Hello,
I face a practical problem with encryption.
I've read examples for encrypting a file with the DES algorythm. The
algorythm uses a key and a IV value. Both are 8 bytes if I'm correct, and
can be generated by the system or specified by me at design time.
How can I then do DES encryption with a password?
pwd: 8charact
can be translated into the key value (transform string to byte array)
But what about passwords longer than 8 characters? How is this best
implemented?
Thanks.
5  1930 
The following routine will create an IV and Key based on a text password.
It uses multiple passes and a keyed hash (MACTripleDES) to help prevent
dictionary attacks.
Make sure you generate the "salt" array from a random sequence (don't use
mine! anyone can see this post and take it) :-) and the salt value must be a
24-byte number. You can set the number of rounds to anything you want, but
10 should be sufficient.
You will always get an 8-byte key no matter how big the password is (that's
the beauty of hash algorithms). Also note that in this case, it will be
case-sensitive.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Dim key As Byte()
Dim iv As Byte()
Dim password As String = "MyP@$$w0rd"
CreateDESKey(password, key, iv)
End Sub
Private Sub CreateDESKey(ByVal password As String, ByRef key As Byte(),
ByRef iv As Byte())
Const numberOfRounds As Integer = 10
Dim salt As Byte() = {241, 103, 32, 233, 54, 141, 82, 161, 213, 130,
105, 95, 104, 112, 213, 57, 93, 93, 169, 185, 195, 157, 106, 40}
Dim i As Integer
Dim dHash As New System.Security.Cryptography.MACTripleDES(salt)
key = System.Text.Encoding.Default.GetBytes(password)
For i = 1 To numberOfRounds
key = dHash.ComputeHash(key)
Next
iv = key
For i = 1 To numberOfRounds
iv = dHash.ComputeHash(iv)
Next
End Sub
-Rob Teixeira [MVP]
"newbie" <ne****@nospam.com> wrote in message
news:eu**************@tk2msftngp13.phx.gbl... Hello,
I face a practical problem with encryption.
I've read examples for encrypting a file with the DES algorythm. The
algorythm uses a key and a IV value. Both are 8 bytes if I'm correct, and
can be generated by the system or specified by me at design time.
How can I then do DES encryption with a password?
pwd: 8charact
can be translated into the key value (transform string to byte array)
But what about passwords longer than 8 characters? How is this best
implemented?
Thanks.
Thanks a lot
"Rob Teixeira [MVP]" <RobTeixeira@@msn.com> wrote in message
news:eC*************@tk2msftngp13.phx.gbl... The following routine will create an IV and Key based on a text password.
It uses multiple passes and a keyed hash (MACTripleDES) to help prevent
dictionary attacks.
Make sure you generate the "salt" array from a random sequence (don't use
mine! anyone can see this post and take it) :-) and the salt value must be
a 24-byte number. You can set the number of rounds to anything you want, but
10 should be sufficient.
You will always get an 8-byte key no matter how big the password is
(that's the beauty of hash algorithms). Also note that in this case, it will be
case-sensitive.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Dim key As Byte()
Dim iv As Byte()
Dim password As String = "MyP@$$w0rd"
CreateDESKey(password, key, iv)
End Sub
Private Sub CreateDESKey(ByVal password As String, ByRef key As Byte(),
ByRef iv As Byte())
Const numberOfRounds As Integer = 10
Dim salt As Byte() = {241, 103, 32, 233, 54, 141, 82, 161, 213, 130,
105, 95, 104, 112, 213, 57, 93, 93, 169, 185, 195, 157, 106, 40}
Dim i As Integer
Dim dHash As New System.Security.Cryptography.MACTripleDES(salt)
key = System.Text.Encoding.Default.GetBytes(password)
For i = 1 To numberOfRounds
key = dHash.ComputeHash(key)
Next
iv = key
For i = 1 To numberOfRounds
iv = dHash.ComputeHash(iv)
Next
End Sub
-Rob Teixeira [MVP]
"newbie" <ne****@nospam.com> wrote in message
news:eu**************@tk2msftngp13.phx.gbl... Hello,
I face a practical problem with encryption.
I've read examples for encrypting a file with the DES algorythm. The
algorythm uses a key and a IV value. Both are 8 bytes if I'm correct,
and can be generated by the system or specified by me at design time.
How can I then do DES encryption with a password?
pwd: 8charact
can be translated into the key value (transform string to byte array)
But what about passwords longer than 8 characters? How is this best
implemented?
