【发布时间】:2018-03-18 23:02:12
【问题描述】:
我正在尝试对我的游戏实施加密系统,以保护玩家密码和其他游戏数据。
我想出了一个小测试来习惯这一切的逻辑。
我只是想知道最好的方法来阅读 java 并搜索我需要的逻辑(并找到一种编写它的方法)。因此,话虽如此,我并不完全在寻找一些完全适合我的游戏的 sn-p。我只是在寻找比我所拥有的更好的逻辑。
遗憾的是,这只适用于 4 个字符。
这是我目前所知道的
import java.util.Random;
public class EncodingThenDecoding {
private String stringToHash;
private boolean running = false;
private String originalString;
private String encodedString;
private boolean decoding = false;
public EncodingThenDecoding() {
init();
}
public void initInit() {
running = true;
encodeString("abcd");
System.out.println("Original String: " + originalString);
delay();
decodeStrings();
}
private void encodeString(String sth) {
String[] subStrings = new String[25];
originalString = sth;
for(int subStr = 0;subStr < sth.length();subStr++ ) {
subStrings[subStr] = sth.substring(subStr);
}
for(int i = 0;i < sth.length();i++) {
Random ran = new Random();
StringBuilder encoder = new StringBuilder();
encoder.append( (char)('a' + ran.nextInt('z'-'a')));
subStrings[i] = encoder.toString();
//System.out.println(subStrings[i]);
}
sth = subStrings[0] + subStrings[1] + subStrings[2] + subStrings[3];
encodedString = sth;
System.out.println(sth);
delay();
}
private void decodeString() {
int tries = 0;
int ii = 0;
running = true;
long sd = System.nanoTime();
long minutes = 0;
while(running) {
tries++;
String strToDecode = encodedString;
String[] usedDecodedStrings = new String[1000000];
String[] decodedSubStrings = new String[25];
String decodedString = null;
//store hashed string's chars into an array.
for(int i = 0; i < strToDecode.length();i++) {
decodedSubStrings[i] = strToDecode.substring(i);
}
//stores a random letter between z-a and replaces the array items above.
for(int i = 0;i < decodedSubStrings.length;i++) {
Random ran = new Random();
StringBuilder encoder = new StringBuilder();
encoder.append( (char)('a' + ran.nextInt('z'-'a')));
decodedSubStrings[i] = encoder.toString();
}
//stores the string containing all the new characters assigned above,
decodedString = decodedSubStrings[0] + decodedSubStrings[1] + decodedSubStrings[2] + decodedSubStrings[3];
long nanoseconds = System.nanoTime() - sd;
long miliseconds = nanoseconds/1000000;
long seconds = miliseconds/1000;
System.out.println("its been " + seconds + " seconds");
if(decodedString.equalsIgnoreCase(originalString)) {
System.out.println("Decoding username was succesful!");
System.out.println("it took " + seconds/60 + " minutes and " + tries + " tries to Decode " + strToDecode + " back into " + originalString);
return;
}
else if(!decodedString.equalsIgnoreCase(originalString)) {
System.out.println("Attempt #" + tries + ": " + decodedString);
}
}
}
public void delay() {
try {
Thread.sleep(3000);
}
catch(InterruptedException e) {
}
}
public static void main(String[] args) {
EncodingThenDecoding encryptThenDecrypt = new EncodingThenDecoding();
}
}
这是一个输出示例
已经 1386 秒
尝试 #339016:bsev
已经 1386 秒
尝试 #339017:qycu
已经 1386 秒
解码用户名成功!
花了 23 分钟,339018 尝试将 vlbc 解码回 abcd
【问题讨论】:
-
询问“最佳方式”的问题显然是固执己见。通常没有最好的方法。即使您将问题改为询问几种好方法也可能过于宽泛。
-
密码保护的典型方式是:不存储用户密码的密码,而只存储用户密码的create a hash value(例如SHA-1)。如果用户再次登录,只需比较哈希码。
-
这里已多次讨论保护密码,以及在 Security Stack Exchange 上。在发布之前阅读这些内容。了解 salt、hash、bcrypt 等。
标签: java encryption