md5 hashing

Brendan Quinn brendan at clueful.com.au
Thu Jan 31 00:22:19 CST 2002 

Nope, "hashing" by definition is a one-way thing, exactly like crypt(3). 
The idea is that any string will hash to something strange, and that the 
spread of possibilities is fairly even (ie it's unlikely that two 
strings will hash to the same string). It's only useful for one-way 
encryption such as storing passwords, and validity checking / signing 
algorithms. MD5 and SHA are the most common hashing algorithms (crypt 
uses an algotirhm based on DES according to my man page on Linux).

For two way encryption where you can securely transmit the key between 
hosts (securely meaning not over a network), look at DES, RC4/RC5/RC6, 
or Blowfish. They're all on CPAN via

http://www.perl.com/CPAN-local/modules/by-category/14_Security_and_Encryption/Crypt/

If you need to securely transfer keys as well, you should use a public 
key / certificate based encryption mechanism such as PGP or SSL. They 
both have modules available on CPAN.

In fact SSL has all the network communication stuff built in, so you 
should simply be able to open an HTTPS connection between your sites and 
forget about the hard stuff. You could even install ssh (SSL-based 
remote shell) and do it over shell scripts or the command line.

Hope this helps, I really should go do some work now.

Brendan.

PS for a great introduction to the topic, check out Bruce Schneier's 
"Applied Cryptography" book.

Andrew Gray wrote:

> What I want to do, is remotely control some of the functions on a server. To
> this end, I can do it using sockets and loading a client program and that
> all works OK, but I think to be secure I need to encrypt the message I am
> passing between the servers (call me paranoid, but I dont really trust
> telstra's network that much ....)
> 
>>From how I understand it, MD5 encryption lets you hash a message with a
> given key, and then using the same key, unencrypt the message at the other
> end. Is this right? or is it a one way encryption like crypt()?
> 
> Having read the synopsis from www.cpan.org I can see how to hash the message
> given a key string, but nowhere can I see how to unencrypt at the other end
> of the transmission.
> 
> OR are there any other two way encryption modules around that I could use
> simply.
> 
> regards
> 
> Andrew Gray
> Systems Administrator, NetConnect Communications
> sysadmin at netconnect.com.au


-- 
Brendan Quinn                                   brendan at clueful.com.au
Clueful Consulting Pty Ltd                       Phone +61 4 0076 0077
GPO Box 2747EE                          within Australia: 0400 760 077
Melbourne, Australia                http://www.clueful.com.au/brendan/

More information about the Melbourne-pm mailing list