flat assembler
Message board for the users of flat assembler.

Index > Windows > Hash/Encrypt -> File

Author
Thread Post new topic Reply to topic
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
I'm planning a little console program to record passwords, hash them, and store them in the file. Thinking about first hashing the "master" password using SHA, then hashing again using MD5, and storing this master password in the file header. This would be for password confirmation, and the actual data would encrypted using 3DES by the previously-hashed password once it is confirmed. I've never done this level of API crypting before, and am wondering if this will suit my needs. If you're wondering why so specific, it is from a little program called Cryptex which I found.


Last edited by AlexP on 22 Nov 2007, 19:11; edited 1 time in total
Post 22 Nov 2007, 19:03
View user's profile Send private message Visit poster's website Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
Sorry, computer screwed up and rest was lost. Here's the rest of the model

Plaintext -> SHA hash (160 bits) -> MD5 hash (128 bits) -> File Header

Then, the plaintext data file (or input from console) would be crypted with 3DES and stored into an offset in the file. Is this the best method for what I'm going to be using? The specifics:

Takes <= 128 byte password from console or file
Takes <=128 byte username from console or file
Takes <= 128 byte "Reason" from console or file

EX: Password: 12345
Username: FoodIsGood
Message: Amazon.com

This method has proved perfect when crypting arbitrary amounts of data, but I have never done this level before...

PS: I don't really need to encrypt the passwords and such, but this program is for my mother who is has many passwords/usernames scattered around and would like it safe and sound.
Post 22 Nov 2007, 19:09
View user's profile Send private message Visit poster's website Reply with quote
vid
Verbosity in development


Joined: 05 Sep 2003
Posts: 7105
Location: Slovakia
vid
Do not use MD5, it is already broken.

For SHA, i suggest using libtomcrypt.

PS: it is good customary NOT to post several times in row. Think twice, and post once.
Post 22 Nov 2007, 20:15
View user's profile Send private message Visit poster's website AIM Address MSN Messenger ICQ Number Reply with quote
SomeoneNew



Joined: 12 Aug 2006
Posts: 54
SomeoneNew
do use md5 with a salt & pepper system, no one cares that much about your mother's passwords as to create specific rainbow tables just for them.

_________________
Im new, sorry if I bothered with any stupid question Smile
Post 24 Dec 2007, 04:26
View user's profile Send private message Reply with quote
AlexP



Joined: 14 Nov 2007
Posts: 561
Location: Out the window. Yes, that one.
AlexP
lol
Post 24 Dec 2007, 05:04
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.