views:

69

answers:

4

This is not about security. It is also not to make it hard to break. I'm looking for a simple algorithm to change a string (a url) in a way it does not resemble the original. The encryption will be done with javascript. Then I want to feed the encrypted string to a PHP function to change it back to the original. Both ends could share a secret key, or the conversions could be key-less and rely on just logic.

The ideal solution

  1. will be simple
  2. will use available javascript functions for encryption
  3. will use available php functions for decryption
  4. will produce encrypted string in way not to resemble the plain text at all
  5. will only use lower-case alphabet characters and numbers in the encrypted string
  6. is not a method widely used like Base64-ing as encryption.

Edit: The last requirement was added after shamittomar's answer.

A: 

How are you planning to implement (hide) the secret in Javascript? IMHO it's not possible.

Edit: OK - not about security.. then just use any baseXX or rot encoding mechanism. But you can't really say one of these algorythms would not be well known...

Jan.
The objective is not to hide the secret
Majid
@Majid whats the use of the encryption if the key is not secret?
Max
I think he means hash not encrypt.
Chris
Well.. a hash has neither to do with secret and not with encryption at all. The OP clearly states that he want to encrypt something and adds: "Then I want to feed the encrypted string to a PHP function to change it back to the original".
Jan.
@Max - It is to pass through more sophisticated filtering which decodes the proxified url to see what site is being accessed through a proxy.
Majid
+4  A: 

If that's what you want, you can Base64 encode and decode that.

[EDIT]: After OP clarification:

As you do not want widely used methods, here is one rarely used method and that can do it for you by giving output only in LOWERCASE letters and NUMBERS. It is Base32 Encode/Decode. Use the following libraries:

shamittomar
Thank you. I probably should have stated it in my question that widely used conversion methods are not suitable. I will edit my question to clarify this.
Majid
@Majid, answer updated.
shamittomar
Thanks! I will probably chain more than one method to get it unique.
Majid
+1  A: 

If it's not about security, and not about making it hard to break, then how about ROT-13?

//+ Jonas Raoni Soares Silva
//@ http://jsfromhell.com/string/rot13 [rev. #1]

String.prototype.rot13 = function(){
    return this.replace(/[a-zA-Z]/g, function(c){
        return String.fromCharCode((c <= "Z" ? 90 : 122) >= (c = c.charCodeAt(0) + 13) ? c : c - 26);
    });
};

...

var s = "My String";

var enc = s.rot13();  // encrypted value in enc

PHP has a native function, str_rot13: http://php.net/manual/en/function.str-rot13.php

$decrypted = str_rot13($_GET['whatever']);
Fosco
But OP want to use a `URL` as input. And `Rot-13` leaves the *non-alpha characters untouched*. This may output `/` and `:` characters but OP wants output in only *lowercase and numbers*. Also, as non-alpha chars are untouched, it is very very simple to predict that the encoded string is a URL.
shamittomar
+1 Thanks. Will be a good leg in a chain.
Majid
@shamittomar, there was no comment about a URL as input when this answer was made. I answered basically tongue-in-cheek based on the requirements.
Fosco
@Fosco, the revisions of this question show that the initial post contained following: `...to change a string (a url) in a way...`. You may have missed it :) . No problem.
shamittomar
+1  A: 

You can use bitwise XOR in javascript to encode the string and again in PHP to decode it again. I wrote a little Javascript example for you. It works the same in PHP. If you call enc() a second time with the already encoded string, you'll get the original string again.

<html>
<head><title></title></head>
<body>
<script type="text/javascript">
function enc(str) {
    var encoded = "";
    for (i=0; i<str.length;i++) {
        var a = str.charCodeAt(i);
        var b = a ^ 123;    // bitwise XOR with any number, e.g. 123
        encoded = encoded+String.fromCharCode(b);
    }
    return encoded;
}
var str = "hello world";
var encoded = enc(str);
alert(encoded);           // shows encoded string
alert(enc(encoded));      // shows the original string again
</script>
</body>
</html>
Ridcully
+1 Thank you Ridcully, I appreciate the effort and time you put into this.
Majid