Update! - A potential security issue has been detected using this system. For a fix, read A Follow-up to Encryption with ASP.
First a tiny background about encryption. Certain kinds of heavy encryption are illegal to export out of the US. They are actually classified as "munitions", i.e. weapons. This article will teach you how to create simple string encryption from an ASP page, but not the kind you could get in trouble with. Don't be fooled though- the string encryption I am going to show you is heavy duty enough to take some time to crack. It's based on one of the simplest cipher methods known as the Vernum Cipher. If you haven't heard of this before, read my footnote at the bottom of this page.
Basically our code below invloves one text stream and one randomly generated key. The two combined together create the cyphertext.
(plaintext) combined with (encryption key) = encrypted cyphertext
The first item of business is to generate a key. We'll generate one that is 512 bytes in length, which should be plenty for encryption of a text string. Here is the key generation code:
Run the above KeyGeN.asp page under IIS. You only need to do this once. It will write a key file out to
c:\key.txt (you will probably want to write this to a safe place, not the root of your c drive). Next open the
key.txt key file you have just created. Pretty isn't it? It should contain 512 characters between the ASCII Decimal value of 35 and 96. This is a randomly created string, so each person's
key.txt will be different. Here is my
Now take a closer look at the
KeyGeN Function, the lowerbound and upperbound values are the 'range' of ASCII characters you'd like to use in the generation of the key.
Next order of business will be encrypting and decrypting a string. We'll examine this in Part 2!