003
Posts: 2369

Posted: 01 Dec 2003 04:02:34 pm    Post subject:

If you wish to actually decrypt a password, you would need to analyse his routine from both a programming and a software standpoint then write a decrypter.

Or, you could brute force it, but that would take all day with the slow processor in a calculator.
Back to top
Fr0sty


Member


Joined: 27 Nov 2003
Posts: 202

Posted: 01 Dec 2003 08:27:41 pm    Post subject:

Thanks, when I get my calc back, I'll try this Very Happy
Flash debugger's too slow Neutral
Anyone know of a C++ thing I can download (freeware?) to help me practice/program? I'm trying to practice cause I've been raised on TI-Basic which is kinda embarassing if you want to be a programmer you know?


Last edited by Guest on 01 Dec 2003 08:54:59 pm; edited 1 time in total
Back to top
Basjuh


Advanced Newbie


Joined: 19 Nov 2003
Posts: 56

Posted: 02 Dec 2003 04:38:26 am    Post subject:

Jbirk wrote:
If you wish to actually decrypt a password, you would need to analyse his routine from both a programming and a software standpoint then write a decrypter.

Or, you could brute force it, but that would take all day with the slow processor in a calculator.

a hash cant be decrypted, you can only break it by bruteforce...
Back to top
Arcane Wizard
`semi-hippie`


Super Elite (Last Title)


Joined: 02 Jun 2003
Posts: 8993

Posted: 02 Dec 2003 07:29:16 am    Post subject:

Fr0sty wrote:
Anyone know of a C++ thing I can download (freeware?) to help me practice/program? I'm trying to practice cause I've been raised on TI-Basic which is kinda embarassing if you want to be a programmer you know?

I'd advice to learn some computer programming languages (Maybe QBASIC or PASCAL) first, but here are some C++ tutorials: (I find the top one to be the best, it's also the one I used to learn C++)
http://www.cplusplus.com/doc/tutorial

http://cplus.about.com/library/blcplustut.htm

http://www.cprogramming.com/

I hope I still have a lot more information/tutorials on C++ on some old CD's, so if you want I can upload it all. Don't know if it's worth the trouble, because I'm not sure how much of that info I can find (my rooms a mess Smile) and how much I actually backed up on those CD's.


Last edited by Guest on 02 Dec 2003 07:30:51 am; edited 1 time in total
Back to top
NETWizz
Byte by bit


Bandwidth Hog


Joined: 20 May 2003
Posts: 2369

Posted: 02 Dec 2003 04:24:17 pm    Post subject:

Basjuh wrote:
Jbirk wrote:
If you wish to actually decrypt a password, you would need to analyse his routine from both a programming and a software standpoint then write a decrypter.

Or, you could brute force it, but that would take all day with the slow processor in a calculator.

a hash cant be decrypted, you can only break it by bruteforce...

Although it is extremely complicated, A hash can be decrypted (very difficult).

However, it depends on its bit strength how easily it can be decrypted.

If you look in the first section of your routine, you saved 1 to A making A an unchanging constant.

Yes, I know you change A in the loop.

No, you take I up to the length of the string, so we know that I is 1...2...3.. X times.

You have a limited character set of A-Z, 0-9, theta, :, and ?

In all, you have 39 characters.

Now, you save the value in A to rand to seed the generator. Obviously you are feeding anything in, but the value you are seeding for is limited.

In other words, with all that square root stuff, you make that value smaller.

So, the bigger the number, the more of an effect the square root has on it.

In other words, if you take the square root of 100, you get 10, the sq root of 64, a signifigantly smaller number is 8. The difference between 10 and 8 is only 2.

In other words, if you took the sq root of a number such as 10,000 you would still have only 100, which in the grand scheme of things is small!

I can nearly guarantee that anything you take the sq root of each time in the loop stays very small regardless of what value you input into str1.

You limit your seeding value severely[b]

[b] Random seeds do not even look at the decemal, so putting in 1, 1.2, 1.383748, or any non integer is still recognized as a seed of 1.



Essentially, you are creating too few possible encryption keys (seed values)

Okay, so you build your Hash by randomly or rather psudo randomly with a limited key from str2, where str2 is unchanging.

Unfortunatly, with a limited seed values, no matter what you put in as input will result in less than 100 different possible hashes.

Most unfortunatly is that the TI random number generator has a formula you can attain somewhere.


Anyway you look at it, your hash routine is good, but it could be better. Either way, if someone wants to run a program, they can simply edit it to remove tthe pw stuff.
Back to top
Display posts from previous:   
Register to Join the Conversation
Have your own thoughts to add to this or any other topic? Want to ask a question, offer a suggestion, share your own programs and projects, upload a file to the file archives, get help with calculator and computer programming, or simply chat with like-minded coders and tech and calculator enthusiasts via the site-wide AJAX SAX widget? Registration for a free Cemetech account only takes a minute.

» Go to Registration page
    » Goto page 1, 2  Next
» View previous topic :: View next topic  
Page 1 of 2 » All times are GMT - 5 Hours

 

Advertisement