Scratch

technoboy10 wrote:

veggieman001 wrote:

RedRocker227 wrote:

Then they'd just check the script to see the method of encrypting though.

I support.

But if it were hashing, it wouldn't be crackable.

How do you 'hash' info in Scratch? The only reason I suggested this was because of a project I want to make that uses accounts.

I've got an idea: You make a "hashing" script that is asymetrical; you can't decode it in the same way you encode it (you can't "unhash"). Then, when you need to validate a password you hash the password you're trying to validate, then check it against the "hashed" version in the cloud list. THAT WILL WORK!

scimonster wrote:

This probably won't happen.    It's still keeping information secret, and could be abused.
Also, the user could just get around it with

say (☁ passwords)

You just have to hash them.

I suppose the easy answer would be that mods could see the locked stuff, but IDK if that would cut it.

joefarebrother wrote:

technoboy10 wrote:

joefarebrother wrote:

I've got an idea: You make a "hashing" script that is asymetrical; you can't decode it in the same way you encode it (you can't "unhash"). Then, when you need to validate a password you hash the password you're trying to validate, then check it against the "hashed" version in the cloud list. THAT WILL WORK!

XD I have no clue how to do that. Care to give it a try?

For each letter of your message, you take position of this letter in the alphabet. If it is a space or a number or a symbol, you need to work out a symbol/number convertation system. (maybe have a list of all the symbols you accept) If it is only 1 digit, put a 0 on the front (so A would be 01, B = 02, ... , Z = 26, <other symbols = other numbers>) Then you string them together to make a number. Call this number A. Now here comes the tricky part: hashing this number so it can't be un-hashed. You take 2 prime numbers (the bigger the better) and X them together. (call this number K) Then you take another prime number E. It can be smaller than the others, but make sure it DOESN'T divide into A, then work out (A^E) mod K and call this number C. There is your hashed number! To validate a password, hash the one you're checking, and compare this to the (stored) hashed password.
The only way to "un-hash" anything hashed like this is to know the 2 prime numbers you used and work out a few equations, but as the two primes are never stored (only their product) then this cannot be hacked!

I assume you mean 'multiply' by 'X?'

Last edited by technoboy10 (2012-05-13 16:03:34)

Yes, support.

Support! Seems like a good idea!

technoboy10 wrote:

joefarebrother wrote:

technoboy10 wrote:

XD I have no clue how to do that. Care to give it a try?

For each letter of your message, you take position of this letter in the alphabet. If it is a space or a number or a symbol, you need to work out a symbol/number convertation system. (maybe have a list of all the symbols you accept) If it is only 1 digit, put a 0 on the front (so A would be 01, B = 02, ... , Z = 26, <other symbols = other numbers>) Then you string them together to make a number. Call this number A. Now here comes the tricky part: hashing this number so it can't be un-hashed. You take 2 prime numbers (the bigger the better) and X them together. (call this number K) Then you take another prime number E. It can be smaller than the others, but make sure it DOESN'T divide into A, then work out (A^E) mod K and call this number C. There is your hashed number! To validate a password, hash the one you're checking, and compare this to the (stored) hashed password.
The only way to "un-hash" anything hashed like this is to know the 2 prime numbers you used and work out a few equations, but as the two primes are never stored (only their product) then this cannot be hacked!

I assume you mean 'multiply' by 'X?'

yes. X = multiply

stevetheipad, G0D_M0D3, pi3, and James07 wrote:

support

Thanks!

just use my hash algorithm once it's good enough :advertising my project everywhere:

I support!

technoboy10 wrote:

Suppose I created a project with 'accounts' and passwords, and the passwords are stored in a cloud list. If someone saw inside the project, they would have access to all the passwords. What I propose is an option for 'locked' cloud variables. The values of these would not be accessible to anyone but the creator of the project. However, this would not change Scratch's core values; because if someone tried to view or change these, a notification box would appear with 'The creator of this project has locked these variables. To change the values, you must erase the(or create a new) cloud variable/list.'
Please note that locking/unlocking data would be an option. If the creator chose to use unlocked data, the values could be changed by anyone. Also, the values may be changed by the original program. Also, mods could see locked data (yes, the magical fix for any suggestion.  ).

Supporters:
Technoboy10
RedRocker227
joefarebrother
jcpopp
TorbyFork234
SJRCS_011
zippynk
stevetheipad
G0D_M0D3
pi3
James07

Scratch Suggestions page

I don't agree.

Scratch projects are for all to use and see the source.

Possibly having it so it would automatically change the variables's names and ips or whatever.

But to lock it means no one could use it.

I would say to make the ip/name of the variable for that user only,.
(it would be like Pecola1's pass list.)

That way users could use the cloud variable, but it would be for their user only. And it would not have the information stored on it.    But since your suggestion would interfere with this, and i don't agree with your suggestion. I vote no. 

Pecola1 wrote:

Wall of text 

Isn't that still locking it, to have only certain users be able to view it?

Last edited by technoboy10 (2012-05-15 21:28:01)

I completely support.

add my name.