Meta Tags

<@CIPHER>

Syntax

<@CIPHER ACTION=actionTYPE=type STR=string[KEY=key] [ENCODING=encoding]>

Description

Performs encryption, decryption, and hashes on strings using various algorithms and keys.

<@CIPHER> provides the Tango user with access to various encryption algorithms. The user may specify different keys, if required.

Three attributes are required: ACTION, TYPE, and STR.

ACTION is the action you want to perform, for example, encrypt or decrypt.
TYPE is the type of action you want to perform, for example, BitRoll.

Note: There is a special case in which TYPE is not required. This occurs when the ACTION is Hash, and this is because Tango supports only one type of Hash.
STR is the string upon which you want to execute the action, for example, a social security number. A zero length STR is processed by the underlying cipher routines.

KEY may be required or prohibited depending on the TYPE of cipher requested. Keys may be case sensitive.

Warning messages are logged if attributes needed are missing:

[Warning] CIPHER: no action specified

[Warning] CIPHER: type not specified or unknown

[Warning] CIPHER: specified key not valid for this cipher

Ciphers Supported

Each type of cipher has at least one operation permitted. Each may accept a key, may provide a default one if none is given, or may reject any key and use a predetermined value, or none, as appropriate.

Cipher names are case insensitive. The following table lists types of ciphers, their actions, their key restrictions, and a short description of each cipher.

Type	Action	Key Restrictions	Short Description
BitRoll	encrypt/decrypt	prohibited	swaps position of first 3 and last 5 bits in a byte
Caesar	encrypt/decrypt	optional, integer (positive and negative) values only, use "3" as default	rotate chars by value positions mod 26
OneTimePad	encrypt/decrypt	required, all alphabetic (no spaces or punctuation)	rotate characters by x positions, x being successive case-insensitive characters of key, a=1, b=2, ...
Rot13	encrypt/decrypt	prohibited	rotate characters by 13 positions
	hash	ignored	MD5¹ one way hash. Produces a 32 character string.

The ACTION has two directions, forward and reverse. This means that you can take a string and encrypt, encipher or hash it in the forward direction, and, for the reverse direction, you can decrypt or decipher.

Hash is a one-way cipher: it works only in the forward position. An example use for this would be a passwords for a UNIX system. One-way hash functions are handled as encipher operations with no corresponding decipher operation. The keyword HASH is accepted as an ACTION for this purpose.

Certain synonyms for the two ciphering operations are supported:

plaintext -> ciphertext	ciphertext -> plaintext
encrypt	decrypt
encipher	decipher

Security Issues

It is up to the user to guarantee the security of their information. BitRoll, Caesar, and Rot13 are not secure at all, and OneTimePad is only as secure as the keys are managed and generated.

Submitting a key through a form may be insecure, especially because the HTTP request could be viewed in transit. The key and algorithm--and anything else as part of the request--can be viewed in transit. Secure channels must be used to hide text in-transit, and very strong ciphers must be used to guarantee security.

<@CIPHER>

Syntax

Description

Ciphers Supported

Type

Action

Key Restrictions

Short Description

plaintext -> ciphertext

ciphertext -> plaintext

Security Issues

See Also