I love this idea! (character limit)
3 Likes
Right now you are storing the encode and decode dictionary on the script, someone could just use this module to decrypt existing encrypted strings. You should use randomisation as a key (so encrypting requires a key), the key can just be a randomised encode/decode dictionary
5 Likes
This is a good idea! I will implement this in the next update. This module was my first time working with the string function so I am always learning 
2 Likes
Because this is an open sourced module, exploiter can use this as well, and basically defeated the whole purpose of using it.
1 Like
Keep in mind this is not so secure still if you still store the key on the client or send via remotes, both are still attackable by intercepting the remote or if the exploiter’s executor supports getting constants or such
Just figured I’d chime in. I have taken a few cyber security courses in university as a computer science student.
First, encoding and decoding can, in fact, be considered a form of encryption. This is why things like caesar ciphers and mono-alphabetic substitution, while very simple (even as simple as your encoding system) are also considered encryption. To advertise this as a “Simple Encryption Module” definitely fits here.
This might be a bug rather than proper criticism, but your use of LoweredString = string.lower(text) in your encoding algorithm when converting from plaintext to ciphertext causes an irreversible change, which makes this algorithm not a proper encoding/encryption algorithm, since it can’t be properly decoded/decrypted. See below:
print(RoEncode:Decode(RoEncode:Encode("Hi")))
prints “hi”, not “Hi”
5 Likes
Yeah so when I wrote the encode function, I had forgotten symbols and capitol letters. In the next update of this module (Probably tomorrow), I will add some major security fixes along with some more encoding methods. I will include more symbols and add the capitol letters. Thanks for the feedback!
HTTPService provides a :GenerateGUID() function which creates a random UUID. Now if I’m not an idiot, then I believe you can use this function for encrypting, although I have no idea how (I’m not skilled into UUID).
1 Like
Currently these are the changes planned for the next update. If you have more ideas, reply to this message!
1 Like
Update 1: (Another tomorrow)
1: Added support for every symbol (Except -, _, +, and =)
2: Added support for numbers (0-9)
3: Hid the tables from exploiters (The best I can at the moment)
You could already do what this module does with some of the built-in functions:
local str = "Test string"
local nums = string.byte(str, 1, #str) -- A bunch of numbers
local strAgain = string.char(table.unpack(nums)) -- "Test string"
Now, if you added basic ciphers such as the Caesar ciper, or any industry-standard cipers, this module would be much more useful than it is now. Don’t give up, just keep improving it until it’s ready for use.
Encryption is not a valid method of securing remotes. All that does is add more stress on the server/client, and provides a false sense of security. Do not attempt to secure the client in any case; the real damage comes from unsecured remotes.
You’ve also mentioned that this module can be used to encrypt passwords. There’s a few flaws with that:
- You can’t ask players for passwords in any situation. It doesn’t matter if it’s a field that isn’t saved, Roblox ToS forbids it if it’s worded as a “password”.
- Passwords should be hashed, not encrypted.
7 Likes
Pretty fun module! Could for sure see me using this in a puzzle or something like that in the future. Nice job!
2 Likes
The reason it says for encrypting passwords is because some features of games can have like a user password.
.
Hmm I will work on it, thanks for the feedback
Thanks for the help! (character limit)
Here are the problems:
1: The module returns nothing, you must return RoEncode
2: Both of the external modules are private
- The module returns the string that was Encoded/Decoded
- Let me fix that rq (Thanks for telling me)
Should be fixed now, thanks for reporting the bug!
The bug has not been fixed for this reason: at the end of the modulescript you don’t actually return anything. You must return the table or it will error. Here’s an example of right and wrong:
-- correct
local module = {}
return module -- returned the module
--incorrect
local module = {}
return -- didn't return anything
Edit: There’s another bug: you can’t require the module using require(9327178091) because the modulescript is named RoEncode instead of MainModule. Renaming the modulescript to MaiinModule would allow people to require it into their game, which is good since it gives the latest version.
Edit 2: The two external modules have the above errors just like the main module.
1 Like