Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling
 
PerlMonks  

Re: Crypt Blowfish

by hawtin (Prior)
on Jul 15, 2008 at 22:43 UTC ( #697817=note: print w/ replies, xml ) Need Help??


in reply to Crypt Blowfish

If you use Blowfish directly you must also remember to supply data in the 8 byte chunks it wants. Here is another example of a working implementation:

# First encode $f2 into $f1 Encode data my $cipher = new Crypt::Blowfish $model_passphrase; # Pad $f1 to the next 8 byte boundary if((length($f2) % 8) != 0) { $f2 .= "\x00" x (8 - (length($f2) % 8)); } for(my $i=0;8*$i<length($f2);$i++) { $f1 .= $cipher->encrypt(substr($f2,8*$i,8)); } # Since we have to work on Windows don't forget # the binmode() on the file handle # Now to decode $f1 into $f2 if((length($f1) % 8) != 0) { $f1 .= "\x00" x (8 - (length($f1) % 8)); } my $cipher = new Crypt::Blowfish $model_passphrase; for(my $i=0;(8*$i)<length($f1);$i++) { $f2 .= $cipher->decrypt(substr($f1,8*$i,8)); } $f2 =~ s/\x00+$//s;


Comment on Re: Crypt Blowfish
Download Code
Re^2: Crypt Blowfish
by ikegami (Pope) on Jul 16, 2008 at 05:48 UTC

    Very bad recommendation. You added padding, but you're neither salting nor chaining. You are seriously undermining the encryption by using it directly instead of using Crypt::CBC.

    By avoiding Crypt::CBC, you're actually making the code longer and much more complex, risking the addition of errors and making it harder to maintain.

    It's not just speculative either. You added a bug. Any input matching /\x00\n?\z/ cannot be encoded.

    Blowfish is a secure algorithm, but like all algorithms, they're only secure when used properly.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://697817]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (7)
As of 2014-09-01 19:37 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite cookbook is:










    Results (17 votes), past polls