整数 ID 混淆技术 [英] Integer ID obfuscation techniques

问题描述

我正在寻找一种简单且可逆的方法来混淆整数 ID.理想情况下，我希望生成的混淆长度最多为 8 个字符且不连续，这意味着1"的混淆看起来应该与2"等的混淆完全不同.

I'm looking for an easy and reversible method of obfuscating integer IDs. Ideally, I'd want the resulting obfuscation to be at most eight characters in length and non-sequential, meaning that the obfuscation of "1" should look nothing like the obfuscation for "2" and so on.

这无论如何都不是安全的，所以这不是一个大问题.此外，我将要混淆的整数并不大 - 在 1 到 10,000 之间 - 但我也不希望发生任何冲突.

This isn't meant to be secure by any means, so this isn't a huge concern. Additionally, the integers I'll be obfuscating aren't large - between one and 10,000 - but I don't want any collisions, either.

有人对符合此标准的东西有什么想法吗?

Does anybody have any ideas for something that would fit this criteria?

推荐答案

我从 Pearson 散列中获得了一个想法，它也适用于任意输入，而不仅仅是 32 位整数.我不知道这是否与 Greg 的回答完全相同，但我无法理解他的意思.但我所知道的是，这里的内存需求是不变的.无论输入有多大，这仍然是一个可靠的混淆/加密技巧.

I derived an idea from Pearson hashing which will work for arbitrary inputs as well, not just 32-bit integers. I don't know if this is the exact same as Greg answer, but I couldn't get at what he meant. But what I do know is that the memory requirements are constant here. No matter how big the input, this is still a reliable obfuscation/encryption trick.

记录一下，这个方法不是hash，也没有冲突.这是混淆字节字符串的完美方法.

For the record, this method is not hashing, and it does not have collisions. It's a perfectly sound method of obfuscating a byte string.

您需要一个秘密密钥 _encryptionTable，它是包含范围 0..255 的随机排列.你用它来打乱字节.为了让它真的很难逆转，它使用异或来混合字节串.

What you need for this to work is a secret key _encryptionTable which is a random permutation of the inclusive range 0..255. You use this to shuffle bytes around. To make it really hard to reverse it uses XOR to mix the byte string a bit.

public byte[] Encrypt(byte[] plaintext)
{
    if (plaintext == null)
    {
        throw new ArgumentNullException("plaintext");
    }
    byte[] ciphertext = new byte[plaintext.Length];
    int c = 0;
    for (int i = 0; i < plaintext.Length; i++)
    {
        c = _encryptionTable[plaintext[i] ^ c];
        ciphertext[i] = (byte)c;
    }
    return ciphertext;
}

然后您可以使用 BitConverter 在值和字节数组之间进行转换，或者将一些转换为 base 64 或 32 以获得文本表示.如果这很重要，Base 32 编码可以是 URL 友好的.解密就像通过计算 _encryptionTable 的逆来反转操作一样简单.

You can then use the BitConverter to go between values and byte arrays or some convert to base 64 or 32 to get a textual representation. Base 32 encoding can be URL friendly if that's important. Decrypting is as simply as reversing the operation by computing the inverse of the _encryptionTable.

    public byte[] Decrypt(byte[] ciphertext)
    {
        if (ciphertext == null)
        {
            throw new ArgumentNullException("ciphertext");
        }
        byte[] plaintext = new byte[ciphertext.Length];
        int c = 0;
        for (int i = 0; i < ciphertext.Length; i++)
        {
            plaintext[i] = (byte)(_decryptionTable[ciphertext[i]] ^ c);
            c = ciphertext[i];
        }
        return plaintext;
    }

如果您正在处理一个 32 位整数并且只关心大于或等于 0 的数字，那么您还可以做其他有趣的事情，这使得猜测混淆的数字变得更加困难.

You can also do other fun things if you're working on a 32-bit integer and only care about the numbers greater than or equal to 0 which makes it harder to guess an obfuscated number.

我还使用一个秘密词来为伪数生成器提供种子，并使用它来设置初始排列.这就是为什么我可以通过知道我用来创造每件事的秘密词来简单地获得价值.

I also use a secret word to seed a pseudo number generator and use that to setup the initial permutation. That's why I can simply get the value by knowing what secret word I used to create every thing.

var mt = new MersenneTwister(secretKey.ToUpperInvariant());
var mr = new byte[256];
for (int i = 0; i < 256; i++)
{
    mr[i] = (byte)i;
}
var encryptionTable = mt.NextPermutation(mr);
var decryptionTable = new byte[256];
for (int i = 0; i < 256; i++)
{
    decryptionTable[encryptionTable[i]] = (byte)i;
}
this._encryptionTable = encryptionTable;
this._decryptionTable = decryptionTable;

这有点安全，这里最大的缺陷是加密，XOR with 0，恰好是XOR的身份，并没有改变值(a ^ 0 == a).因此，第一个加密字节表示该字节的随机位置.要解决此问题，您可以根据密钥为 c 选择一个初始值，该值不是常数，只需向 PRNG(在用种子初始化后)询问随机字节即可.这样一来，只要您无法观察到输入和输出，即使样本很大，也很难破解加密.

This is somewhat secure, the biggest flaw here is that the encryption, XOR with 0, happens to be the identity of XOR and doesn't change the value (a ^ 0 == a). Thus the first encrypted byte represent the random position of that byte. To work around this you can pick a initial value for c, that is not constant, based of the secret key by just asking the PRNG (after init with seed) for a random byte. That way it's immensely more difficult even with a large sample to crack the encryption as long as you can't observe input and output.

这篇关于整数 ID 混淆技术的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！