MD5 Encryption

[GDX]

How do I go about harsing a password using the MD5 encryption standard? I am creating a client/server winsock application that will be sending over sensitive infomation like loginid and pwds so they need to be encrypted, any help will be greatly appreciated! Gordon R. Durgha
gd@vslink.net

http://www.vslink.net

http://www.brainbench.com/transcript.jsp?pid=1217371

 

[chiph]

You need to buy a copy of "Applied Cryptography" by Bruce Schneier. ISBN is 0-471-11709-9. Bruce's book is the bible of encryption programming.

You can get source code for various algorithms at:

http://www.counterpane.com/sites.html

Chip H.

 

[rvBasic]

MD5 is not an encryption algorithm (although it is used in conjunction with other encryption algorithms). It is an algorithm that is used to verify that a "message" has not been tampered with, so that you can be sure the original was not modified.

So you still have to encrypt the message itself to hide it from preying eyes. Different techniques and algorithms can be used depending on the level of secrecy desired. Bruce Schneier's book Applied Cryptography details all of this technically. But perhaps even more important is his latest book Secrets and Lies ISBN 0-471-25311-1 which bluntly tells you that even the best technical solution will not help you to deter determined hackers. A really chilling account...

By the way, you can use the MD5 hash algorithm through MS' CryptoAPI interface:

Public Declare Function CryptCreateHash Lib "advpi32.dll" (
ByVal hProv As Long, _
ByVal Algid as Long, _
ByVal hKey As Long, _
ByVal dwFlags As Long, _
phHash As Long) As Long

where Algid is set to CALG_MD5

A proper reference to CryptAPI use and implementation is:

Cryptography for Visual Basic
Richard Bondi
J Wiley
ISBN 0-471-38189-6
_________________________________
In theory, there is no difference between theory and practice. In practice, there is. [attributed to Yogi Berra]