forum.vdsworld.com Forum Index forum.vdsworld.com
Visit VDSWORLD.com
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


MD5 Unit
Goto page Previous  1, 2, 3  Next
 
Post new topic   Reply to topic    forum.vdsworld.com Forum Index -> Knowledge Base
View previous topic :: View next topic  
Author Message
jules
Professional Member
Professional Member


Joined: 14 Sep 2001
Posts: 1043
Location: Cumbria, UK

PostPosted: Mon Sep 01, 2003 12:55 pm    Post subject: Reply with quote

Right. I haven't tested this idea, but if you want an alphanumeric key of any length that's easier to remember, just MD5 the key to convert it to a 32-byte hex value, use @substr() to grab a few digits from the result and then a $ in front to make a valid number for @encrypt().

Code:
%A = @encrypt(%B,$@substr(@encrypt(%%mykey,md5),4,10))

_________________
The Tech Pro
www.tech-pro.net
Back to top
View user's profile Send private message Visit poster's website
FreezingFire
Admin Team


Joined: 23 Jun 2002
Posts: 3508

PostPosted: Mon Sep 01, 2003 2:54 pm    Post subject: Reply with quote

But isn't it bad that it only accepts numbers as a key? Anyone can
just write a script and go through numbers and find the decrypted
string. Shocked

Unless of course you encrypt it multiple times and then they don't
know how many times you've encrypted it, which makes it harder
to decrypt if you don't know.

_________________
FreezingFire
VDSWORLD.com
Site Admin Team
Back to top
View user's profile Send private message Visit poster's website
FreezingFire
Admin Team


Joined: 23 Jun 2002
Posts: 3508

PostPosted: Mon Sep 01, 2003 2:55 pm    Post subject: Reply with quote

CodeScript wrote:
BTW if you click on that emoticon it inserts:eek: which will display Surprised meaning surprised ; Yes I am really surprised. Wink


I'll get this fixed. Smile

EDIT: The problem has been fixed. Smile

_________________
FreezingFire
VDSWORLD.com
Site Admin Team


Last edited by FreezingFire on Mon Sep 01, 2003 3:48 pm; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website
Serge
Professional Member
Professional Member


Joined: 04 Mar 2002
Posts: 1480
Location: Australia

PostPosted: Mon Sep 01, 2003 3:22 pm    Post subject: Reply with quote

good idea jules...

good point ff and good idea on your solution...you could also encrypt it several times using a different key each time...perhaps a key based on the md5 generated one as jules explained...the possibilities are endless

serge

_________________
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
CodeScript
Moderator Team


Joined: 08 Jun 2003
Posts: 1054
Location: India

PostPosted: Mon Sep 01, 2003 5:11 pm    Post subject: Reply with quote

One more Idea as I said after encrpting write a character or or two at a postion of your choice and I don't think it is easy to decrypt it then because the encryption becomes a custom one.
EDIT: Use of non keyboard/ascii characters make it even stronger.

Serge wrote:
you could also encrypt it several times using a different key each time...

Is it possible to decrypt it then ? theoretically yes. i hvaen't tried though.

_________________
Regards
- CodeScript
Arrow Give your application a professional look with the VDSGUI Extension


Last edited by CodeScript on Mon Sep 01, 2003 5:27 pm; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website
CodeScript
Moderator Team


Joined: 08 Jun 2003
Posts: 1054
Location: India

PostPosted: Mon Sep 01, 2003 5:15 pm    Post subject: Reply with quote

FreezingFire wrote:
CodeScript wrote:
BTW if you click on that emoticon it inserts:eek: which will display Surprised meaning surprised ; Yes I am really surprised. Wink

I'll get this fixed. Smile
EDIT: The problem has been fixed. Smile

Nice FF Very Happy
I don't think this icon should be used frequently Wink

_________________
Regards
- CodeScript
Arrow Give your application a professional look with the VDSGUI Extension


Last edited by CodeScript on Mon Sep 01, 2003 5:16 pm; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website
FreezingFire
Admin Team


Joined: 23 Jun 2002
Posts: 3508

PostPosted: Mon Sep 01, 2003 5:15 pm    Post subject: Reply with quote

CodeScript wrote:
One more Idea as I said after encrpting write a character or or two at a postion of your choice and I don't think it is easy to decrypt it then because the encryption becomes a custom one.

Serge wrote:
you could also encrypt it several times using a different key each time...

Is it possible to decrypt it then ? theoretically yes. i hvaen't tried though.


Good idea, start with @Encrypt() for base encryption, then change
it around a little so it will be really really hard to decrypt. Smile

_________________
FreezingFire
VDSWORLD.com
Site Admin Team
Back to top
View user's profile Send private message Visit poster's website
jules
Professional Member
Professional Member


Joined: 14 Sep 2001
Posts: 1043
Location: Cumbria, UK

PostPosted: Mon Sep 01, 2003 6:42 pm    Post subject: Reply with quote

Quote:
But isn't it bad that it only accepts numbers as a key? Anyone can
just write a script and go through numbers and find the decrypted
string.


