which encryption method?

Thread Tools Search this Thread
Top Forums Shell Programming and Scripting which encryption method?
# 1  
Old 07-18-2002
Java which encryption method?

hello ppl,

i've been coding a perl script for xchat and i need to store the nick's passwords. i was wondering which encryption to use. picture this situation: i've got a system flaw and some guy hacks the machine and gets his hands on the passwd file; he has access to the script. what encryption would be the best for this situation?

thx in advance
# 2  
Old 07-31-2002
Comparison or storage for later use?

If you're storing for comparison (authentication) purposes (e.g. user enters a password, you save it, then later ask for the password again for verification), then you can store an MD5 hash of the password rather than encrypting and storing the password itself. See Digest::MD5 or Digest::Perl::MD5. Use the second if you are unable to compile C code; it is slower, but should not be noticably slow for something small like passwords.

Using this method, you would take input from the user, and hash it with MD5. The output is a unique string that cannot be reversed to re-obtain the original data. This is useful for password comparison because you can hash the input from the user, then compare the stored value and new value to assure they are the same. The password never has to be stored.

If you're storing for later retrieval and usage then you need a form of encryption that you can reverse with a key. You would use this for encrypting files/data, such as a list of passwords that you want to store for use later. Try Rijndael, Blowfish, Twofish. Of course you need to obtain the key somehow, probably by prompting the user at run-time.

Last edited by kjd; 07-31-2002 at 10:33 PM..
# 3  
Old 08-01-2002
it's the 2nd one. i need to retrieve it later. i really didn't want to get a prompt from the user, since it'd be better to prompt the password and lose the encryption. what do you think of getting the key from something in the system, like the current dir or the output of uname -s. would it still be secure? what i'm doing here is to store some irc nickname passwords in a file and when we login the perl script auto identifies the user.

any ideas for secure automation?
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Cybersecurity

File encryption tools with MAC address as an encryption key

Hi all, I'm looking for secure file encryption tools that use MAC address as encryption key. FYI, I'm using Red Hat Enterprise Linux OS. For example: when A wants to send file to B A will encrypt the file with B's computer MAC/IP address as an encryption key This file can only be decrypted... (2 Replies)
Discussion started by: sergionicosta
2 Replies

2. Shell Programming and Scripting

Another method for this snippet

Hi All, i believe this is not very efficient. another method would be appreciated for these. basically i read a file with tab delimited column and pass the column to another perl script. while read line do timestamp=`echo "$line"|awk -F"\t" '{print $1}'` severity=`echo... (15 Replies)
Discussion started by: ryandegreat25
15 Replies

3. Solaris

svc:/network/physical:default: Method "/lib/svc/method/net-physical" failed with exit status 96. [ n

After a memory upgrade all network interfaces are misconfigued. How do i resolve this issue. Below are some out puts.thanks. ifconfig: plumb: SIOCLIFADDIF: eg000g0:2: no such interface # ifconfig eg1000g0:2 plumb ifconfig: plumb: SIOCLIFADDIF: eg1000g0:2: no such interface # ifconfig... (2 Replies)
Discussion started by: andersonedouard
2 Replies

4. Shell Programming and Scripting

Help in replace method

Hi Gurus, VARIABLE=john_*_has_*_s i want to replace the * with digits 09100 and 0010101 to print the john_09100_has_0010101_s Thanks (3 Replies)
Discussion started by: SeenuGuddu
3 Replies

5. UNIX for Dummies Questions & Answers

Shadow file encryption method

Hi all, I'd like to use the encryption method used to generate the /etc/shadow passwords. The goal is to write a script that get a plain-text password as argument and returns an encrycped one. Can you help me, please? (10 Replies)
Discussion started by: nisant
10 Replies

6. Programming

Regarding Native method

Hi, I am working with solaris 9 and I am using jre1.6. In my application,I am using java and C++ in my application.Basically we are using the java for front end and C/C++ for back hand.So I have to call the C/C++ source code form java code.we are using native methods for it.. So application... (1 Reply)
Discussion started by: smartgupta
1 Replies

7. UNIX for Dummies Questions & Answers

Optimized Method

Hi All, I have got two files. File A with 50000 records and File B with some 500 million records. I need to extract the mapping data (common data) from both the files. There should be definitely many ways :) though I have a way which is definitely not optimzed and takes a longer time... (2 Replies)
Discussion started by: matrixmadhan
2 Replies

8. UNIX for Dummies Questions & Answers

File encryption/Key encryption ????

My dilemma, I need to send, deemed confidential, information via e-mail (SMTP). This information is sitting as a file on AIX. Typically I can send this data as a e-mail attachment via what we term a "mail filter" using telnet. I now would like to somehow encrypt the data and send it to a e-mail... (1 Reply)
Discussion started by: hugow
1 Replies

9. UNIX for Advanced & Expert Users

Backup method

Hi I'm trying to work out the best method for creating a backup under SCO OpenServer. I would like to perform unattended backups to tape of various file systems, possibly using a script etc. So far I've looked at the Backup Manager that comes with SCO and that cannot perform unattended... (2 Replies)
Discussion started by: synamics
2 Replies
Login or Register to Ask a Question