I need some pointers or a practical example on how to encrypt an int to another int, and a secret key would be required to decrypt the value.
Something like:
encrypt(1, "secret key") == 67123571122
decrypt(67123571122, "secret key") == 1
This guy asks pretty much the same question: Symmetric Bijective Algorithm for Integers
however me being a total encryption “n00b” I would like some more practical examples, in python if possible.
I understand I need to use some kind of block cipher, but I’m pretty lost on the part about keeping the encrypted result still be numeric and somewhat short (maybe a long instead of an int)
Any pointers? Thanks
UPDATE-
Why do I want to do this?
I have a web service where each “object” gets a URL, e.g.:
example.com/thing/123456/
Right now, those IDs are sequential. I want to hide the fact that they’re sequential (database IDs).
The stuff on those pages is not “top secret” or anything like that, but it shouldn’t be as easy for someone to snoop in some other random’ object as just incrementing that ID in the URL.
So with some kind of two-way numeric encryption, the URL IDs will not be sequential at all, and it would take someone quite a bit of time to find more of these objects. (Additionally, requests are throttled)
And the only reason I want to keep this numeric instead of an arbitrary string is so that the change is a total drop-in replacement, and things will just work without any other code changes.
Also, I can’t just generate new random database IDs. I have to handle this encrypt/decrypt in the application.
It depends how cryptographically secure you want to be. For not-very-secure (in the crypto sense – probably fine for everyday use if you don’t really expect serious attack) then XOR with a fixed secret key will work. Just be aware that it will be vulnerable to some fairly basic cryptanalysis.
If you want real encryption, you’ll probably have to use a stream cipher like RC4. You can grab 32 bits of keystream and XOR it with your value to encrypt it. As long as you get a new 32 bits of keystream for each value you’ll be fine.
RC4 has some caveats, however, so read up on it first.
Block ciphers will not be your friend in this case as they all have block sizes of 64 bits or more. This means you need to pad your 32 bit integer to 64 bits and you’ll get 64 bits back out…but you can’t choose which 32 to keep. You won’t be able to decrypt it with only half the bits. If you’re happy to move to longs then you can use 3DES or Blowfish.
It all depends on exactly what you are encrypting and why, so it’s hard to give a definitive answer. I hope this gives an idea of where to start, at least.