Sign in to follow this  
Atton

Advanced Lua Encryption 2.0 [ALE 2.0]

Recommended Posts

The Advanced Lua Encryption System or Ale is made to provide offline and low dependency script encryption. It makes use of several built in functions and does not rely on dependencies. Unlike the first release of ale it is open source all source code is publicly readable and editable with few conditions. This could allow for the implementation of things like AES or any highly advanced system. Keys can be changed and made using the tools built into the encoder this provide massively strong security compared to the MTA compiler. Client code is not loaded from a file on the client but rather send to the client and the injected with haste. This makes it harder if not impossible for others to gain access to code at all. If you happen to find any bugs or would like to report an issues post below. Any contributions or suggested features would also be great.

Git Hub: https://github.com/thenuke321/Advanced-Lua-Encryption-

Plans made for AES to replace Tea due to know faults with Tea.done it

Also a short video.

Edited by Guest

Share this post


Link to post

What's the advantage of using your script instead of MTA's cache set to false in the meta.xml (or using the protected property).

As you send the decrypted client code to the client after you've decrypted it on the server, you can (more or less) easily pick it off on the client (==> the gain of security is negligible in comparison to MTA's implementation).

It's also kinda funny how people ignore author remarks. AleCore is 100% identical to the code I uploaded on community.mtasa.com a year ago.

It doesn't matter for me what people do with my code, but claiming it as theirs (which is equivalent to removing author remarks at least from the meta.xml) is a bit reprehensible.

You should at least add a link to bighil's original raw Lua implementation on GitHub: https://github.com/bighil/aeslua

Share this post


Link to post
What's the advantage of using your script instead of MTA's cache set to false in the meta.xml (or using the protected property).

As you send the decrypted client code to the client after you've decrypted it on the server, you can (more or less) easily pick it off on the client (==> the gain of security is negligible in comparison to MTA's implementation).

It's also kinda funny how people ignore author remarks. AleCore is 100% identical to the code I uploaded on community.mtasa.com a year ago.

It doesn't matter for me what people do with my code, but claiming it as theirs (which is equivalent to removing author remarks at least from the meta.xml) is a bit reprehensible.

You should at least add a link to bighil's original raw Lua implementation on GitHub: https://github.com/bighil/aeslua

Ale is more to create a concept of what can be done, then it is to provide real advantage since there are simply limitations in MTA Lua. I have never claimed that the code was mine and yes I might have removed your credits in the Meta. However it seems a bit hypocritical since you are not crediting Vincent Rijmen & Joan Daemen.

Share this post


Link to post
What's the advantage of using your script instead of MTA's cache set to false in the meta.xml (or using the protected property).

As you send the decrypted client code to the client after you've decrypted it on the server, you can (more or less) easily pick it off on the client (==> the gain of security is negligible in comparison to MTA's implementation).

It's also kinda funny how people ignore author remarks. AleCore is 100% identical to the code I uploaded on community.mtasa.com a year ago.

It doesn't matter for me what people do with my code, but claiming it as theirs (which is equivalent to removing author remarks at least from the meta.xml) is a bit reprehensible.

You should at least add a link to bighil's original raw Lua implementation on GitHub: https://github.com/bighil/aeslua

Ale is more to create a concept of what can be done, then it is to provide real advantage since there are simply limitations in MTA Lua. I have never claimed that the code was mine and yes I might have removed your credits in the Meta. However it seems a bit hypocritical since you are not crediting Vincent Rijmen & Joan Daemen.

Seriously? Jusonex being hypocritical? You must be freaking kidding. There is a huge difference between intentionally removing someone's credits (credits to Jusonex are entirely missing) and leaving out a "license.txt" file of an encryption method that is so fundamental (still, Jusonex' MTA AES port did include credits to bighil's Lua AES port!). Most people don't bother garbaging their code with licenses of trivial Base/AES implementations anyways.

...trying to justify your own insolence by pointing at other people's (alleged) faults: HYPOCRITE DETECTED.

What's the advantage of using your script instead of MTA's cache set to false in the meta.xml (or using the protected property).

Having to download/cache client files on each server join creates unnecessary data traffic and wait time. Yet, Ale is still obsolete given the fact MTA now has it's own built in AES encryption for client-side scripts (http://luac.mtasa.com/) - with its encryption being in the safest part of MTA: The closed-source netc.dll.

Share this post


Link to post
What's the advantage of using your script instead of MTA's cache set to false in the meta.xml (or using the protected property).

As you send the decrypted client code to the client after you've decrypted it on the server, you can (more or less) easily pick it off on the client (==> the gain of security is negligible in comparison to MTA's implementation).

It's also kinda funny how people ignore author remarks. AleCore is 100% identical to the code I uploaded on community.mtasa.com a year ago.

It doesn't matter for me what people do with my code, but claiming it as theirs (which is equivalent to removing author remarks at least from the meta.xml) is a bit reprehensible.

You should at least add a link to bighil's original raw Lua implementation on GitHub: https://github.com/bighil/aeslua

Ale is more to create a concept of what can be done, then it is to provide real advantage since there are simply limitations in MTA Lua. I have never claimed that the code was mine and yes I might have removed your credits in the Meta. However it seems a bit hypocritical since you are not crediting Vincent Rijmen & Joan Daemen.

Seriously? Jusonex being hypocritical? You must be freaking kidding. There is a huge difference between intentionally removing someone's credits (credits to Jusonex are entirely missing) and leaving out a "license.txt" file of an encryption method that is so fundamental (still, Jusonex' MTA AES port did include credits to bighil's Lua AES port!). Most people don't bother garbaging their code with licenses of trivial Base/AES implementations anyways.

...trying to justify your own insolence by pointing at other people's (alleged) faults: HYPOCRITE DETECTED.

What's the advantage of using your script instead of MTA's cache set to false in the meta.xml (or using the protected property).

Having to download/cache client files on each server join creates unnecessary data traffic and wait time. Yet, Ale is still obsolete given the fact MTA now has it's own built in AES encryption for client-side scripts (http://luac.mtasa.com/) - with its encryption being in the safest part of MTA: The closed-source netc.dll.

I went ahead and added credits for Jusonex,Bighill,Viencent Rijmen and Joan Daemen. I'll admit I was lazy there and Jusonex is a sexy beast so it is a must do. Also the mta encrption can be defeated with a few lines of Lua code.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.