-1

im trying to implement an encryption system to my game to protect players passwords and other game data.

i've come up with a little test to get used to the logic of it all.

i just want to know the best way to go about this im pretty decent with reading java and searching for logic that i need (and finding a way to write it). so with that being said im not exactly looking for some snippet that will perfectly fit my game. im just looking for WAY better logic then what i have.

this only works for 4 characters sadly.

heres what i know so far

import java.util.Random;

public class EncodingThenDecoding {
private String stringToHash;
private boolean running = false;
private String originalString;
private String encodedString;
private boolean decoding = false;
public EncodingThenDecoding() {
    init();
}

public void initInit() {
    running = true;
    encodeString("abcd");
    System.out.println("Original String: " + originalString);
    delay();
    decodeStrings();

}

private void encodeString(String sth) {
    String[] subStrings = new String[25];
    originalString = sth;
    for(int subStr = 0;subStr < sth.length();subStr++ ) {
        subStrings[subStr] = sth.substring(subStr);
    }
    for(int i = 0;i < sth.length();i++) {
        Random ran = new Random();
        StringBuilder encoder = new StringBuilder();
        encoder.append( (char)('a' + ran.nextInt('z'-'a')));
        subStrings[i] = encoder.toString();
        //System.out.println(subStrings[i]);
    }

    sth = subStrings[0] + subStrings[1] + subStrings[2] + subStrings[3];
    encodedString = sth;
    System.out.println(sth);
    delay();
}

private void decodeString() {
    int tries = 0;
    int ii = 0;
    running = true;
    long sd = System.nanoTime();
    long minutes = 0;
    while(running) {
        tries++;
        String strToDecode = encodedString;
        String[] usedDecodedStrings = new String[1000000];
        String[] decodedSubStrings = new String[25];
        String decodedString = null;

        //store hashed string's chars into an array.
        for(int i = 0; i < strToDecode.length();i++) {
            decodedSubStrings[i] = strToDecode.substring(i);
        }
        //stores a random letter between z-a and replaces the array items         above.
        for(int i = 0;i < decodedSubStrings.length;i++) {
            Random ran = new Random();
            StringBuilder encoder = new StringBuilder();
            encoder.append( (char)('a' + ran.nextInt('z'-'a')));
            decodedSubStrings[i] = encoder.toString();

        }
        //stores the string containing all the new characters assigned above, 
        decodedString = decodedSubStrings[0] + decodedSubStrings[1] + decodedSubStrings[2]  + decodedSubStrings[3];


        long nanoseconds = System.nanoTime() - sd;
        long miliseconds = nanoseconds/1000000;
        long seconds = miliseconds/1000;

            System.out.println("its been " + seconds + " seconds");
        if(decodedString.equalsIgnoreCase(originalString)) {
            System.out.println("Decoding username was succesful!");
            System.out.println("it took " + seconds/60 + " minutes and " + tries + " tries to Decode " + strToDecode + " back into "  + originalString);
            return;
        }
        else if(!decodedString.equalsIgnoreCase(originalString)) {
            System.out.println("Attempt #" + tries + ": " + decodedString);
        }

    }


}

public void delay() {
    try {
        Thread.sleep(3000);
    }
    catch(InterruptedException e) {

    }
}

public static void main(String[] args) {
      EncodingThenDecoding encryptThenDecrypt = new   EncodingThenDecoding();
}

}

Heres an example of the output

its been 1386 seconds

Attempt #339016: bsev

its been 1386 seconds

Attempt #339017: qycu

its been 1386 seconds

Decoding username was successful!

it took 23 minutes and 339018 tries to Decode vlbc back into abcd

Improve this question
3
  • Questions asking for "the best way" are obviously opinionated. Usually there is no best way. Even if you change your question to asking for several good ways might be too broad. Commented Oct 7, 2017 at 7:09
  • 2
    A typical way for password protection is: Do not store the password, but create a hash value (SHA-1 for example) of the user's password and store only that. If the user log in again, simply compare the hash codes. Commented Oct 7, 2017 at 7:11
  • Protecting passwords has been discussed here many times, as well as on the Security Stack Exchange. Read those before posting. Learn about salt, hash, bcrypt and such. Commented Oct 7, 2017 at 7:19

1 Answer 1

Reset to default
1

Answer: Never implement encryption yourself.

There already are a number of standard encryption algorithms available in the Java language. Some of the popular algorithms are RSA (assymetric) and AES (symmetric).

Check out the Java Cryptography Architecture.

If you want to store the password, you should store them using some hashing algorithms such as SHA-256 or even better SHA-512. Also adding some secure Salt before hashing will make it more difficult to the attackers.

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

thanks nabin bhandari, i will look into RSA since i've heard of it being used for my type of game.
You're welcome. Good luck!
Upvoted, but I have concern about recommending outdated hash functions like MD5 or SHA1. See stackoverflow.com/questions/1841595/secure-password-hashing . Could you update your answer to reflect this?
@rkosegi thanks for your suggestion. Answer edited.
ahhh ok, i see ima look into SHA-256 hasing, and this is OFF-TOPIC but does bitcoin use SHA-512, or does it implement SHA-256 twice (or is that the same thing?) just curious.
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.