• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Help on JCE!!!

 
Ranch Hand
Posts: 583
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Well I would like to know if anyone has tried a hand @ JCE I would like a good (one way) Password Encryption algorithm.
Thanks..
I ve tried to use the JCE and sun.misc.. but i havent hit on one way encryption.
please help if u can.
Regds
Gautham Kasinath
 
Sheriff
Posts: 7001
6
Eclipse IDE Python C++ Debian Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I assume by "one way" encryption algoristh you are looking for something to encrypt a password or other token, but don't need to decrypt it. Is this because you plan to directly compare the encrypted versions?
Although I can't offer any solutions, this is an area which has interested me for a long time. Theoretically, you have three sorts of encryption available :- one-to-one, where every raw item has one and only one encrypted form; reducing, where many raw items encypt to a single encrypted form; and expanding, where a single raw item can encrypt to more than one encrypted form.
Traditionally, "one way" system password encryption seems to use the second (reducing) case. I have heard many spurious arguments from people who claim that this is somehow "more secure" than a one-to-one system because you can't decrypt it back to the original item. But if you plan to directly compare the encrypted forms, then a reducing encryption is in fact less secure, as there are fewer possibilities to test against, and a greater chance of a random password encypting to the same encrypted form as the "real" password.
So my question is, what sort of encryption are you looking for, and what is its intended use?
 
gautham kasinath
Ranch Hand
Posts: 583
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi!
Well I need the encryption algorithm to encrypt passwords in a site that I am trying to launh.
Well so for security reasons I fugured that one way encryption will best suit me as I ve seen how the passwords are stored in Unix and Linux using the crypt() method.
But crypt is an easy victim for hackers... so I was looking for some kida algorithm that will help me in secring my clients passwords.
I hope you have some hint on the same
Thanks
Regds
Gautham Kasinath
 
Sheriff
Posts: 3341
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
One method I've seen for this is to encrypt the password to a long value.

This will always produce the same long number for a password and has a very low occurance of the same number for different passwords as long as the password is less than 16 characters.
 
gautham kasinath
Ranch Hand
Posts: 583
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi!
Tanx a lot I guess it will help my purpose..
but can u gimme an Idea of how hack proof it will be to encrypt de password this way??
Regds
Gautham Kasinath
 
Ranch Hand
Posts: 532
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can use a hashing algorithm if you don't want to use
JCE. The java.security package provides support for both
MD5 and SHA-1.
 
gautham kasinath
Ranch Hand
Posts: 583
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi!
Well tanx I guess de hash code will work but will it on crypting the password in a way that the same hash code is generated for the character always??? dats a question I ll find an answer to.
regds
Gautham Kasinath
 
reply
    Bookmark Topic Watch Topic
  • New Topic