Automatic Doc/View File Encryption/Decryption

Environment: VC6 SP5, W2K SP3

Introduction

I've been using this site for some time now to help me with my projects. I just want to say thank you to the sponsors! This site is a great resource!

I'm presently working on a project that needs to save files from a document/view application in an encrypted format. I didn't have any tricks in my bag, so I looked around here for some examples, but was unable to find any. (Looks like it's my turn to contribute.) So I banged out some code, and here is what I came up with.

The project requirements were fairly simple. Here's what I needed the program to do:

  1. Always encrypt the file during write cycles.
  2. Ability to read in previous unencrypted file versions or encrypted versions automatically without user intervention or conversion programs (backward compatibility).
  3. Relatively quick read and write times. For this I choose the BlowFish algorithm.

Design/Implementation Goals

  1. Provide a mechanism that could be used to trigger different behaviors during the read cycle of the file, such as:
    • Use/Change encryption codecs
    • Use/Change compression/decompression engines
  2. I didn't want to have to change one or more object serialization methods (which meant to accomplish requirement #2, I'd have to use schema numbers, and that can get way too messy/confusing), so as a result, it must work in a generic fashion for the document file that could accomplish requirement #2 easily.

The implementation is a CDocument derivative called CDocumentBlowFish; it uses a CFile derivative called CFileBlowFish.

I only partially implemented Design goal #1, in that during the read cycle of a file, it automatically determines whether the file was previously encrypted. So the goal of "Use/Change encryptions codecs" was met. However, I have not yet taken the time to accomplish the goal of "Use/Change compression/decompression engines."

Warning: This code should be considered 0.1 Alpha. I've done some very light testing, but that is all. That being said, I believe the code to be in working order. YMMV!

How to Use the Program

  1. Drop the following files into your project directory, and then add them to the IDE project:
    • blowfish.cpp
    • blowfish.h
    • blowfish.h2
    • DocumentBlowFish.cpp
    • DocumentBlowFish.h
    • FileBlowFish.cpp
    • FileBlowFish.h
  2. Replace all occurences of the CDocument base class in your doc/view document class .h and .cpp files with CDocumentBlowFish.
  3. Add an #include "DocumentBlowFish.h" to your doc/view document class .h file.
  4. Change the encryption seed in CFileBlowFish::MemberInit() to be unique to your project.
  5. Compile and test. (Make sure that you keep backup copies of your original document files!)

Comments, suggestions, bug fixes, flames (for coding style), and so forth should be posted here. Please do not send me e-mail asking questions or for help; I get way too much spam as it is...

Cheers.
Neal Horman

Downloads

Download demo exe - 17 Kb
Download demo project - 52 Kb
Download source - 18 Kb


Comments

  • Ummmm.....not very secure!

    Posted by Legacy on 10/02/2002 12:00am

    Originally posted by: Ben Curley


    Hi,

    Just thought I would point out some of the problems with your code and make some suggestions for some changes you could make.

    1. I notice that you are using blowfish in ECB (Electronic Code Book) Mode. Are you aware that this is the most insecure method of any block cipher and is no more secure than XOR Encryption really. I would suggest using blowfish in a chaining mode, for example CBC (Cipher Block Chaining) this uses the previous block as input into the cipher.

    2. Hard coding the key into the executable is a really silly idea. I would suggest a password based system. The password can ben hashed using SHA-1 to provide the key for the encryption/decryption.

    Hope this helps.

    Ben

    Reply
  • Text Length MOD 8!

    Posted by Legacy on 09/30/2002 12:00am

    Originally posted by: Dave

    Hey,

    Nice article . . .

    But, if you want this to work,
    you've got to make sure your
    text length is 'Mod 8'.

    In other words, if the length
    of text in your document is 15
    it won't work. If you pad the
    same text to 16, it will.

    Reply
  • I can not make it in my computer.

    Posted by Legacy on 09/28/2002 12:00am

    Originally posted by: Leon Storm

    As title.

    My working environment is WIN98,VC6 SP?,

    Reply
Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • Adaptation and evolution are fundamental requirements of survival -- not only in nature, but also in business. Our world has changed dramatically in a short amount of time. Many businesses are fueling and capitalizing on this change, while others are desperately clinging to a bygone era. Who is left standing in the years and decades ahead should come as no surprise. This edition of Unleashing IT highlights the companies that are embracing new circumstances, new methods, and new opportunities. By downloading …

  • A majority of organizations are operating under the assumption that their network has already been compromised, or will be, according to a survey conducted by the SANS Institute. With many high profile breaches in 2013 occurring on endpoints, interest in improving endpoint security is top-of-mind for many information security professionals. The full results of the inaugural SANS Endpoint Security Survey are summarized in this white paper to help information security professionals track trends in endpoint …

Most Popular Programming Stories

More for Developers

Latest Developer Headlines

RSS Feeds