This week's book giveaway is in the Kotlin forum.
We're giving away four copies of Kotlin in Action and have Dmitry Jemerov & Svetlana Isakova on-line!
See this thread for details.
Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Help on JCE!!!  RSS feed

 
gautham kasinath
Ranch Hand
Posts: 583
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well I would like to know if anyone has tried a hand @ JCE I would like a good (one way) Password Encryption algorithm.
Thanks..
I ve tried to use the JCE and sun.misc.. but i havent hit on one way encryption.
please help if u can.
Regds
Gautham Kasinath
 
Frank Carver
Sheriff
Posts: 6920
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I assume by "one way" encryption algoristh you are looking for something to encrypt a password or other token, but don't need to decrypt it. Is this because you plan to directly compare the encrypted versions?
Although I can't offer any solutions, this is an area which has interested me for a long time. Theoretically, you have three sorts of encryption available :- one-to-one, where every raw item has one and only one encrypted form; reducing, where many raw items encypt to a single encrypted form; and expanding, where a single raw item can encrypt to more than one encrypted form.
Traditionally, "one way" system password encryption seems to use the second (reducing) case. I have heard many spurious arguments from people who claim that this is somehow "more secure" than a one-to-one system because you can't decrypt it back to the original item. But if you plan to directly compare the encrypted forms, then a reducing encryption is in fact less secure, as there are fewer possibilities to test against, and a greater chance of a random password encypting to the same encrypted form as the "real" password.
So my question is, what sort of encryption are you looking for, and what is its intended use?
 
gautham kasinath
Ranch Hand
Posts: 583
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi!
Well I need the encryption algorithm to encrypt passwords in a site that I am trying to launh.
Well so for security reasons I fugured that one way encryption will best suit me as I ve seen how the passwords are stored in Unix and Linux using the crypt() method.
But crypt is an easy victim for hackers... so I was looking for some kida algorithm that will help me in secring my clients passwords.
I hope you have some hint on the same
Thanks
Regds
Gautham Kasinath
 
Carl Trusiak
Sheriff
Posts: 3341
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
One method I've seen for this is to encrypt the password to a long value.

This will always produce the same long number for a password and has a very low occurance of the same number for different passwords as long as the password is less than 16 characters.
 
gautham kasinath
Ranch Hand
Posts: 583
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi!
Tanx a lot I guess it will help my purpose..
but can u gimme an Idea of how hack proof it will be to encrypt de password this way??
Regds
Gautham Kasinath
 
Jim Baiter
Ranch Hand
Posts: 532
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can use a hashing algorithm if you don't want to use
JCE. The java.security package provides support for both
MD5 and SHA-1.
 
gautham kasinath
Ranch Hand
Posts: 583
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi!
Well tanx I guess de hash code will work but will it on crypting the password in a way that the same hash code is generated for the character always??? dats a question I ll find an answer to.
regds
Gautham Kasinath
 
Don't get me started about those stupid light bulbs.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!