encrypted string always the same
Neil Williams
linux at codehelp.co.uk
Wed Aug 25 14:56:32 CEST 2004
On Wednesday 25 August 2004 1:30, Marius Andreiana wrote:
> I saw everytime a text is encrypted with the same public key, the result
> is different.
Try encrypting using a symmetric cipher.
from man gpg:
-c, --symmetric
Encrypt with a symmetric cipher using a passphrase. The
default symmetric cipher used is CAST5, but
may be chosen with the --cipher-algo option.
> I'm trying to store gpg-encrypted values in a database, but would like
> to be able to tell if a user-entered value matches the encrypted one in
> database (by crypting it with the same public key).
Wouldn't 'crypt' do the same thing? SQL already handles this using the
password() function. It's a one-way encryption that just compares the
encrypted hash, as stored in a suitable varchar field.
select credit_card from subscribers where password = password(user_value);
:-)
> I realize this makes it vulnerable to brute-force attack (I encrypt
> short 4-digit strings and other short stuff).
In the same way as 'crypt' isn't invulnerable.
You obviously have to guard against someone obtaining the cipher text itself -
which would normally be public with gpg defaults - as this could be used to
sidestep your security.
select credit_card from subscribers where password = user_value limit 1;
--
Neil Williams
=============
http://www.codehelp.co.uk/
http://www.dclug.org.uk/
http://www.isbn.org.uk/
http://sourceforge.net/projects/isbnsearch/
http://www.biglumber.com/x/web?qs=0x8801094A28BCB3E3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
Url : /pipermail/attachments/20040825/ac0518e9/attachment.bin
More information about the Gnupg-users
mailing list