Newsletters   Subscriptions  Forums  Store   Career  Media Kit  About Us  Contact  Search   Home 
fhg
Volume 5, Number 17 -- April 27, 2005

A Simple Encryption/Decryption Algorithm for Numbers


Hey, Ted:


One of the most important tasks of any IT department is to make sure that information stored in database files is not accessible to unauthorized users. RPG program CCED01 provides a simple way to encrypt and decrypt numbers up to 16 digits long.

The algorithm is based on a16-element array of numeric digits, which I implement as a compile-time array in CCED01. Each element must contain the ten numeric characters from 0 to 9. Each digit must appear only once in each element of the array. The digits can appear in any order you like. Here's an example:

0123456789
1234567890
2345678901
3456789012
4567890123
5678901234
6789012345
7890123456
8901234567
9012345678
0123456789
1234567890
2345678901
3456789012
4567890123
5678901234

Program CCED01 has only one parameter: a 17-byte character value. The first 16 bytes contain a left-justified number. The last byte must contain E to encrypt or D to decrypt.

Let's consider an example. Suppose a social security number 328827109 has to be stored in a database file. This number is passed to the program with the right justified letter 'E' for encryption:

CALL PGM (CCED01) PARM ('328827109       E')

Encryption is a two-step process. In the first step, the program replaces each digit of the number by its position within its array element, as illustrated here.



Input number

Array element

Output number

3

0 1 2 3 4 5 6 7 8 9

4

2

1 2 3 4 5 6 7 8 9 0

2

8

2 3 4 5 6 7 8 9 0 1

7

8

3 4 5 6 7 8 9 0 1 2

6

2

4 5 6 7 8 9 0 1 2 3

9

7

5 6 7 8 9 0 1 2 3 4

3

1

6 7 8 9 0 1 2 3 4 5

6

0

7 8 9 0 1 2 3 4 5 6

4

9

8 9 0 1 2 3 4 5 6 7

2

 

9 0 1 2 3 4 5 6 7 8

 

 

0 1 2 3 4 5 6 7 8 9

 

 

1 2 3 4 5 6 7 8 9 0

 

 

2 3 4 5 6 7 8 9 0 1

 

 

3 4 5 6 7 8 9 0 1 2

 

 

4 5 6 7 8 9 0 1 2 3

 

 

5 6 7 8 9 0 1 2 3 4

 



The second step is to translate the resulting digit character to "garbage" characters. In my implementation, I translate the digits 0 through 9 to the values !@#$% &*(), which are the characters produced by holding down the shift key and pressing the number keys across the top of the keyboard.

Original Social Security Number:                       3 2 8 8 2 7 1 0 9

Numerically Encrypted Number:                        4 2 7 6 9 3 6 4 2

"Garbage" Characters Encrypted Number:      % # * & ) $ & % #

The returned value %#*&)$&%# will be stored in the database file.

To decrypt the value, in order to display it on a screen for instance, I call the same program, passing the encrypted value as the left-justified portion of the parameter and the right-justified letter 'D' for decryption:

CALL PGM (CCED01) PARM (' %#*&)$&%#       D')

The returned value 328827109 will be displayed on the screen.

Two organizations can use the same algorithm by using program CCED01with different compile time arrays, having different combinations of digits from 0 to 9 within the corresponding rows of the table. This difference in translation tables makes the encryption/decryption algorithm unique for each organization.

--Victor Pisman


Thanks to Victor for this interesting little algorithm. Let me add a few comments.

First, this is not industrial-strength encryption. One problem with this algorithm is that there is no way to change the encryption/decryption key without decrypting all encrypted data with the old array and re-encrypting it with a new compile-time array. However, it should be adequate for curious eyes around the office, especially those with access to query and reporting tools.

Second, Victor has allowed for 16 digits. This program could easily be modified to handle larger numbers.

Last, Victor's use of one parameter works fine, but anyone who decides to implement this program might find it advantageous to use two or three parameters instead. I would prefer that the D or E option have its own parameter. It might also be good to have separate parameters for the encrypted and decrypted values.

--Ted

Sponsored By
WORKSRIGHT SOFTWARE

Do you need area code information?
Do you need ZIP Code information?
Do you need ZIP+4 information?
Do you need city name information?
Do you need county information?
Do you need a nearest dealer locator system?

We can HELP! We have affordable AS/400 software and data to do all of the above. Whether you need a simple city name retrieval system or a sophisticated CASS postal coding system, we have it for you!

The ZIP/CITY system is based on 5-digit ZIP Codes. You can retrieve city names, state names, county names, area codes, time zones, latitude, longitude, and more just by knowing the ZIP Code. We supply information on all the latest area code changes. A nearest dealer locator function is also included. ZIP/CITY includes software, data, monthly updates, and unlimited support. The cost is $495 per year.

PER/ZIP4 is a sophisticated CASS certified postal coding system for assigning ZIP Codes, ZIP+4, carrier route, and delivery point codes. PER/ZIP4 also provides county names and FIPS codes. PER/ZIP4 can be used interactively, in batch, and with callable programs. PER/ZIP4 includes software, data, monthly updates, and unlimited support. The cost is $3,900 for the first year, and $1,950 for renewal.

Just call us and we'll arrange for 30 days FREE use of either
ZIP/CITY or PER/ZIP4.

WorksRight Software, Inc.
Phone: 601-856-8337
Fax: 601-856-9432
E-mail: software@worksright.com
Web site: www.worksright.com


Technical Editors: Howard Arner, Joe Hertvik, Ted Holt,
Shannon O'Donnell, Kevin Vandever
Contributing Technical Editors: Joel Cochran, Wayne O. Evans, Raymond Everhart,
Bruce Guetzkow, Marc Logemann, David Morris
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.


THIS ISSUE
SPONSORED BY:

WorksRight Software
Advanced Systems Concepts
Guild Companies
SoftLanding Systems


Four Hundred Guru

BACK ISSUES

TABLE OF
CONTENTS
A Simple Encryption/Decryption Algorithm for Numbers

Suppress Runtime Display When Qshell Cancels

Admin Alert: Getting Ready for Single Sign-On

Jungle Chatter--Forum Discussions:

Trying to Use OPNQRYF

Date Abbreviations

Virtual Session Runaway Job

Print Key Functions on Various Terminals

Apple in the Financial Marketplace

Subfile with Hyperlink and Want to Increase the Font Size Used



The Four Hundred
Rochester Winds Down Non-TCP/IP Networking on the iSeries

IBM's Workplace Collaboration Suite Is Almost Ready

Azul Can Make a Killer iSeries Java Co-Processor

As I See It: Who Feeds You?

Four Hundred Stuff
FalconStor Updates Virtual Tape Library Offering

Jacada Builds Foundation for SOA with Fusion 2.0

Seagull Partners with Cordys for Web Service Orchestration

All You Need for B2B is GIS 4.0, Sterling Says

Four Hundred Monitor


Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc. (formerly Midrange Server), 50 Park Terrace East, Suite 8F, New York, NY 10034
Privacy Statement