Well it wasn't intended to provide industrial strength security.

_________________
The Tech Pro
www.tech-pro.net
Back to top
View user's profile Send private message Visit poster's website
Skit3000
Admin Team


Joined: 11 May 2002
Posts: 2166
Location: The Netherlands

PostPosted: Mon Sep 01, 2003 6:47 pm    Post subject: Reply with quote

Every encryption can be cracked in theory, but you could make it much more difficult by designing your own methods... Smile
_________________
[ Add autocomplete functionality to your VDS IDE windows! ]
Voor Nederlandse beginners met VDS: bekijk ook eens deze tutorial!
Back to top
View user's profile Send private message
vdsalchemist
Admin Team


Joined: 23 Oct 2001
Posts: 1448
Location: Florida, USA

PostPosted: Tue Sep 02, 2003 9:31 pm    Post subject: Reply with quote

jules wrote:
The maximum value you can use is the largest 32-bit integer, whatever that is. If you try to use text, or an invalid number, it will simply use a default value, rather than give an error message.


Well in that case the largest 32bit integer number can be 2147483647. Will @Encrypt take negative numbers too? If so the smallest 32bit integer number can be -2147483648...

_________________
Home of

Give VDS a new purpose!
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
CodeScript
Moderator Team


Joined: 08 Jun 2003
Posts: 1054
Location: India

PostPosted: Fri Sep 05, 2003 2:37 pm    Post subject: Reply with quote

FreezingFire wrote:
But isn't it bad that it only accepts numbers as a key? Anyone can
just write a script and go through numbers and find the decrypted
string. Shocked


FF You can take a look at this dll used in VDS. You can use even non-printable characters as password and encrypt files too - reasonably fast.
There may more such dlls which are freeware.
http://forum.vdsworld.com/viewtopic.php?p=14304
Regards

_________________
Regards
- CodeScript
Arrow Give your application a professional look with the VDSGUI Extension
Back to top
View user's profile Send private message Visit poster's website
GeoTrail
Valued Contributor
Valued Contributor


Joined: 18 Feb 2003
Posts: 572
Location: Bergen, Norway

PostPosted: Wed Dec 31, 2003 12:09 pm    Post subject: Reply with quote

jules, thanks alot for the tip about MD5.
But I am having problems decrypting a MD5 encryption.

Here is what I tested:
Code:
%%String = Original string
%%String1 = @encrypt(%%String,MD5)
%%String2 = @encrypt(%%String1,MD5)

info Original string is: %%String@cr()@cr()Encrypted result is: %%String1@cr()Decrypted result is: %%String2


When trying to decrypt the md5 encrypted string it only returns the same encrypted string, but double encrypted.

Any ideas?

_________________
Back to top
View user's profile Send private message Visit poster's website MSN Messenger
CodeScript
Moderator Team


Joined: 08 Jun 2003
Posts: 1054
Location: India

PostPosted: Wed Dec 31, 2003 3:23 pm    Post subject: Reply with quote

I remember to have had the same problem
_________________
Regards
- CodeScript
Arrow Give your application a professional look with the VDSGUI Extension
Back to top
View user's profile Send private message Visit poster's website
FreezingFire
Admin Team


Joined: 23 Jun 2002
Posts: 3508

PostPosted: Wed Dec 31, 2003 4:26 pm    Post subject: Reply with quote

MD5 can't be decrypted. It's a one-way hash of a string. It's excellent for
storing passwords because the MD5 hashes can be stored unencrypted.
The only way to crack a password with this would be to go through every
possible combination in the world, which could take thousands of years.

The way to use it is to have a user enter a password, take the MD5 hash
of it, and store it. When the user enters their password again, the program
takes the hash of the password just entered and compares it to the original
hash stored.

It's very effective and as a matter of fact this forum system uses MD5,
non-decryptable hashes, so any attempt to compromise the database for
passwords would yield nothing.

_________________
FreezingFire
VDSWORLD.com
Site Admin Team
Back to top
View user's profile Send private message Visit poster's website
CodeScript
Moderator Team


Joined: 08 Jun 2003
Posts: 1054
Location: India

PostPosted: Wed Dec 31, 2003 5:00 pm    Post subject: Reply with quote

Hi FF I was about to post the same thing. I even had serious doubts if MD5 is reversible (practically). Thanks for the INFO
_________________
Regards
- CodeScript
Arrow Give your application a professional look with the VDSGUI Extension
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    forum.vdsworld.com Forum Index -> Knowledge Base All times are GMT
Goto page Previous  1, 2, 3  Next
Page 2 of 3

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum




Twitter@vdsworld       RSS

Powered by phpBB © 2001, 2005 phpBB Group