Simple Javascript encrypt, PHP decrypt with shared secret key

Question

This is not about security. It is also not to make it hard to break. I'm looking for a simple algorithm to change a string (a url) in a way it does not resemble the original. The encryption will be done with javascript. Then I want to feed the encrypted string to a PHP function to change it back to the original. Both ends could share a secret key, or the conversions could be key-less and rely on just logic.

The ideal solution

1. will be simple
2. will use available javascript functions for encryption
3. will use available php functions for decryption
4. will produce encrypted string in way not to resemble the plain text at all
5. will only use lower-case alphabet characters and numbers in the encrypted string
6. is not a method widely used like Base64-ing as encryption.

Edit: The last requirement was added after shamittomar 's answer.

Answer 1

You can use bitwise XOR in javascript to encode the string and again in PHP to decode it again. I wrote a little Javascript example for you. It works the same in PHP. If you call enc() a second time with the already encoded string, you'll get the original string again.

<html>
<head><title></title></head>
<body>
<script type="text/javascript">
function enc(str) {
    var encoded = "";
    for (i=0; i<str.length;i++) {
        var a = str.charCodeAt(i);
        var b = a ^ 123;    // bitwise XOR with any number, e.g. 123
        encoded = encoded+String.fromCharCode(b);
    }
    return encoded;
}
var str = "hello world";
var encoded = enc(str);
alert(encoded);           // shows encoded string
alert(enc(encoded));      // shows the original string again
</script>
</body>
</html>

In PHP do something like this (caution, this is not tested and it's been a long while since I did PHP):

$encoded = "...";   // <-- encoded string from the request
$decoded = "";
for( $i = 0; $i < strlen($encoded); $i++ ) {
    $b = ord($encoded[$i]);
    $a = $b ^ 123;  // <-- must be same number used to encode the character
    $decoded .= chr($a)
}
echo $decoded;

Answer 2

If that's what you want, you can Base64 encode and decode that.

[EDIT]: After OP clarification:

As you do not want widely used methods, here is one rarely used method and that can do it for you by giving output only in LOWERCASE letters and NUMBERS. It is Base32 Encode/Decode . Use the following libraries:

• Javascript Base32 Encoder: http://www.tumuski.com/2010/04/nibbler/
• PHP Base32 Decoder: https://www.phpclasses.org/package/3484-PHP-Encode-and-decode-data-with-MIME-base-32-encoding.html

Answer 3

If it's not about security, and not about making it hard to break, then how about ROT-13 ?

//+ Jonas Raoni Soares Silva
//@ http://jsfromhell.com/string/rot13 [rev. #1]

String.prototype.rot13 = function(){
    return this.replace(/[a-zA-Z]/g, function(c){
        return String.fromCharCode((c <= "Z" ? 90 : 122) >= (c = c.charCodeAt(0) + 13) ? c : c - 26);
    });
};

...

var s = "My String";

var enc = s.rot13();  // encrypted value in enc

PHP has a native function, str_rot13 : http://php.net/manual/en/function.str-rot13.php

$decrypted = str_rot13($_GET['whatever']);

Answer 4

How are you planning to implement (hide) the secret in Javascript? IMHO it's not possible.

Edit: OK - not about security.. then just use any baseXX or rot encoding mechanism. But you can't really say one of these algorythms would not be well known...

Answer 5

Well I found this page and found Redcully's program not work for me so I thought It happens with all others. finally I got reason and fixed it. Here new code is... Thanks to Redcully :)

JS function:

function encode(str) {
  var encoded = "";
  for (i=0; i<str.length;i++) {
    var a = str.charCodeAt(i);
    var b = a ^ 51;    // bitwise XOR with any number, e.g. 123
    encoded = encoded+String.fromCharCode(b);
  }
  return encoded;
}

PHP function:

function decode($encoded) {
  $decoded = "";
  for( $i = 0; $i < strlen($encoded); $i++ ) {
    $b = ord($encoded[$i]);
    $a = $b ^ 51;  // <-- must be same number used to encode the character
    $decoded .= chr($a);
  }
  return $decoded;
}