473,326 Members | 2,128 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,326 software developers and data experts.

How can I encrypt string using the MD5 method?

Is there a function to do this ?
with the string parameter,it return the encryption result of the string
?

Nov 15 '05 #1
14 4625
In article <11*********************@f14g2000cwb.googlegroups. com>,
sh*****@gmail.com <sh*****@gmail.com> wrote:
Is there a function to do this ?
with the string parameter,it return the encryption result of the string


MD5 is not an encryption function: it is a hash function.

There are no encryption functions specified by the C standards.
No hash functions either.

There are a number of fairly portable MD5 libraries. See for example
http://sourceforge.net/projects/libmd5-rfc/

I had a look at the above code, and it looks to be fairly
standard C -- except that at one point it attempts to determine
whether the machine is "big endian" or "little endian" and it
appears to me at first look that the test done for that might perhaps
not be completely portable, perhaps failing on machines whose
short is the same size as int.

--
Ceci, ce n'est pas une idée.
Nov 15 '05 #2
Thank you for reply!
In PHP there is a md5() function to do this and I think if there is an
equal function in C.
By the way,is there any better encryption method than MD5??

Nov 15 '05 #3
sh*****@gmail.com said:
Thank you for reply!
In PHP there is a md5() function to do this and I think if there is an
equal function in C.
By the way,is there any better encryption method than MD5??


MD5 is not an encryption method. It's a hashing method.

Whether one encryption method is "better" than another depends on what you
mean by "better". Faster? Easier key distro? More secure? ROT-26 is way
faster than AES. It's much easier to solve the key distribution problem for
AES than for OTP. OTP is vastly (infinitely?) more secure than ROT-26.

--
Richard Heathfield
"Usenet is a strange place" - dmr 29/7/2005
http://www.cpax.org.uk
email: rjh at that domain (but drop the www, obviously)
Nov 15 '05 #4
My better means more secure.
So as you say OTP may be the answer.
How can use it in C?Could you give me some advice?

Nov 15 '05 #5
sh*****@gmail.com said:
My better means more secure.
So as you say OTP may be the answer.
Unlikely, even though it is information-theoretically secure (which means
that, used properly, it is provably uncrackable).
How can use it in C?
void otp(unsigned char *o,
const unsigned char *i,
const unsigned char *k,
size_t len)
{
while(len--)
{
*o++ = *i++ ^ *k++;
}
}
Could you give me some advice?


In OTP, the key has to be as long as the message, completely random, and
never re-used. This leads to practical problems in key distribution which
render the OTP useless for many purposes. Having said that, for 100%
security it can't be beaten, which is why you used to see so many film
snippets in the 1970s where politicians visiting other countries would
always have a courier with them with a briefcase chained to his wrist. Ever
wonder what was in the briefcase? Key material!

--
Richard Heathfield
"Usenet is a strange place" - dmr 29/7/2005
http://www.cpax.org.uk
email: rjh at above domain (but drop the www, obviously)
Nov 15 '05 #6
You say the following is its main implementation:
void otp(unsigned char *o,
const unsigned char *i,
const unsigned char *k,
size_t len)
{
while(len--)
{
*o++ = *i++ ^ *k++;
}
}

?

Nov 15 '05 #7
sh*****@gmail.com said:
You say the following is its main implementation:
void otp(unsigned char *o,
const unsigned char *i,
const unsigned char *k,
size_t len)
{
while(len--)
{
*o++ = *i++ ^ *k++;
}
}

?


Yes. The OTP is a remarkably simple algorithm, and guaranteed uncrackable if
used correctly.

--
Richard Heathfield
"Usenet is a strange place" - dmr 29/7/2005
http://www.cpax.org.uk
email: rjh at above domain (but drop the www, obviously)
Nov 15 '05 #8
In article <11*********************@g49g2000cwa.googlegroups. com>,
sh*****@gmail.com <sh*****@gmail.com> wrote:
You say the following is its main implementation:
Please note, other people are not reading by threading newsreaders, or might
not have received the previous message yet, or the message might have
expired for them. [I've seen expiration times set as low as 4 hours
on some newsservers.] It is therefore best to include enough context
for people to know what you are talking about.

