Question : Looking for a simple reversible cryptogtaphic algorithm to code / decode a string of 6-10 digits

Hi Experts,

I need some advice / pointers / suggestions on the following problem:

I work on a project where we will have reservations made for some objects, eg keys for some rooms or vehicle.
The keys will be kept into some metal box with a numeric keypad: if the right code is typed, then the box-door opens, otherwise it stays locked.
Reservations are made over the Internet, and registered into some database for accounting and billing purpose, and they are confirmed by a 6 (or 8 or 10) digits number, delivered to the client by email AND by a SMS on the customer's mobile phone.

Nothing very difficult... except there is a catch: the key-boxes are off-line...
They keep some information onto exchangeable SD RAM card, that we change each week. The current idea is the following:

• on the card there is some coded information that is used to check if keyed-in data is correct, eg time-slot for beginning of reservation + info on the keyer + some checksum and of course the number cannot be easily guessed

• when the customer keys the digit and it is OK, the door is unlocked and the keys are freed, and at the same time the keyed-in information is registered on the card with a timestamp.

The computation in the box will be made with atiny controller programmed in C sor similar: memory can be considered cheap, but the power of the processor must be kept low (this is just to say that cryptographic keys with hundreds of digits are probably out of reach)

An initial thought was to have some random coding of time slots (eg each 30 minutes time slot has some number), to combine this with a user id, and to scramble things IN A REVERSIBLE WAY since the information must be decoded.

Any existing algorithm you can point me to?

Answer : Looking for a simple reversible cryptogtaphic algorithm to code / decode a string of 6-10 digits

You don't do it in a reversable way.

Pass the user id in clear and a key of some kind (hashed) to the box.  The box then has the same shared key and can perform the hash on its side, comparing the received value versus the calculated one.  

RSA even 128 bit for your purposes should be enough.  You can generate new keys using pseudo-random generators or you can use PKI for your needs.