Recommended Two-Way Encryption Gems for Ruby

Recommended two-way encryption gems for Ruby?

I'd recommend Shuber's Encryptor - it wraps the OpenSSL library so you can use anything it supports.

Encryption-Decryption in Rails

SHA1 is a one way function you can't reverse it.

This may be of interest re password resets:
http://www.binarylogic.com/2008/11/16/tutorial-reset-passwords-with-authlogic/

If you want to do encryption/decryption then you should use something like AES. Once you start using encryption/decryption, however, you'll also have to start worrying about key management too.

Regarding your comment to the OP below - if you are going to to be storing CC info, I would advise you get a security person in who knows about crypto, key management etc and who also understands the relevant legal and regulatory aspects.

Encrypting (not hashing) and storing user passwords on a rails server, using devise cookies

If your server is going to be handling the password in plaintext (to talk to the other server with Basic auth), you're going to gain access to the password. Perhaps you want to avoid storing the password in plaintext?

Send the password in plain text to the server, which then encrypts it, stores the encrypted version and adds a cookie to the client with the key. Then any future requests provide the key to the server.

If you're looking for an encryption library, Recommended two-way encryption gems for Ruby?

Simple Encryption in Ruby without external gems

The solution is kind of from scratch but based on this: https://math.stackexchange.com/questions/9508/looking-for-a-bijective-discrete-function-that-behaves-as-chaotically-as-possib

The simplest way presented is using a * x + b (mod 2^n)

Obviously this is no real encryption and really only useful if you want to create sequential coupon codes without using much code.

So to implement this, you first need to pick a, b and n. (a must be odd) For example a=17, b=37 and n=27. Also we need to find "a^(-1)" on "mod 2^n". It's possible to do this on https://www.wolframalpha.com using the ExtendedGcd function:

So the inverse of a is therefore 15790321. Putting all this together:

A=17
B=37
A_INV=15790321

def encrypt(x)
  (A*x+B)%(2**27)
end

def decrypt(y)
  ((y-B)*A_INV)%(2**27)
end

And now you can do:

irb(main):038:0> encrypt(4)
=> 105
irb(main):039:0> decrypt(105)
=> 4

Obviously we want the coupon codes to look cool. So 2 extra things are needed: start the sequence at 4000 or so, so the codes are longer. Also convert them into something alpha-numeric, that's also an easy one with Ruby:

irb(main):050:0> decrypt("1ghx".to_i(36))
=> 4000
irb(main):051:0> encrypt(4000).to_s(36)
=> "1ghx"

One nice additional property is that consecutive numbers are different enough that guessing is practically impossible. Of course we assume that the users are not crypto analysts and if someone indeed guesses a valid number, it's not the end of the world: :-)

irb(main):053:0> encrypt(4001).to_s(36)
=> "1gie"
irb(main):054:0> decrypt("1gie".to_i(36))
=> 4001

Let's try to naively "hack" it by counting from 1gie to 1gif:

irb(main):059:0* decrypt("1gif".to_i(36))
=> 15794322

That's completely out of range, there are just 2000 or so coupons anyways - not a million. :-) Also if I remember correctly one can experiment a bit with the parameters, so subsequent numbers look more chaotic.

(Pick a larger n for longer codes and vice-versa. Base 36 means 6 bits are needed for each character ("Math.log(36, 2)"). So n=27 allows for up to 5 characters.)

---

Related Topics