Simple encryption implementation in C

Question

I've used a nice public domain C++ DES implementation before, but now I need some simple, basic, fast cryptography for an embedded system.

It doesn't need to be unbreakable, but it does need to thwart the casual hacker (ie, nothing that could be used for money or identity theft, but other personal info transferred on memory cards that could get lost or fall into the wrong hands).

Due to limited memory on this processor, I'd prefer something that can encode in discrete chunks (512 bytes or less).

The project is not open source, and won't be using libraries, which I know restricts options further - public domain being best, but BSD/apache/etc probably acceptable...

I'm hesitant to roll my own (as everyone should be).

Answer 1

If you're just looking for obfuscation, XOR with a secret constant is as small an implementation as you will find. It would also be also trivial to break, since its vulnerable to frequency analysis to look for the most common english letters.

If you need a stronger algorithm, I'd recommend looking at blowfish which tends to be small and fast. It does still require memory for tables, but hopefully it will work for your application.

Bruce Schneier explicitly placed the Blowfish algorithm into the public domain, disavowing patents. You can get his implementation in C (and other implementations as well) from his site. This source does not carry a copyright notice. I suspect that the source code too is in the public domain, but a bit more checking may be necessary.

Answer 2

The same person that released the C++ DES implementation also released a C Rijndael Encryption Algorithm - I should have poked around his website a bite more, The Tiny Encryption Algorithm (academic paper here) also has a very small C implementation footprint.

Blowfish looks good, and is likely the best of these three as far as security.

I'll start off with the TEA (small code and memory footprint) but wrap it so I can move to another algorithm later if needed. It has notable weaknesses in its earlier implementations, but for this project might even be overkill.

Answer 3

RC4 is simple and fast.

Answer 4

You could use a Pseudorandom number generator (PRNG) to generate a repeatable sequence of words, which you then XOR with the corresponding word in your data stream. (The transmitter and receiver need to know in advance the parameters used to generate the pseudorandom sequence.)

This approach isn't unbreakable, but it's a step up from using a constant for the XOR-ing - and PRNGs are very simple to implement, typically consisting of one multiplication and modulo operation for each word.