Image Encrypter/Decrypter

JavaFreak · January 23, 2009, 1:16am

Hope Im right here.
i try to encrypt/decrypt images but something is going wrong.
Example:
my Input.png Image has a size of 8,1 KB and the encrypted Output.png has only a size of 7,4 KB.

if you decrypt the Output.png in another “working” image, the size is always 7,4 KB.
With small Images the difference of qualitylost isnt big, but with bigger Files, u can see the difference .
hope someone could help me.

here the code for encrypting:


byte[] salt = { (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
                (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99 };
        {
         SecretKeyFactory keyFac = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
         PBEKeySpec pbeKeySpec = new PBEKeySpec("THISSHOULDNOBODYREAD".toCharArray());
         PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, 20);
         SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
         Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES");
         pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec);
         
         File inputFile = new File("input.png");
         BufferedImage input = ImageIO.read(inputFile);
         FileOutputStream output = new FileOutputStream("inputENC.png");
         CipherOutputStream cos = new CipherOutputStream(output, pbeCipher);
         ImageIO.write(input,"png",cos);
         cos.close(); 
         }

Riven · January 23, 2009, 5:51pm

That’s weird, as PNG is a lossless format.

If the filesize is smaller, you’d either expect a better compressed (equal) image, or a corrupt file, not an image with reduced quality.

(On a sidenote: this is a board on the forum where you post code for others to use, not to post code that you have problems with.)

JavaFreak · January 24, 2009, 2:12am

Now here is a working code:

encrypt:


import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class Encrypting {
        Cipher ecipher;
        Encrypting(Key key) {
            byte[] iv = new byte[]{
                (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
                (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99
            };
            AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
            try {
                ecipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
                ecipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
            } 
            catch (java.security.InvalidAlgorithmParameterException e) {} 
            catch (javax.crypto.NoSuchPaddingException e) {} 
            catch (java.security.NoSuchAlgorithmException e) {} 
            catch (java.security.InvalidKeyException e) {}
        }
        byte[] buf = new byte[1024];
        public void encrypt(InputStream in, OutputStream out) {
            try {
                out = new CipherOutputStream(out, ecipher);
                int numRead = 0;
                while ((numRead = in.read(buf)) >= 0) {
                    out.write(buf, 0, numRead);
                }
                out.close();
            } 
            catch (java.io.IOException e) {}
        }
        public static void main(String args[]){
            try {
                Key k = new SecretKeySpec( "01234567".getBytes(), "DES" );
                Encrypting encrypter = new Encrypting(k);
                encrypter.encrypt(new FileInputStream("input.jpg"),
                new FileOutputStream("output.jpg"));
            } catch (Exception e) {}
        }
}

and decrypting:


import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

public class Decrypting {
Cipher dcipher;
        Decrypting(Key key){ 
                byte[] iv = new byte[]{
                (byte) 0xc7, (byte) 0x73, (byte) 0x21, (byte) 0x8c,
                (byte) 0x7e, (byte) 0xc8, (byte) 0xee, (byte) 0x99
            };
            AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
            try {
                dcipher = Cipher.getInstance("DES/CBC/PKCS5Padding");
                dcipher.init(Cipher.DECRYPT_MODE, key, paramSpec);
            } 
            catch (java.security.InvalidAlgorithmParameterException e) {} 
            catch (javax.crypto.NoSuchPaddingException e) {} 
            catch (java.security.NoSuchAlgorithmException e) {} 
            catch (java.security.InvalidKeyException e) {}
        }
        byte[] buf = new byte[1024];
        public void decrypt(InputStream in, OutputStream out) {
            try {
                // Bytes read from in will be decrypted
                in = new CipherInputStream(in, dcipher);
    
                // Read in the decrypted bytes and write the cleartext to out
                int numRead = 0;
                while ((numRead = in.read(buf)) >= 0) {
                    out.write(buf, 0, numRead);
                }
                out.close();
            } catch (java.io.IOException e) {
            }
        }
        public static void main(String args[]){
            try {
                Key k = new SecretKeySpec( "01234567".getBytes(), "DES" );
                Decrypting decrypter = new Decrypting(k);
                decrypter.decrypt(new FileInputStream("output.jpg"),
                new FileOutputStream("outputDEC.jpg"));
            } catch (Exception e) {}
        }
}

Now my input Pic has
8460668 Bytes,…
my encrypted Pic has
8460672 Bytes…
and the decrypted Pic has
8460668 Bytes

What do you think?
Is this encryption efficient enough to hold gamers modify games?

Sorry for my wrong Post!
could any mod please move this topic to Newless Clubies?

h3ckboy · January 25, 2009, 1:34pm

wait are you tryign to compress or encode??

causee if oyu are trying to compress you failed. cause you compression made it bigger than before.

Jono · January 26, 2009, 1:33am

They’re encrypting the images. The idea is that if someone intercepts an image as it is sent from server to client (or vice-versa maybe), then they won’t know what it is a picture of. Only the client and the server, who share a secret key, will be able to display the original image.

I guess in some competitive online games this might be necessary to stop other players snooping on what information you are getting or sending. A public/private key scheme (where one public key is given to everyone to do encrypting with, and the secret key is only used in decrypting) might be a bit easier to manage though.

Matzon · January 26, 2009, 7:58am

whats to prevent you from injecting a class to the classpath the decrypts it beforehand (using the decompiled - or runtime keys)?
tbh, its a waste of time.

Jono · January 26, 2009, 8:28am

Encryption like this is just to prevent man-in-the-middle attacks. In the case of the code above the program displaying/receiving the image and the program sending the image would both have to be trusted, so the classpath thing shouldn’t be a problem.

It’s tough to think of a reasonable use case for this in gaming, but there might be one out there.