otherside Posted April 10, 2003 Posted April 10, 2003 Data Encryption (Urgent) Hello guys, i have some questions for the experts :) I'm building a couple of aplications that deal with databases and lots of data for academic and comercial use. I need some of the data to be encrypted and lots of other texts too(passwords etc.) Here is what i need your expertise at: What is the best way to store passwords and the big question WHERE ? (file, registry, system variables, system files ? ) What is the most secure way to encrypt some text and store it to a file ? (My only experience is with the very very simple DES system of .NET, which as of what i understand can be decrypted by anyone as it doesn't use keys) Please refer to some examples or whatever if possible. The mdb file, as a database i'm using the Oledb driver with simple MS access file. How can i lock this file , or encrypt it or something, that will make it unreadable by someone besides the program. (Note it's quite big 5-20 MB.) Thanks guys. Quote
Grimfort Posted April 11, 2003 Posted April 11, 2003 Databases like access already have security built into them. Check up your access help file for that one. Quote
otherside Posted April 14, 2003 Author Posted April 14, 2003 i know, but this can be easily broken. I even found an article in a computer magazine how to do it. I need something stong :) Anyone else ? thanks Quote
*Gurus* Derek Stone Posted April 14, 2003 *Gurus* Posted April 14, 2003 What is the best way to store passwords and the big question WHERE ? The best way to store a password is not to store it at all. Store its hash value which can be used to compare user input with. See the attached file below for a Visual Basic .NET example of hashing a string value.hash.zip Quote Posting Guidelines
otherside Posted April 14, 2003 Author Posted April 14, 2003 Thanks Derek, and also for the code many thanks I have a question lets say that i store the hash, how easy this hash can be decoded to the original text. And how can i increase it's security ? Quote
*Experts* Bucky Posted April 14, 2003 *Experts* Posted April 14, 2003 how easy this hash can be decoded to the original text. It's impossible, or nearly so; that's the point. Hashes cannot be decrypted. They only go one way, so when the user enters a password, a hash is created, then compared to the hash that's stored. This quote comes from an MD5 hash page: It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. From another page: The functions are thought to be secure, in the sense that it would require an enormous amount of computing power to find a string which hashes to a chosen value. In others words, there's no way to decrypt a secure hash. The uses of secure hashes include digital signatures and challenge hash authentication. Quote "Being grown up isn't half as fun as growing up These are the best days of our lives" -The Ataris, In This Diary
otherside Posted April 14, 2003 Author Posted April 14, 2003 Guys thanks again, you helped a lot. :) Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.