encription 1

[Cagliostro]

Hi,
could you give me please sample of password encription?
I want an algorithm what encript but can not decript.
If there are some classes I want a sample of using them.
Thanks,
Ion Ion Filipski

filipski@excite.com

 

[JVZ]

Here are some code samples I found while doing a search on the web...

I would suggest that you go to the following site to read up on this topic alittle bit more though..

http://developer.java.sun.com/developer/technicalArticles/Security/

   //true to encrypt, false to decrypt
   //k is the sipher
   public String messup(String s, int k, boolean encrypt)
   {
      int length = s.length();
      int end = (k>>>16)%length;
      int start = (end+1)%length;
      char key = (char)(k&0xFFFF);
      char [] result = new char[length];
      for(int i = start,j = 0;j<length;i=(i+1)%length,j++)
      {
         result<i> = (char)(s.charAt(i) ^ key);
         key = encrypt?result<i>:s.charAt(i);
      }
      return new String(result);
   }

**** Another Example ****

SecureRandom random = null;
	
try {
  random = SecureRandom.getInstance(&quot;SHA1PRNG&quot;, &quot;SUN&quot;);
} catch (NoSuchAlgorithmException nsae) {
  nsae.printStackTrace();
} catch (NoSuchProviderException nspe) {
  nspe.printStackTrace();
}

char[] message = new char[65536];
int[]  key     = new int[65536];

for(int i = 0; i < message.length; i++) {
  key<i> = random.nextInt(512);		
  message<i> ^= key<i>;
}

 

[Cagliostro]

Thanks,
But is there any algorithm which can encrypt but may not decript? I mean password encription as it is performed in Unix. In OS Windows exists algorithm Md5. In database MySQL also exist function password(). If you want to see if it is the right password you encript it and compare with the encripted earlier and stored in the database one. There is no way to uncript it and makes no sence to crack tables with passwords. You are free too see all the passwords. Ion Filipski

filipski@excite.com

 

[MoreFeo]

I think you can always uncrypt if you know the algorithm used for encrypt, unless it uses a random function, but in that case you cannot compare with a password encripted earlier. Tell me if I'm wrong.

 

[thekobbler]

knowing the algorithm, doesn't mean you can uncrypt. One needs to know the key too.

 

[MoreFeo]

thanks, I forgot about the key, but what I meant is that there is no algorithm that can encript but not uncript, if you know the rules (algorithm and key) used for the encription.

 

[Cagliostro]

Ok,
If you know uncription algorithm it makes sence to try to guess the unkription key and/or to keep the passwords file for analising. So if you know only what an uncription algorithm exists make the password file the target of hacker attacks. I want an algorithm for password encriprion like MD5 in Windows or PASSWORD in MySQL, or password encription in Unix or something else without any uncription mechanismes.

Ion Filipski

filipski@excite.com

 

[jstreich]

MD5 is actually a HASH function and you do it in java like this:
public static byte[] getKeyedDigest(byte[] buffer, byte[] key) {
try {
MessageDigest md5 = MessageDigest.getInstance("MD5");
md5.update(buffer);
return md5.digest(key);
} catch (NoSuchAlgorithmException e) {
}
return null;
}

[plug=shameless]

http://game-master.us/phpx-3.4.0/

[/plug]

 

[timw]

You can use a 'one-way' hashing function like MD5 to encrypt passwords. You simply store the MD5 encrypted form somewhere (database?) and when the user comes to log on, you MD5 encrypt their entry and compare it with the stored version.

There is no way to decrypt an MD5 hashed value. In theory, each possible hash value could be computed from an infinite set of starting values - it's a HASH. It is ideal for storing passwords as long as the original password does not need to be known.

Tim
---------------------------
"Your morbid fear of losing,
destroys the lives you're using." - Ozzy

 

[Diancecht]

Just some light

http://forums.java.sun.com/thread.jspa?threadID=579552&messageID=2926907

Cheers,

Dian