In this particular case, "its" does not have meaning without the
discussion context. The missing referant is that you are discussing
implementation of OTP (One Time Pads).

[You also left out the attribution, so we can't easily tell who
wrote the code you quoted.]
void otp(unsigned char *o,
const unsigned char *i,
const unsigned char *k,
size_t len)
{
while(len--)
{
*o++ = *i++ ^ *k++;
}
} ?

Yes, that is a complete and correct implementation of One Time Pad
encryption.

i is the input stream of bytes. i is -not- constrained to be a "string":
NUL bytes are acceptable input. Because of that, the length of the
input is passed in len.

k is the keying material. The key must be as long as the input. As the
previous poster remarked, you must not reuse the key material, or else
the security of your OTP is severely put at risk. The key must *not* be
from a "random number generator": it must be truly random, such as
from physically flipping coins millions of times, or from
radioactive decay. This randomness is important!!! Note: random NUL bytes
are acceptable in the key material, so k is not a "string" either.

o is the output buffer, which must be as long as the input. It is
possible for the encryption process to result in NUL bytes in places,
so s is not a "string" either.

The output really is just formed from the input xor'd with the key.
When the output is xor'd with the key, the result would be the
input back again. But first you have to get a copy of the key to
the recipient; that's what the other poster was referring to as
"key distribution".
--
Any sufficiently old bug becomes a feature.
Nov 15 '05 #9
In article <11**********************@f14g2000cwb.googlegroups .com>,
sh*****@gmail.com <sh*****@gmail.com> wrote:
In PHP there is a md5() function to do this and I think if there is an
equal function in C.


Not in the C standard, but you can find md5 code in several places
such as the one I referced.

PHP has gone through a number of versions; earlier versions did
not have md5(). C goes through very very few official versions.

PHP is expected to provide -all- of the functions defined for
its current version, and the functions that will be called upon
are not known until runtime, so PHP can end up being a largish
executable. C expects that you will link in only the functions
you need for a particular task, so C can end up with small fast
executables.
--
"Who Leads?" / "The men who must... driven men, compelled men."
"Freak men."
"You're all freaks, sir. But you always have been freaks.
Life is a freak. That's its hope and glory." -- Alfred Bester, TSMD
Nov 15 '05 #10
Richard Heathfield <in*****@invalid.invalid> writes:
sh*****@gmail.com said:
Thank you for reply!
In PHP there is a md5() function to do this and I think if there is an
equal function in C.
By the way,is there any better encryption method than MD5??


MD5 is not an encryption method. It's a hashing method.

Whether one encryption method is "better" than another depends on what you
mean by "better". Faster? Easier key distro? More secure? ROT-26 is way
faster than AES. It's much easier to solve the key distribution problem for
AES than for OTP. OTP is vastly (infinitely?) more secure than ROT-26.


Since nobody seems to have mentioned it yet, "OTP" stands for
"One-Time Pad".

None of this is really topical here. You might try sci.crypt -- but
read their FAQ first (if they have one) and read some of their
archives before posting.

And, of course, Google is your friend.

--
Keith Thompson (The_Other_Keith) ks***@mib.org <http://www.ghoti.net/~kst>
San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
We must do something. This is something. Therefore, we must do this.
Nov 15 '05 #11
"sh*****@gmail.com" <sh*****@gmail.com> wrote:
# Is there a function to do this ?
# with the string parameter,it return the encryption result of the string
# ?

There are many functions to do this, but they vary based on your system.

--
SM Ryan http://www.rawbw.com/~wyrmwif/
So basically, you just trace.
Nov 15 '05 #12
Thank you for all replies.

Walter,I am sorry to do this (Please note, other people are not reading
by threading newsreaders, or might
not have received the previous message yet, or the message might have
expired for them. [I've seen expiration times set as low as 4 hours
on some newsservers.] It is therefore best to include enough context
for people to know what you are talking about.
In this particular case, "its" does not have meaning without the
discussion context. The missing referant is that you are discussing
implementation of OTP (One Time Pads).
[You also left out the attribution, so we can't easily tell who
wrote the code you quoted.])
I will be more careful about this.
Thank you !!!

Nov 15 '05 #13
"sh*****@gmail.com" <sh*****@gmail.com> writes:
Thank you for all replies.

