How to encrypt a string and decrypt a string but public can never figure out how to encrypt/decrypt a string

Question

On my website I display an image. To generate this image, it require a string parameters. For example the string 1234,2423,1231 as the parameter.

Anyone can use my API (no authentication required). For example example.com/generate?param=1234,2423,1231. That is how my API works right now. To generate a different image, all you have to do is provide different numbers and different amount of numbers, like 2342,2423,234.

However, I do not want people to be able to keep generating images by themselves by simply changing the numbers. So if I encrpyt the parameter and then let the user load the image, they would never know how to generate an image themselves. So an example of an encrypted API request would be example.com/generate?param=s97dgfubYVd80fzhgdfufg0894rf which would correspond to example.com/generate?param=1234,2423,1231.

The add on to this problem is, I tell the user "we are going to generate an image with the parameters 1234,2423,1231. Here is the API link to generate this image: example.com/generate?param=s97dgfubYVd80fzhgdfufg0894rf".

So what encryption method can I use.

Answer 1

If I understand your question correctly, I (the user) know the image s97dgfubYVd80fzhgdfufg0894rf was generated from the string 1234,2423,1231, but I should not be able to craft another valid parameter.

On the server side, you need to turn the parameter back into 1234,2423,1231.

You have two basic options (and likely more):

1. with a database available on the backend: just generate a UUID and have a database entry matching 1234,2423,1231 with the image UUID.
2. without per-image DB entries: encrypt the string with authenticated encryption to provide privacy and data integrity

The former is simple but at the cost of storage. The second means being very careful with how you handle the keys, IVs, and authentication tag sizes.

One algorithm you can use is AES-GCM which provides the following:

• given a string, the user cannot generate the corresponding parameter (that's the AES part)
• the user cannot generate a random parameter and have it decrypt into a valid string (that's the GCM part)

You seem to only be asking for the first part but the second part is equally important or users could be DOSing your service by submitting random parameters.

It doesn't have to be AES, any modern authenticated encryption mechanism that works for the data sizes you are talking about will be acceptable.