Thanks.
How would you structure the decode proceedure for this example?
"Rob Teixeira [MVP]" <RobTeixeira@@msn.com> wrote in message news:<eC*************@tk2msftngp13.phx.gbl>... The following routine will create an IV and Key based on a text password.
It uses multiple passes and a keyed hash (MACTripleDES) to help prevent
dictionary attacks.
Make sure you generate the "salt" array from a random sequence (don't use
mine! anyone can see this post and take it) :-) and the salt value must be a
24-byte number. You can set the number of rounds to anything you want, but
10 should be sufficient.
You will always get an 8-byte key no matter how big the password is (that's
the beauty of hash algorithms). Also note that in this case, it will be
case-sensitive.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Dim key As Byte()
Dim iv As Byte()
Dim password As String = "MyP@$$w0rd"
CreateDESKey(password, key, iv)
End Sub
Private Sub CreateDESKey(ByVal password As String, ByRef key As Byte(),
ByRef iv As Byte())
Const numberOfRounds As Integer = 10
Dim salt As Byte() = {241, 103, 32, 233, 54, 141, 82, 161, 213, 130,
105, 95, 104, 112, 213, 57, 93, 93, 169, 185, 195, 157, 106, 40}
Dim i As Integer
Dim dHash As New System.Security.Cryptography.MACTripleDES(salt)
key = System.Text.Encoding.Default.GetBytes(password)
For i = 1 To numberOfRounds
key = dHash.ComputeHash(key)
Next
iv = key
For i = 1 To numberOfRounds
iv = dHash.ComputeHash(iv)
Next
End Sub
-Rob Teixeira [MVP]
"newbie" <ne****@nospam.com> wrote in message
news:eu**************@tk2msftngp13.phx.gbl... Hello,
I face a practical problem with encryption.
I've read examples for encrypting a file with the DES algorythm. The
algorythm uses a key and a IV value. Both are 8 bytes if I'm correct, and
can be generated by the system or specified by me at design time.
How can I then do DES encryption with a password?
pwd: 8charact
can be translated into the key value (transform string to byte array)
But what about passwords longer than 8 characters? How is this best
implemented?
Thanks.
There is no decode. You should never be able to get a password back from a
password-derrived key. It's a one-way operation. Think of it as a safety
feature.
If you want to encrypt a password, that's a whole other story, and I posted
some code just a couple days ago on how to do that.
But even then, it's preferable to store non-decryptable passwords if
possible. If you want to check that someone typed in the correct password,
just run the password through the same algorithm, and if you get the same
result, you know they typed it in correctly. The danger with decryptable
passwords is that if someone gets the encrypted passwords, then can always
try to decrypt them.
-Rob Teixeira [MVP]
"Peter" <pe***@mclinn.com> wrote in message
news:dc**************************@posting.google.c om... How would you structure the decode proceedure for this example?
"Rob Teixeira [MVP]" <RobTeixeira@@msn.com> wrote in message
news:<eC*************@tk2msftngp13.phx.gbl>... The following routine will create an IV and Key based on a text
password. It uses multiple passes and a keyed hash (MACTripleDES) to help prevent
dictionary attacks.
Make sure you generate the "salt" array from a random sequence (don't
use mine! anyone can see this post and take it) :-) and the salt value must
be a 24-byte number. You can set the number of rounds to anything you want,
but 10 should be sufficient.
You will always get an 8-byte key no matter how big the password is
(that's the beauty of hash algorithms). Also note that in this case, it will be
case-sensitive.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Dim key As Byte()
Dim iv As Byte()
Dim password As String = "MyP@$$w0rd"
CreateDESKey(password, key, iv)
End Sub
Private Sub CreateDESKey(ByVal password As String, ByRef key As Byte(),
ByRef iv As Byte())
Const numberOfRounds As Integer = 10
Dim salt As Byte() = {241, 103, 32, 233, 54, 141, 82, 161, 213, 130,
105, 95, 104, 112, 213, 57, 93, 93, 169, 185, 195, 157, 106, 40}
Dim i As Integer
Dim dHash As New System.Security.Cryptography.MACTripleDES(salt)
key = System.Text.Encoding.Default.GetBytes(password)
For i = 1 To numberOfRounds
key = dHash.ComputeHash(key)
Next
iv = key
For i = 1 To numberOfRounds
iv = dHash.ComputeHash(iv)
Next
End Sub
-Rob Teixeira [MVP]
"newbie" <ne****@nospam.com> wrote in message
news:eu**************@tk2msftngp13.phx.gbl... Hello,
I face a practical problem with encryption.
