CODEWITHSUNDEEP
c#.netstringobfuscation
Paul Lassiter
Paul Lassiter

Reputation: 2771

Simple obfuscation of string in .NET?

I need to send a string of about 30 chars over the internet which will probably end up as an ID in a another company's database.

While the string itself will not be identifying, I would still like it not to be recognisable in any way.

What is the easiest way to obfuscate such a string in .NET, so that it can be easily reversed when necessary?

Upvotes: 20

Views: 30975

Answers (4)

Jodrell
Jodrell

Reputation: 35696

THIS IS NOT CRYPTOGRAPHY

Do not use this answer for any information that must be kept secret.

It will make a string hard for a human to read.

It will round-trip but not may not if your string is not "vanilla" and you use a large value for shift.

This code will not protect the data from a concerted effort to "crack" it. An intelligent and skilled human can decode this with pen and paper.

Original answer follows below.

How about something classical (with a modern twist).

public static string Caesar(this string source, Int16 shift)
{
    var maxChar = Convert.ToInt32(char.MaxValue);
    var minChar = Convert.ToInt32(char.MinValue);

    var buffer = source.ToCharArray();

    for (var i = 0; i < buffer.Length; i++)
    {
        var shifted = Convert.ToInt32(buffer[i]) + shift;

        if (shifted > maxChar)
        {
            shifted -= maxChar;
        }
        else if (shifted < minChar)
        {
            shifted += maxChar;
        }

        buffer[i] = Convert.ToChar(shifted);
    }

    return new string(buffer);
}

Which obviously you would use like this

var plain = "Wibble";
var caesered = plain.Caesar(42);
var newPlain = caesered.Caesar(-42);

Its quick, your key is just an Int16 and it will prevent the casual observer from copy pasting the value but, its not secure.

Upvotes: 31

RenniePet
RenniePet

Reputation: 11658

I was inspired by the answer by @Jodrell, and here's my alternative version. The only real difference is that I use the modulo operator instead of the if-then-else construction.

And if you, like me, had never heard of the Caesar Cipher before, here's a link:

https://en.wikipedia.org/wiki/Caesar_cipher

   public static partial class MString
   {
      ...

      /// <summary>
      /// Method to perform a very simple (and classical) encryption for a string. This is NOT at 
      /// all secure, it is only intended to make the string value non-obvious at a first glance.
      ///
      /// The shiftOrUnshift argument is an arbitrary "key value", and must be a non-zero integer 
      /// between -65535 and 65535 (inclusive). To decrypt the encrypted string you use the negative 
      /// value. For example, if you encrypt with -42, then you decrypt with +42, or vice-versa.
      ///
      /// This is inspired by, and largely based on, this:
      /// https://stackoverflow.com/a/13026595/253938
      /// </summary>
      /// <param name="inputString">string to be encrypted or decrypted, must not be null</param>
      /// <param name="shiftOrUnshift">see above</param>
      /// <returns>encrypted or decrypted string</returns>
      public static string CaesarCipher(string inputString, int shiftOrUnshift)
      {
         // Check C# is still C#
         Debug.Assert(char.MinValue == 0 && char.MaxValue == UInt16.MaxValue);

         const int C64K = UInt16.MaxValue + 1;

         // Check the arguments
         if (inputString == null)
            throw new ArgumentException("Must not be null.", "inputString");
         if (shiftOrUnshift == 0)
            throw new ArgumentException("Must not be zero.", "shiftOrUnshift");
         if (shiftOrUnshift <= -C64K || shiftOrUnshift >= C64K)
            throw new ArgumentException("Out of range.", "shiftOrUnshift");

         // Perform the Caesar cipher shifting, using modulo operator to provide wrap-around
         char[] charArray = new char[inputString.Length];
         for (int i = 0; i < inputString.Length; i++)
         {
            charArray[i] = 
                  Convert.ToChar((Convert.ToInt32(inputString[i]) + shiftOrUnshift + C64K) % C64K);
         }

         // Return the result as a new string
         return new string(charArray);
      }

      ...
   }

And a bit of test code:

     // Test CaesarCipher() method
     const string CHelloWorld = "Hello world!";
     const int CCaesarCipherKey = 42;
     string caesarCiphered = MString.CaesarCipher(CHelloWorld, CCaesarCipherKey);
     if (MString.CaesarCipher(caesarCiphered, -CCaesarCipherKey) != CHelloWorld)
        throw new Exception("Oh no!");

Upvotes: 3

middelpat
middelpat

Reputation: 2585

Try encrypting it with for example AES, if you know the encrypt key on the other machine you can easily decrypt it there

http://msdn.microsoft.com/en-us/library/system.security.cryptography.aes(v=vs.100).aspx

There are many code samples around. For example i found this post by a quick search, even though it's only 128 bit i think it should do the trick

Using AES encryption in C#

Upvotes: 6

to StackOverflow
to StackOverflow

Reputation: 124686

How about:

    Convert.ToBase64String(Encoding.UTF8.GetBytes(myString));

and its converse:

    Encoding.UTF8.GetString(Convert.FromBase64String(myObfuscatedString));

as long as you don't mind an increase in the length of your string

Upvotes: 11

Related Questions