Walter,I am sorry to do this (Please note, other people are not reading
by threading newsreaders, or might
not have received the previous message yet, or the message might have
expired for them. [I've seen expiration times set as low as 4 hours
on some newsservers.] It is therefore best to include enough context
for people to know what you are talking about.
In this particular case, "its" does not have meaning without the
discussion context. The missing referant is that you are discussing
implementation of OTP (One Time Pads).
[You also left out the attribution, so we can't easily tell who
wrote the code you quoted.])
I will be more careful about this.
Thank you !!!


We appreciate the attempt, but I'm afraid you're still doing it wrong.

If you want to post a followup via groups.google.com, don't use
the broken "Reply" link at the bottom of the article. Click on
"show options" at the top of the article, then click on the
"Reply" at the bottom of the article headers.

This will automatically quote the previous article and provide an
attribution line, all of it formatted properly. (Any decent
newsreader will do this by default; the folks at Google have
idiotically put this vital functionality in a hidden menu.)

--
Keith Thompson (The_Other_Keith) ks***@mib.org <http://www.ghoti.net/~kst>
San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
We must do something. This is something. Therefore, we must do this.
Nov 15 '05 #14
At about the time of 9/17/2005 9:33 PM, sh*****@gmail.com stated the
following:
Is there a function to do this ?
with the string parameter,it return the encryption result of the string
?


As pointed out before, MD5 is a hashing algorithm. You can't really use
it for encryption because there is no way to get the data back once it's
hashed...hence the term one-way hash function. It's primary use is to
digitally "sign" things like programs, source code, documents, etc...
That's why when you download source code tarball files, the site also
publishes the MD5 signature to prove that the file was not tampered
with. The publisher generates the signature, and if you run MD5 on the
file, and they don't match, then the file was altered.

If you want encryption, you can use AES with an approperiate sized key
for your applications. Source code is available on the web. There is
also two-fish, blow-fish, RC2, RC4, RC5, idea, and whole slew of others.
I know that RC4 was broken.

Cryptography is off topic in this group. If you want more information
on the subject, then head over to sci.crypt. But, before you do, I
suggest that you read their FAQ here:
http://www.faqs.org/faqs/cryptography-faq/

HTH
--
Daniel Rudy

Email address has been base64 encoded to reduce spam
Decode email address using b64decode or uudecode -m
Nov 15 '05 #15

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: wqhdebian | last post by:
As far as I know,when encrypt or decrypt ,a key must first be got,and the key is first generate by a tool or from SecurityRandom,that means I can not generate the same key with the same input.Does...
4
by: Spikinsson | last post by:
I'm looking for a good decrypt/encrypt function, all I want is a function in this form: char* encrypt(char* normal) { ... return encrypted; } and
10
by: Javier Gomez | last post by:
I have a table with 15.000 records. How can encrypt all information if after will shown in a form (text box)decryted ????? Thanks in advance Javier Gomez
14
by: msnews.microsoft.com | last post by:
How can I encrypt and decrypt string?
20
by: Drebin | last post by:
It's a long story really, but the bottom line is we need to encrypt or obfuscate a clear-text 9-digit SSN/taxpayer ID into something less than 21 characters. It doesn't need to be super-secure,...
7
by: Matthias S. | last post by:
Hi, I had a look at the vast information on encryption in the MSDN and got pretty confused. All I want to do is to encrypt a string into an encrypted string and later decrypt that (encrypted)...
4
by: Hrvoje Voda | last post by:
Does anyone knows a good example of how to encrypt/decrypt a string? Hrcko
4
by: google | last post by:
OK, I know how to encrypt and decrypt data, but here's the deal: I have a large Winforms .NET 2.0 application which is currently storing the connection string in the app.config file unencrypted...
4
by: tomtown.net | last post by:
Hello I'm using the File.Encrypt method (.net 2.0) to encrypt files and folders (mark for encryption) on a local disk (XP SP2, 3DES, .net 2.0). Unfortunatelly I get an exception when trying to...
3
by: JDeats | last post by:
I have some .NET 1.1 code that utilizes this technique for encrypting and decrypting a file. http://support.microsoft.com/kb/307010 In .NET 2.0 this approach is not fully supported (a .NET 2.0...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.