Easy Encryption
by Brian Dunning
http://www.briandunning.com/

WHAT THIS IS

Easy Encryption is a demo file that teaches you how to use FileMaker's included features to encrypt values. This can be used for secure storage of credit card numbers, to generate unique serial numbers for your customers, or to unlock and provide access to premium features by distributing updated serial codes to customers.

WHAT'S HERE

This archive comes with a "simple example" that shows how the numbers are encrypted and then decrypted. This file is stripped down to the basics to make it as easy as possible to understand.

It also comes with a "commercial example" which is relatively stripped down as well; it provides you with a real administrative solution to manage your customers and the serial codes you provide for them; it also has a fully functional entry file for your commercial software product that depends on proper entry and decoding of the serial code.

The purpose of the locked downloadable files is to give you an introductory sense of how this technique works and what it's capable of. If it seems to fit your bill, you may want to get the unlocked version, which gives you full access. You can even use my files if you want.

HOW IT WORKS

This technique uses a combination of a base conversion (from base-10 to base-32) and scrambling. As long as your 32-character alphabet is unique, it's highly unlikely that anybody would ever be able to decode your algorithm. Even a modest change in your original string results in a major change in the encrypted string, with no pattern that is detectable by practical means. Due to FileMaker's math limitations, only numbers up to about 12 digits in length will work. But this is no problem; if you need to encode a longer value, just break it up into segments, encode each segment separately, and then append them back together.

The Checksum character which is appended to the encrypted strong is a Mod(32) calculation based on the values of the other numbers in the code. This certifies that the code being examined is a real one, and not just some random code the somebody made while trying a whole bunch of codes until they get one that works.

This is not NSA-grade encryption, but it is strong enough for most practical applications. Read the license agreement: it limits my liability in cases such as where you get the CIA to use my scheme and the forces of evil bring in some supercomputer time and crack it.

WHY THIS SOLUTION?

There are plug-ins that perform encryption, but those I've looked at suffer from three terminal limitations, in my opinion: (1) They don't always produce the same results on Mac and on Windows; (2) They don't always produce clear text readable codes that can be read over the phone, sent in an email, or typed, instead producing funky untypable bizarre characters; and (3) Like all plug-ins, extra licensing beyond the cost of FileMaker Pro is required for your users to be able to use it and decode the codes you give them.

This technique is all-in-FileMaker, so no extra money needs to be paid to anyone to use it.

Brian Dunning
http://www.briandunning.com/