Simple Secure Transaction (SST) module

Resources Community Resources
#1

Overview

The SST module is an implementation of a simple encryption and decryption algorithm using a custom substitution table, transposition, and XOR operations. The module provides two functions, encryptTransaction and decryptTransaction, for encrypting and decrypting transaction data. Both functions require a key argument, which is used to encrypt and decrypt the data.

I created this module to learn more about encryption and decryption, and I thought it might be useful for others to use as reference or for something else. If you have any feedback or ideas for improvement, please feel free to share them. I will update the module if I make any major additions during my free time.

Usage

To use the SST module, you can simply require it in your Roblox game:

local SST = require(game:GetService("ServerScriptService").SimpleSecureTransaction)

Then, you can use the encryptTransaction and decryptTransaction functions to encrypt and decrypt transaction data.

encryptTransaction(transactionData: string, key: string): string

The encryptTransaction function takes two arguments: transactionData, which is the data you want to encrypt, and key, which is the password used to encrypt the data. The function returns an encrypted string.

Example usage:

local transactionData = "This is a secret message"
local key = "my_password"
local encryptedData = SST.encryptTransaction(transactionData, key)
print(encryptedData)
-- Example output: Mhs%$%)hJf)e%Hjh1Hkxhjsdf

decryptTransaction(encryptedTransactionData: string, key: string): string

The decryptTransaction function takes two arguments: encryptedTransactionData, which is the encrypted data you want to decrypt, and key, which is the password used to decrypt the data. The function returns a decrypted string.

Example usage:

local encryptedData = "Mhs%$%)hJf)e%Hjh1Hkxhjsdf"
local key = "my_password"
local decryptedData = SST.decryptTransaction(encryptedData, key)
print(decryptedData)
-- Example output: This is a secret message

SST.authenticate(providedPassword: string): boolean

The authenticate function takes a password as an argument and returns a boolean indicating whether the provided password matches the password stored in the module. This function is used internally by the encryptTransaction and decryptTransaction functions to ensure that the provided password is correct.

Example usage:

local password = "my_password"
local isPasswordCorrect = SST.authenticate(password)

(Before using the module, make sure to change the default password in the module to your own custom one)

Security Considerations

It’s important to note that the SST module is not a strong encryption algorithm and should not be used to protect sensitive data. The module’s encryption and decryption algorithms are simple and can be easily cracked by determined attackers. Additionally, the module’s password is stored in plaintext, which is also a security risk. If you need to protect sensitive data, it’s recommended that you use a stronger encryption algorithm and store passwords securely.

Download

(You are free to use, copy, or modify the module without any obligations or restrictions)

1 Like
#2

I like this, it can be really good for protecting non-sensitive data from Script Kiddies, but as you said it’s not too good for very sensitive ones, also could you upload it as a model to the Toolbox please? Or put the code here?

2 Likes
#3

questions:

  1. Why do we need a password?

  2. Why is it a download file?

  3. What is the purpose of this?

1 Like
#4
  1. So that Exploiters have a harder time decrypting
  2. IDK
  3. To encrypt m
#5

I uploaded it now to roblox! Thanks for feedback.
Yeah I might try making the algorithm more complex down the line but roblox is pretty limited in someways maybe something with api. This is more of a free time project to learn so will see.

#6

Yeah there’s no problem, important thing is that it works!
Good luck!

#7
  1. A password is required because encrypted data must be secured to ensure that only authorized people may access it.
  2. You do not need to download a file to utilize this. It is only a model on Roblox.
  3. This is done to prevent unauthorized access to or interception of sensitive information.
#8

  1. hackers can find the password by looking through the client scripts that uses it and the module

  2. that was before, @Dede_4242 requested it to post it to roblox and the OP did

  3. roblox filters the encrypted thing and bypassing it is against the TOS, especially in games

image

1 Like
#9
  1. It’s for things in-Game, like a Datastore’s password
#10

Encryption and decryption is usually done on the server side, so exploiters would not be an issue.

Encrypted strings are usually stored within a data store as @Dede_4242 mentioned.

#11

On paper I’ve thought about something like this before, but exploiters can bind to every remote replicated to the client and listen in. They also have access to all of the localscripts on the client, that is required to ‘decrypt’ this transaction.

We need a key to open a door, and so does everyone else. The same rule is applicable to encryption, in theory a transaction like this could be secure using Asymmetric Cryptography. I would not use this module for transmitting actual sensitive data.

If your just using this to mess with script kiddies, all the power to you. :wink:

#12

Yes, he also said that in the post:

#13

With all due respect, there is no practical use case for this module. All data that is “sensitive” enough should never be handed over to the client in the first place.

#14

That is true but making the insecure a little more secure is a powerful thing, I don’t claim this module is even near that but nothing is truly useless. I Am working on an update that should not only add more security but also add onto functionality meaning more use. I am developing on my own time though so might take awhile since I’m busy with other main projects.