Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 General SQL Server Forums
 Script Library
 RC4 Encryption - Decryption

Author  Topic 

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2006-12-12 : 07:35:35
This function is used to initialize the seed for the RC4 algorithm
CREATE FUNCTION dbo.fnInitRc4
(
@Pwd VARCHAR(256)
)
RETURNS @Box TABLE (i TINYINT, v TINYINT)
AS

BEGIN
DECLARE @Key TABLE (i TINYINT, v TINYINT)

DECLARE @Index SMALLINT,
@PwdLen TINYINT

SELECT @Index = 0,
@PwdLen = LEN(@Pwd)

WHILE @Index <= 255
BEGIN
INSERT @Key
(
i,
v
)
VALUES (
@Index,
ASCII(SUBSTRING(@Pwd, @Index % @PwdLen + 1, 1))
)

INSERT @Box
(
i,
v
)
VALUES (
@Index,
@Index
)

SELECT @Index = @Index + 1
END


DECLARE @t TINYINT,
@b SMALLINT

SELECT @Index = 0,
@b = 0

WHILE @Index <= 255
BEGIN
SELECT @b = (@b + b.v + k.v) % 256
FROM @Box AS b
INNER JOIN @Key AS k ON k.i = b.i
WHERE b.i = @Index

SELECT @t = v
FROM @Box
WHERE i = @Index

UPDATE b1
SET b1.v = (SELECT b2.v FROM @Box b2 WHERE b2.i = @b)
FROM @Box b1
WHERE b1.i = @Index

UPDATE @Box
SET v = @t
WHERE i = @b

SELECT @Index = @Index + 1
END

RETURN
END
ANd this function does the encrypt/decrypt part
CREATE FUNCTION dbo.fnEncDecRc4
(
@Pwd VARCHAR(256),
@Text VARCHAR(8000)
)
RETURNS VARCHAR(8000)
AS

BEGIN
DECLARE @Box TABLE (i TINYINT, v TINYINT)

INSERT @Box
(
i,
v
)
SELECT i,
v
FROM dbo.fnInitRc4(@Pwd)

DECLARE @Index SMALLINT,
@i SMALLINT,
@j SMALLINT,
@t TINYINT,
@k SMALLINT,
@CipherBy TINYINT,
@Cipher VARCHAR(8000)

SELECT @Index = 1,
@i = 0,
@j = 0,
@Cipher = ''

WHILE @Index <= DATALENGTH(@Text)
BEGIN
SELECT @i = (@i + 1) % 256

SELECT @j = (@j + b.v) % 256
FROM @Box b
WHERE b.i = @i

SELECT @t = v
FROM @Box
WHERE i = @i

UPDATE b
SET b.v = (SELECT w.v FROM @Box w WHERE w.i = @j)
FROM @Box b
WHERE b.i = @i

UPDATE @Box
SET v = @t
WHERE i = @j

SELECT @k = v
FROM @Box
WHERE i = @i

SELECT @k = (@k + v) % 256
FROM @Box
WHERE i = @j

SELECT @k = v
FROM @Box
WHERE i = @k

SELECT @CipherBy = ASCII(SUBSTRING(@Text, @Index, 1)) ^ @k,
@Cipher = @Cipher + CHAR(@CipherBy)

SELECT @Index = @Index +1
END

RETURN @Cipher
END


Peter Larsson
Helsingborg, Sweden

harsh_athalye
Master Smack Fu Yak Hacker

5581 Posts

Posted - 2006-12-12 : 07:56:42
Wonderful implementation, Peter!

Thanks for sharing.

Harsh Athalye
India.
"The IMPOSSIBLE is often UNTRIED"
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2006-12-12 : 07:59:31
Thanks.

I kept it in two parts, because then the EncDec can be rewritten to encrypt/decrypt a column with same password a lot faster, without having to call Init for each row.

As of now, any row could have different password.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

harsh_athalye
Master Smack Fu Yak Hacker

5581 Posts

Posted - 2006-12-12 : 08:05:11
Have you timed it, Peter?
I think it will be good candidate for CLR-SP in SQL 2005.

Harsh Athalye
India.
"The IMPOSSIBLE is often UNTRIED"
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2006-12-12 : 08:29:17
Haven't got time.

I am in a debate right now woth senile developer about requirements.
He wrote all requirements down on a paper and I did exactly what it said, but now he is so mad and angry with me I think he will burst any minute. Now he says he never wrote the requirements.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)

7020 Posts

Posted - 2006-12-12 : 08:48:27
I see you linked to this thread from Wikipedia
http://en.wikipedia.org/wiki/RC4





CODO ERGO SUM
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2006-12-12 : 09:32:06
Yes, I have learnt how to do it.
Thanks again Michael.


