Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much

Re: encryption and decryption

by radiantmatrix (Parson)
on Apr 01, 2008 at 15:02 UTC ( #677770=note: print w/replies, xml ) Need Help??

in reply to encryption and decryption

First, understand that security is harder than you think it is. I'm a security professional, and every day I still discover that security is harder than I thought in some way.

It concerns me that you're asking about "decryption" for passwords. Password-based authentication systems that are any kind of secure never decrypt anything. Instead, they store a one-way (i.e. irreversible) hash of the password. Then, when a user enters a password, the same hash algorithm is applied to it -- if that hash matches the stored hash, then the passwords were the same.

If this is what you want to do, I strongly suggest looking at using Crypt::Eksblowfish::Bcrypt. The Bcrypt algorithm is similar to crypt, but has several very nice security features. This algorithm is the default for FreeBSD as well -- widely considered one of the most security-conscious OS's available.

On the off chance that you are really needing to store an encrypted password that needs to be decrypted (for example, if you'll be using the password to log into some service automatically, and want to store it securely), I suggest using AES; this is also known as Rijndael. You'll need Crypt::CBC and Crypt::Rijndael for this purpose.

Ramblings and references
The Code that can be seen is not the true Code
I haven't found a problem yet that can't be solved by a well-placed trebuchet

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://677770]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others pondering the Monastery: (8)
As of 2018-06-23 15:15 GMT
Find Nodes?
    Voting Booth?
    Should cpanminus be part of the standard Perl release?

    Results (125 votes). Check out past polls.