Advertisement

Need simple one way hashing code

Started by May 25, 2000 07:08 PM
1 comment, last by gimp 24 years, 6 months ago
I''m writing a simple security layer for the server control. The security will involve performing a one way encryption of the server password to produce the hash. The hash is sent to the server and compared to the existing hashed password that the server knows about. Can anyone suggest a simple peice of code for performing this encryption? thanks gimp
Chris Brodie
If you hash the password, then transmit the hash, the hash becomes the password.

For secure transport, upon connection, the server should generate a key pair and send the public key to the client. The client should encrypt the password and send it to the server, which can then decrypt the password, do a one-way hash, and compare that hash to a table of known hashes. Never use the same key pair twice.

The hash is only useful for securely storing passwords for authentication.

As far as a hash, I don''t know. Things with modulo (sp?) and XOR''s seem to be popular.
Advertisement
hehe,

I really should have worked that out myself, I really should have known better. The other thing I was thinking about was:

-Store the passwords on the server.
-User knows a password.
-To use the password you must first however have a key that matched the server''s key. This is never tranmitted.
-The key is used during the encryption to create the hash of the password.
-The Server recieved the hack and uses it''s copy of the key to unhash the password for comparison.

Hence the key is never transmitted.. at least as part of the data stream. I want to make it too complicated OR too insecure. This method requires that a person has to have a token before tha password will do any good, likewise with the key.

So now I need a really simple two way hashing algorithm in c\c++..., by simple I mean:

hash Encrypt(key,data)
data Decrypt(key,hash)

I have a library of enrcyption algorithms here I picked up... Thing is I''m not up to date with which one does what. What do you think about this:

- SHA-1 on memory blocks and files

Is SHA suitable? (the library is undocumented..)

gimp
Chris Brodie

This topic is closed to new replies.

Advertisement