Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

Re: Encryption using perl core functions only

by ikegami (Patriarch)
on Nov 26, 2007 at 07:14 UTC ( [id://652929]=note: print w/replies, xml ) Need Help??


in reply to Encryption using perl core functions only

Crypt::Blowfish_PP is meant to be called from Crypt::CBC. Doing otherwise will severely weaken the encryption.

Replies are listed 'Best First'.
Re^2: Encryption using perl core functions only
by amarquis (Curate) on Nov 26, 2007 at 17:21 UTC

    How did you know? I'm looking through the documentation now, and I'm probably reading it wrong, but it looks like the module is fine with being called directly.

      Crypt::Blowfish_PP only provides means of encrypting and decrypting 8-byte blocks. Being able to encrypt and decrypt blocks is just part of "encryption".

      • Were you just passing random length strings to encrypt? You need padding.
      • Were you planning on encrypting every block with the same key? You need chaining.
      • Were you planning on encrypting every conversation with the same key? You need salting.

      Crypt::CBC is a facility to provide padding, chaining and salting.

      That still leaves

      • key management, (How do you give the key to both hosts? How does each host protect the key? How do you know the protection works? What happens when the protection fails? Until when is the key valid? What happens if the key is compromised? etc.)
      • algorithm management, (How do you know Blowfish is still secure? What happens when Blowfish is not secure? How do you know the implementation is secure? What happens when the implementation is no longer secure? etc.),
      • ...

      And that's just to protect the data in transit.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://652929]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others studying the Monastery: (6)
As of 2024-03-28 09:00 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found