md5 hashing
Brendan Quinn
brendan at clueful.com.au
Thu Jan 31 00:22:19 CST 2002
Nope, "hashing" by definition is a one-way thing, exactly like crypt(3).
The idea is that any string will hash to something strange, and that the
spread of possibilities is fairly even (ie it's unlikely that two
strings will hash to the same string). It's only useful for one-way
encryption such as storing passwords, and validity checking / signing
algorithms. MD5 and SHA are the most common hashing algorithms (crypt
uses an algotirhm based on DES according to my man page on Linux).
For two way encryption where you can securely transmit the key between
hosts (securely meaning not over a network), look at DES, RC4/RC5/RC6,
or Blowfish. They're all on CPAN via
http://www.perl.com/CPAN-local/modules/by-category/14_Security_and_Encryption/Crypt/
If you need to securely transfer keys as well, you should use a public
key / certificate based encryption mechanism such as PGP or SSL. They
both have modules available on CPAN.
In fact SSL has all the network communication stuff built in, so you
should simply be able to open an HTTPS connection between your sites and
forget about the hard stuff. You could even install ssh (SSL-based
remote shell) and do it over shell scripts or the command line.
Hope this helps, I really should go do some work now.
Brendan.
PS for a great introduction to the topic, check out Bruce Schneier's
"Applied Cryptography" book.
Andrew Gray wrote:
> What I want to do, is remotely control some of the functions on a server. To
> this end, I can do it using sockets and loading a client program and that
> all works OK, but I think to be secure I need to encrypt the message I am
> passing between the servers (call me paranoid, but I dont really trust
> telstra's network that much ....)
>
>>From how I understand it, MD5 encryption lets you hash a message with a
> given key, and then using the same key, unencrypt the message at the other
> end. Is this right? or is it a one way encryption like crypt()?
>
> Having read the synopsis from www.cpan.org I can see how to hash the message
> given a key string, but nowhere can I see how to unencrypt at the other end
> of the transmission.
>
> OR are there any other two way encryption modules around that I could use
> simply.
>
> regards
>
> Andrew Gray
> Systems Administrator, NetConnect Communications
> sysadmin at netconnect.com.au
--
Brendan Quinn brendan at clueful.com.au
Clueful Consulting Pty Ltd Phone +61 4 0076 0077
GPO Box 2747EE within Australia: 0400 760 077
Melbourne, Australia http://www.clueful.com.au/brendan/
More information about the Melbourne-pm
mailing list