I've read examples for encrypting a file with the DES algorythm. The
algorythm uses a key and a IV value. Both are 8 bytes if I'm correct,
and can be generated by the system or specified by me at design time.
How can I then do DES encryption with a password?
pwd: 8charact
can be translated into the key value (transform string to byte array)
But what about passwords longer than 8 characters? How is this best
implemented?
Thanks.
Stupid mistake on my part. Goes to show what happens when you're tired and
keep posting... :)
The line that says:
iv = key
should be this instead:
ReDim iv(7)
Array.Copy(key, iv, 8)
Sorry about that.
-Rob Teixeira [MVP]
"Rob Teixeira [MVP]" <RobTeixeira@@msn.com> wrote in message
news:eC*************@tk2msftngp13.phx.gbl... The following routine will create an IV and Key based on a text password.
It uses multiple passes and a keyed hash (MACTripleDES) to help prevent
dictionary attacks.
Make sure you generate the "salt" array from a random sequence (don't use
mine! anyone can see this post and take it) :-) and the salt value must be
a 24-byte number. You can set the number of rounds to anything you want, but
10 should be sufficient.
You will always get an 8-byte key no matter how big the password is
(that's the beauty of hash algorithms). Also note that in this case, it will be
case-sensitive.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Dim key As Byte()
Dim iv As Byte()
Dim password As String = "MyP@$$w0rd"
CreateDESKey(password, key, iv)
End Sub
Private Sub CreateDESKey(ByVal password As String, ByRef key As Byte(),
ByRef iv As Byte())
Const numberOfRounds As Integer = 10
Dim salt As Byte() = {241, 103, 32, 233, 54, 141, 82, 161, 213, 130,
105, 95, 104, 112, 213, 57, 93, 93, 169, 185, 195, 157, 106, 40}
Dim i As Integer
Dim dHash As New System.Security.Cryptography.MACTripleDES(salt)
key = System.Text.Encoding.Default.GetBytes(password)
For i = 1 To numberOfRounds
key = dHash.ComputeHash(key)
Next
iv = key
For i = 1 To numberOfRounds
iv = dHash.ComputeHash(iv)
Next
End Sub
-Rob Teixeira [MVP]
"newbie" <ne****@nospam.com> wrote in message
news:eu**************@tk2msftngp13.phx.gbl... Hello,
I face a practical problem with encryption.
I've read examples for encrypting a file with the DES algorythm. The
algorythm uses a key and a IV value. Both are 8 bytes if I'm correct,
and can be generated by the system or specified by me at design time.
How can I then do DES encryption with a password?
pwd: 8charact
can be translated into the key value (transform string to byte array)
But what about passwords longer than 8 characters? How is this best
implemented?
Thanks.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Blake T. Garretson |
last post by:
I want to save some sensitive data (passwords, PIN numbers, etc.) to
disk in a secure manner in one of my programs. What is the
easiest/best way to accomplish strong file encryption in Python? ...
|
by: Ray Cassick \(Home\) |
last post by:
Ok, time to ask the question here.. I have been battling over this one for
sometime now and just have to ask it.
I have created a few classes that I use to act a security keys. These
classes get...
|
by: jlocc |
last post by:
Hi!
I was wondering if someone can recommend a good encryption algorithm
written in python. My goal is to combine two different numbers and
encrypt them to create a new number that cann't be...
|
by: Bonj |
last post by:
I was in need of an encryption algorithm to the following requirements:
1) Must be capable of encrypting strings to a byte array, and decyrpting
back again to the same string
2) Must have the same...
|
by: eggie5 |
last post by:
I have a form where a user can change his password, but I'm confused
on how to prevent this from being transmitted in plain text.
Well, I know how not to transmit it in plain text - use any type...
|
by: j1mb0jay |
last post by:
I have had to create a simple string encryption program for coursework, I
have completed the task and now have to do a write up on how it could be
improved at a later date. If you could look...
|
by: klenwell |
last post by:
Another request for comments here.
I'd like to accomplish something like the scheme outlined at this page
here:
http://tinyurl.com/3dtcdr
In a nutshell, the form uses javascript to hash...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
