I rolled my own encryption regardless of all the advice not too (they would say that !) because I work on windows and will not trust any
of the Microsoft's black-box encryption tools and passing keys to Microsoft for AES encryption is a big red flag for me.
What i need is fast encryption for a Tor style network that will work with data streams for sending large volumes of data
but the trouble is the data might be send/received in random sizes and i want to relay the data as soon as it comes in
incoming upstream node [------300k-----] [-----200k-----][-----67k-----]
receiving local node [------200---][----467k--------------------------]
So i can swap all "A's" to become "Z's" and "Z''s" becomes "A's" based on a secret key used to mix the data up
but this encryption would be easy to crack and because of the speed I don't want to keep inserting points into the
byte array being encrypted.
Now i could added extra shift into byte codes based on looking for the letters 'HTTP' but the trouble is that the
data could arrive in a blocks starting with 'TP' or ending in 'HT' so it would be a bit hit and miss and I don't even know
the type of data that will be sent because the nodes act as SOCK4/5 and HTTP Proxy servers which you guys might like
for running nodes on Bitcoin.
So far my code is sweet but generating the CypherCode is slow so it's cached and is returned from MakeCypherCode as a 512 byte array
and the speed is second to none.
public static byte[] DecryptFast(byte[] Text, string Key)
{
byte[] CypherCode = MakeCypherCodes(Key);
for (uint f = 0; f <= Text.Length - 1; f++)
{
Text[f] = CypherCode[Text[f]+256];
}
return Text;
}
public static byte[] EncryptFast(byte[] Text, string Key)
{
byte[] CypherCode = MakeCypherCodes(Key);
for (uint f = 0; f <= Text.Length - 1; f++)
{
Text[f] = CypherCode[Text[f]];
}
return Text;
}
HTTPS traffic is already semi safe on this network because the CONNECT request that includes the domain name is encrypted before being sent but
the certificate response could still be sniffed but after that I plan on just sending the data "as is" since it's already encrypted
Too be honest I don't think there is a real good solution to this problem but i thought I would try anyway.