There is no decode. You should never be able to get a password back from a
password-derrived key. It's a one-way operation. Think of it as a safety
feature.
If you want to encrypt a password, that's a whole other story, and I posted
some code just a couple days ago on how to do that.
But even then, it's preferable to store non-decryptable passwords if
possible. If you want to check that someone typed in the correct password,
just run the password through the same algorithm, and if you get the same
result, you know they typed it in correctly. The danger with decryptable
passwords is that if someone gets the encrypted passwords, then can always
try to decrypt them.
-Rob Teixeira [MVP]
"Peter" <peter@mclinn.com> wrote in message
news:dcde2a5a.0405140505.2c8f37c4@posting.google.c om...[color=blue]
> How would you structure the decode proceedure for this example?
>
>
> "Rob Teixeira [MVP]" <RobTeixeira@@msn.com> wrote in message[/color]
news:<eCHaJRUOEHA.556@tk2msftngp13.phx.gbl>...[color=blue][color=green]
> > The following routine will create an IV and Key based on a text[/color][/color]
password.[color=blue][color=green]
> > It uses multiple passes and a keyed hash (MACTripleDES) to help prevent
> > dictionary attacks.
> > Make sure you generate the "salt" array from a random sequence (don't[/color][/color]
use[color=blue][color=green]
> > mine! anyone can see this post and take it) :-) and the salt value must[/color][/color]
be a[color=blue][color=green]
> > 24-byte number. You can set the number of rounds to anything you want,[/color][/color]
but[color=blue][color=green]
> > 10 should be sufficient.
> > You will always get an 8-byte key no matter how big the password is[/color][/color]
(that's[color=blue][color=green]
> > the beauty of hash algorithms). Also note that in this case, it will be
> > case-sensitive.
> > Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
> > System.EventArgs) Handles Button1.Click
> > Dim key As Byte()
> > Dim iv As Byte()
> > Dim password As String = "MyP@$$w0rd"
> > CreateDESKey(password, key, iv)
> > End Sub
> >
> > Private Sub CreateDESKey(ByVal password As String, ByRef key As Byte(),
> > ByRef iv As Byte())
> > Const numberOfRounds As Integer = 10
> > Dim salt As Byte() = {241, 103, 32, 233, 54, 141, 82, 161, 213, 130,
> > 105, 95, 104, 112, 213, 57, 93, 93, 169, 185, 195, 157, 106, 40}
> > Dim i As Integer
> >
> > Dim dHash As New System.Security.Cryptography.MACTripleDES(salt)
> >
> > key = System.Text.Encoding.Default.GetBytes(password)
> >
> > For i = 1 To numberOfRounds
> > key = dHash.ComputeHash(key)
> > Next
> >
> > iv = key
> >
> > For i = 1 To numberOfRounds
> > iv = dHash.ComputeHash(iv)
> > Next
> > End Sub
> >
> > -Rob Teixeira [MVP]
> >
> > "newbie" <newbie@nospam.com> wrote in message
> > news:eu5zEzNOEHA.2920@tk2msftngp13.phx.gbl...[color=darkred]
> > > Hello,
> > >
> > > I face a practical problem with encryption.
> > >
> > > I've read examples for encrypting a file with the DES algorythm. The
> > > algorythm uses a key and a IV value. Both are 8 bytes if I'm correct,[/color][/color][/color]
and[color=blue][color=green][color=darkred]
> > > can be generated by the system or specified by me at design time.
> > >
> > > How can I then do DES encryption with a password?
> > > pwd: 8charact
> > > can be translated into the key value (transform string to byte array)
> > >
> > > But what about passwords longer than 8 characters? How is this best
> > > implemented?
> > >
> > > Thanks.
> > >
> > >[/color][/color][/color]