Peter Larsson
Helsingborg, Sweden
Go to Top of Page

afrika
Master Smack Fu Yak Hacker

2706 Posts

Posted - 2006-12-12 : 09:39:03
Must say,

"Peso on fire"

Brilliant work
Go to Top of Page

Michael Valentine Jones
Yak DBA Kernel (pronounced Colonel)

7020 Posts

Posted - 2006-12-12 : 09:43:55
quote:
Originally posted by Peso

Yes, I have learnt how to do it.
Thanks again Michael.


Peter Larsson
Helsingborg, Sweden



Are you going to start doing 50 posts/day in Wikipedia now?




CODO ERGO SUM
Go to Top of Page

madhivanan
Premature Yak Congratulator

22864 Posts

Posted - 2006-12-12 : 11:47:52

<<
Are you going to start doing 50 posts/day in Wikipedia now?
>>

He will score a Century


Madhivanan

Failing to plan is Planning to fail
Go to Top of Page

avmreddy17
Posting Yak Master

180 Posts

Posted - 2007-10-04 : 13:06:44
Peso,

How to you decrypt using this function
fnEncDecRc4

Thanks
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2007-10-04 : 15:33:14
Same function, hence the name fnEncDecRc4.



E 1255'05.25"
N 5604'39.16"
Go to Top of Page

khautinh
Starting Member

10 Posts

Posted - 2007-10-19 : 19:32:18
Peso,
I am new in these type of encrypt and decrypt. How can I use the same function to decrypt the text please? Would you more specific please.

I tried

declare @test varchar(50)
select @test = 'password'
select dbo.fnEncDecRc4(@test, '2345')
print @test = ;

How can I use the same function to decrypt ( ;)?

Thanks again.
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2007-10-20 : 03:23:12
select dbo.fnEncDecRc4(@test, ' ;')



E 1255'05.25"
N 5604'39.16"
Go to Top of Page

tkizer
Almighty SQL Goddess

38200 Posts

Posted - 2007-10-31 : 18:21:00
Peso, according to this thread, your function has an error: http://www.sqlteam.com/forums/topic.asp?TOPIC_ID=78552. Check out Helly's post. Not sure if it's valid or not, just wanted to give you a heads up since he posted it in the other thread rather than this one.

Tara Kizer
Microsoft MVP for Windows Server System - SQL Server
http://weblogs.sqlteam.com/tarad/
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2007-11-01 : 12:33:55
Thanks for the link. However I am not able to reproduce the alleged bug.
SELECT	dbo.fnEncDecRc4('Yek', (SELECT dbo.fnEncDecRc4('Yik', 'This is the secret message.')))	-- Fails
SELECT dbo.fnEncDecRc4('Yek', (SELECT dbo.fnEncDecRc4('Yek', 'This is the secret message.'))) -- Works
SELECT dbo.fnEncDecRc4('Yek', (SELECT dbo.fnEncDecRc4('Yak', 'This is the secret message.'))) -- Fails
See last example. I think that poster used two different passwords, and when decrypthing the encrypted text, he used wrong password and thus produced a string containing an ascii zero character, which seesm to be a string terminator in SQL Server.



E 1255'05.25"
N 5604'39.16"
Go to Top of Page

Ahmad Farid
Starting Member

7 Posts

Posted - 2008-07-22 : 11:11:55
Can anyone please show with a full example how to decrypt some text?
Thank you :)
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2008-07-22 : 12:56:13
The post just before your's show to to both encrypt and decrypt.



E 1255'05.25"
N 5604'39.16"
Go to Top of Page

Ahmad Farid
Starting Member

7 Posts

Posted - 2008-07-27 : 05:36:52
yeah I wasn't able to understand it well. Thank you Peso. But I have another question. Is it possible that I do the encryption through the .NET and the decryption through this SQL function?
Go to Top of Page

SwePeso
Patron Saint of Lost Yaks

30421 Posts

Posted - 2008-07-28 : 03:32:24
Yes, there are a number of .NET RC4 encryption and decryption libraries.



E 1255'05.25"
N 5604'39.16"
Go to Top of Page

Ahmad Farid
Starting Member

7 Posts

Posted - 2008-07-28 : 05:13:28
I only found RC2, DES, TripleDES and some else but never found RC4. Can you please mention its full path of namespaces? Thank you.
Go to Top of Page
    Next Page

- Advertisement -