Don't use Crypt::DES directly. Use it via Crypt::CBC instead. Crypt::CBC is designed to handle chaining issues (when the length of the plaintext is more than 8 bytes) and padding issues (when the length of the plaintext is not a multiple of 8 bytes).

use Crypt::CBC;

my $key = pack("H16", "0123456789ABCDEF");
my $plaintext = 'This data is hush hush';
print("$plaintext\n");

my $cipher = Crypt::CBC->new(
   -cipher => 'DES',
   -key    => $key,
);

my $ciphertext = $cipher->encrypt($plaintext);
print("$ciphertext\n");

my $recovered = $cipher->decrypt($ciphertext);
print("$recovered\n");
[download]

Untested.

Update: Added example.

Update: I forgot to mention the following:

By the way, I recommend against DES. It is outdated and easy to crack. By simply changing 'DES' to 'Blowfish', your encrypted data will be much more secure. You could also use 'Rijndael' (aka AES) if you supply a 32 byte key.

Further to ikegami's answer, not only does Crypt::CBC make things easier for you, it is also a lot more secure than manually encrypting the data in 8-byte chunks, because it XOR's each block with the preceding block, thus making it harder to spot data patterns (this doesn't matter much for small pieces of data like passwords, but is good to keep in mind in general).

Also, if you want any kind of real security:

1. Don't use passwords with less than eight characters
2. Don't use DES, it has known weaknesses and should no longer be used for any serious encryption. Crypt::CBC also works with lots of stronger ciphers, such as Crypt::IDEA, Crypt::Blowfish or Crypt::Rjindael (just substitute -cipher => 'DES' in ikegami's code with -cipher => 'Blowfish' and make sure you have the relevant module installed).Update: I see ikegami has added an update with the same recommendation while I was typing mine. I'll type quicker next time :-)

Of course, this also makes it impossible for the administrator to recover a forgotten user password. All he can do is reset it to a new one.

If that drawback (which can also be seen as a feature) is not a problem in your case, you should consider going with a hash function rather than a cypher. If you do want to implement a local keystore (such as what a browser uses for site passwords) then please go with one of the various Crypt::* suggestions.

Update: (*) While the hash value cannot really be decrypted, it is possible to brute-force crack it by trying all possible passwords for a match, which works quite well for poor (short/simple) passwords. This is why we have shadow password files these days (as opposed to storing the hashed password in /etc/passwd where everyone can take a shot at the guessing game).

Using a hash function for passwords is a good suggestion, ++. However, there are known attacks for MD5 and SHA-1. While these attacks are not yet considered serious enough to recommend switching applications away from these hashing methods, better algorithms exist and should be used for new apps (this is particularly true for MD5). Both Digest::SHA and Digest::SHA::Perl can use SHA-256, which is stronger, so you should use it instead.


There are ten types of people: those that understand binary and those that don't.

Note that recent advances against hashing affect _collision resistance_, i.e., make it feasible to generate identical hashes from different inputs. These kinds of weaknesses don't directly influence the security of password one-wayness. (They don't let one create a password with the same hash as any particular other one.)