After my cryptography class, I coded a video game password system that takes 64 bit of data, adds 16 bit validation code, apply some permutation on the bits and encode everything in base32.

Now, I originally thought that my system was encryption by obscurity, which means that once you have the source code, you can decode and encode any password. But after some thinking, I am using various parameters in my algorithm and the biggest parameter is a string of 32 unique symbols used for the base32 encoding.

Normally, the symbols would be placed in alphabetic order so that each letter match each binary pattern in numeric order like for example:

A = 00000

B = 00001

C= 00010

D= 00011

etc.

But nothing forces me to use a list of symbols in alphabetic order, I could use any order as long as each symbol is unique. For example if I use: "QWERTY...." I'll end up with:

Q = 00000

W = 00001

E = 00010

R = 00011

etc.

Now I am wondering if this string of characters could not in fact be used as a key. Preventing anybody who does not have the array of characters to decode the password even if he knows the algorithm.

If my calculations are right, the number of possible permutations should be 32! which gives 2.63130837×10³⁵ possible combinations. It's a bit less than a 128 bit key, but I don't intend to use it for top secret information.

Could this array of 32 symbols be used as a form of encryption key?