Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: [Help]: Looking for password crypt/decrypt function
John Gardner wrote in message <7f52uv$37q$1_at_corpnews1.Corp.Sun.COM>...
>
>An xor encryption scheme is so easy to crack that you might as well leave
>it in plaintext.
>
Not necessarily.
If the key is not reused, and is truly random, the XOR encryption algorithm
is perfect
If the key is reused, or may be predicted, it is as weak as any.
Of course, for password encryption, you would need key reuse, so then...
As to the original question; what you need is a one-way function. This is a function which has the property that y=f(x) is easy to compute, as x=f'(y) is very difficult.
There is a huge amount of information about one-way functions on the internet, Altavista finds more than 400000 pages on a search for this.
However, there is a simple (and far from perfect) method available, using your own deterministic pseudo-random generator (a random generator which always produces the same sequence when initialised with a given seed):
This method is as bad as:
1) Your random number sequence is deterministic
2) The collission rate of your hash function (different passwords having the
same hash value)
[snip]
Regards,
Roy Brokvam
roy.brokvam_at_conax.com
Received on Thu Apr 15 1999 - 12:41:48 CDT