Main:
A description/proof of concept to make cracking near impossible.
I know, I know, no encryption is uncrackable. But this one is going to be harder than any to crack. I spent several hours thinking of ways to make it harder for us to crack into a website. It would be harder even if we had access to the bakups.
The concept is, stack encryption algorithms on top of each other, forming them into one, causing one encryption that will take decades to crack even if it is a 3 letter password.
SHA-1 is 160 bit encryption.
MD5 is 128 bit encryption.
For now, MD5 is most used, but easiest to crack.
Heres the code for the index.php or html, whichever you prefer:
<form name="form" action="login.php" method="post">
First Name:
<input type="text" name="firstname">
<br>
Password
<input value="hidden" type="password" name="password">
<br>
<input type="submit" value="Submit">
</form>
You see it uses the post method for those looking over your shoulder at your URL.
Heres the login.php:
<?php
$name=$_POST['firstname'];
$pass=$_POST['password'];
$file="login.php";
$hash1=sha1("$name");
$hash2=sha1("$pass");
$hash3=sha1_file("login.php");
$encrypt=md5(sha1("$hash1.$hash2.$hash3"));
echo "hash is: $encrypt";
?>
You see it starts by getting the user and pass.
It then uses SHA-1 to hash the user and password separately.
It then creates a hash of the login.php.
After all these hashes have been generated, it then uses them as salts on top of each other to double dutch them
into an MD5 hash.
Lets calculate that:
2 beginning sets of SHA-1
Thats 360 bits
add the digital checksum of the login.php
540 bits
take that 540 times another 180 bits
97,200 bits times the 128 bit encryption of MD5
12,441,600 bits TOTAL.
Thats a lot of bits. Even the NSA wouldn't be able to crack that without a few decades work. I would have to say
it would be illegal in a lot of the world but it will be damn secure ;)
Say someone got your backups. The hash they get is double dutched with MD5 on top, they would have to wait for
it to crack- showing an SHA-1 hash. They begin cracking the SHA-1 hash. OH LOOK! 3 more SHA hashes to crack.
As we all know, brute forcing a password over 6 characters is a pain. try brute forcing that double dutch
rendering the MD5 into 40 characters. That in turn is 120 char + a couple of periods. The login.php hash will
have a lot of char in it if someone doesn't know which is which. the username can have alot of char, if the
person is smart, the pass will be at least 8 characters.
What do you all think?
Bl4ckC4t
The concept is, stack encryption algorithms on top of each other, forming them into one, causing one encryption that will take decades to crack even if it is a 3 letter password.
SHA-1 is 160 bit encryption.
MD5 is 128 bit encryption.
For now, MD5 is most used, but easiest to crack.
Heres the code for the index.php or html, whichever you prefer:
<form name="form" action="login.php" method="post">
First Name:
<input type="text" name="firstname">
<br>
Password
<input value="hidden" type="password" name="password">
<br>
<input type="submit" value="Submit">
</form>
You see it uses the post method for those looking over your shoulder at your URL.
Heres the login.php:
<?php
$name=$_POST['firstname'];
$pass=$_POST['password'];
$file="login.php";
$hash1=sha1("$name");
$hash2=sha1("$pass");
$hash3=sha1_file("login.php");
$encrypt=md5(sha1("$hash1.$hash2.$hash3"));
echo "hash is: $encrypt";
?>
You see it starts by getting the user and pass.
It then uses SHA-1 to hash the user and password separately.
It then creates a hash of the login.php.
After all these hashes have been generated, it then uses them as salts on top of each other to double dutch them
into an MD5 hash.
Lets calculate that:
2 beginning sets of SHA-1
Thats 360 bits
add the digital checksum of the login.php
540 bits
take that 540 times another 180 bits
97,200 bits times the 128 bit encryption of MD5
12,441,600 bits TOTAL.
Thats a lot of bits. Even the NSA wouldn't be able to crack that without a few decades work. I would have to say
it would be illegal in a lot of the world but it will be damn secure ;)
Say someone got your backups. The hash they get is double dutched with MD5 on top, they would have to wait for
it to crack- showing an SHA-1 hash. They begin cracking the SHA-1 hash. OH LOOK! 3 more SHA hashes to crack.
As we all know, brute forcing a password over 6 characters is a pain. try brute forcing that double dutch
rendering the MD5 into 40 characters. That in turn is 120 char + a couple of periods. The login.php hash will
have a lot of char in it if someone doesn't know which is which. the username can have alot of char, if the
person is smart, the pass will be at least 8 characters.
What do you all think?
Bl4ckC4t
Posted by 
its called randomized one time pad. But the cons are that it requires a unique key and a key with an equal length to the tobecipherd text. google it 
