Perl Basics
Introduction to Perl
FAQ's
CGI
Regular Expressions

PC Overview
Cool Stuff
My Modules
Success Stories
Links
Perl in the News
Logos
Perl @ msn
Perl Chat

PC Internals
About
Contact
Guest Book
Handy Logos
What's new

Cryptography in Perl

Data Encryption / Decryption
See also My::Crypt - Google
P-friendly

[ home ] - [ search ] - [ sitemap ]

[ perl corner ] > [ Cryptography ] > [ Crypt::Blowfish ] > [ Crypt::CBC ] > [ My::Crypt ] - [ More Perl Cryptography ]

String Encryption with crypt()

Common Algorithms (widely used)

DES, DES3, BLOWFISH, RC2, RC4, RC5, idea, CAST5

DES

The Data Encryption Standard (DES) is an algorithm developed in the mid-1970s. It was turned into a standard by the US National Institute of Standards and Technology (NIST), and was also adopted by several other governments worldwide. It was and still is widely used, especially in the financial industry.

DES is a block cipher with 64-bit block size. It uses 56-bit keys. This makes it suspectible to exhaustive key search with modern computers and special-purpose hardware. DES is still strong enough to keep most random hackers and individuals out, but it is easily breakable with special hardware by government, criminal organizations, or major corporations. DES is getting too weak, and should not be used in new applications.

A variant of DES, Triple-DES (also 3DES) is based on using DES three times (normally in an encrypt-decrypt-encrypt sequence with three different, unrelated keys). The Triple-DES is arguably much stronger than (single) DES, however, it is rather slow compared to some new block ciphers.

Nevertheless, even though DES seems to be of little interest for applications of today there are many reasons for considering it still important. It was the first block cipher which was widely deployed in the public sector. Thus it played an important role in making strong cryptography available to the public.

Also, the design was exceptionally good for a cipher that was meant to be used only a few years. DES proved to be a very strong cipher and it took over a decade for any interesting cryptanalytical attacks against it to develop (not to underestimate the pioneering efforts that lead to this breakthrough). The development of differential cryptanalysis and linear cryptanalysis opened ways to really understand the design of block ciphers.

Although at the time of DES's introduction its design philosophy was held secret, it did not discourage its analysis - to the contrary. Some information has been published about its design, and one of the original designers, Don Coppersmith, has commented that they discovered ideas similar to differential cryptanalysis already while designing DES in 1974. However, it was just matter of time that these fundamental ideas were re-discovered.

Even today, when DES is no longer considered a practical solution, it is often used to describe new cryptanalytical techniques. It is remarkable that even today, there are no cryptanalytical techniques that would completely break DES in a structural way, indeed, the only real weakness known is the short key size (and perhaps the small block size).


Blowfish

Blowfish was designed by Bruce Schneier. It is a block cipher with 64-bit block size and variable length keys (up to 448 bits). It has gained a fair amount of acceptance in a number of applications, including Nautilus and PGPfone.

Blowfish utilizes the idea of randomized S-boxes: while doing key scheduling, it generates large pseudo-random look-up tables by doing several encryptions. The tables depend on the user supplied key in a very complex way. This approach has been proven to be highly resistant against many attacks such as differential and linear cryptanalysis. Unfortunately it also means that it is not the algorithm of choice for environments where large memory space (something like than 4096 bytes) is not available.

The only known attacks against Blowfish are based on its weak key classes.


Sample Code:

Cryptographic Hash Functions
$crypted = crypt("hello", 'az'); # ---> 2AuDleQw6eOSg

print "Password?\n"; $try = ; chop $try;

if (crypt($try, '2AuDleQw6eOSg') eq '2AuDleQw6eOSg') {
        print "OK!\n";
}
else { print "<-- NOT OK! $try\n" }

How to generate a unique user id?

Sample Code:

use MD5;

$id = substr(MD5->hexhash(time(). {}. rand(). $$. 'abc'), 0, 8);

print "$id\n"; 
Description: last digit represents the exact length of the id.
Symetric encryption:
Crypt::CBC (DES-Verschlüsselung) 
$cipher = new Crypt::CBC $CONFIG{'key'}, 'DES';

$decoded = $cipher->decrypt($coded);

SHA-1 message digest algorithm

#!/usr/bin/perl -w
use strict;


# NIST SHA-1 message digest algorithm

use Digest::SHA1 qw(sha1_base64);

my $input    = 'Hello, World!';

print sha1_base64($input . 'secret'), "\n";
print sha1_base64($input . 'secre' ), "\n";
print sha1_base64($input . 'secr'  ), "\n";

Output:

AN60eYkPk7jOCcRvQvPY2zi0RO0
mbyHv9cckXre2Cs1urHi0XiXwDs
VY0Lzi7U0wRdACtVVMLlySn4m9o
home - feedback - search - web jobs
© 1998-2004 retoh :)