Re: [WebDNA] encrypt files/directories

This WebDNA talk-list message is from

2011


It keeps the original formatting.
numero = 107605
interpreted = N
texte = > We have implemented blowfish in WebDNA 7.0. Blowfish is a strong = symmetric block ciphers used in SSH, OpenBSD, IPSec with 32 bits to 448 = bits key length;. It allows very fast encryption and is trong enough. Chris, I now appreciate that Webdna uses blowfish, and glad we had this = discussion, but (and someone correct me if I am wrong), fast encryption = is not a strength, but actually a positive weakness. =46rom a thread = on another forum,=20 = --------------------------------------------------------------------------= ------ "bcrypt (blowfish) is an hashing algorithm which is scalable with = hardware (via a configurable number of rounds). Its __slowness__ and = multiple rounds ensures that an attacker must deploy massive funds and = hardware to be able to crack your passwords. Add to that per-password = salts (bcrypt REQUIRES salts) and you can be sure that an attack is = virtually unfeasible without either ludicrous amount of funds or = hardware." ...and,=20 "The goal is to hash the password with something slow so someone getting = your password database will die trying to bruteforce it (a 10ms delay to = check a password is nothing for you, a lot for someone trying to = bruteforce it). Bcrypt is slow and can be used with a parameter to chose = how slow it is." = --------------------------------------------------------------------------= ------ I am just beginning learning about (some of) the depth of modern = security/encryption, but AFAIK it is important that the 'cost = parameter'/'iteration count' (configurable number of rounds that the = algorithm is applied) should be as high as possible (that one's app can = handle) to thus require as much computation as possible to reverse the = process (i.e. ADD slowness) - to make it unfeasible for hackers to brute = force 'un-encrypt'. -Govinda= Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] encrypt files/directories (Donovan Brooke 2011)
  2. Re: [WebDNA] encrypt files/directories (Govinda 2011)
  3. Re: [WebDNA] encrypt files/directories (christophe.billiottet@webdna.us 2011)
  4. Re: [WebDNA] encrypt files/directories (christophe.billiottet@webdna.us 2011)
  5. Re: [WebDNA] encrypt files/directories (Govinda 2011)
  6. Re: [WebDNA] encrypt files/directories (Grant Hulbert 2011)
  7. Re: [WebDNA] encrypt files/directories (Govinda 2011)
  8. Re: [WebDNA] encrypt files/directories ("Brian B. Burton" 2011)
  9. Re: [WebDNA] encrypt files/directories (Steve Raslevich -Northern Sound 2011)
  10. Re: [WebDNA] encrypt files/directories (Govinda 2011)
  11. Re: [WebDNA] encrypt files/directories (Steve Raslevich -Northern Sound 2011)
  12. Re: [WebDNA] encrypt files/directories (Govinda 2011)
  13. [WebDNA] encrypt files/directories (Steve Raslevich -Northern Sound 2011)
> We have implemented blowfish in WebDNA 7.0. Blowfish is a strong = symmetric block ciphers used in SSH, OpenBSD, IPSec with 32 bits to 448 = bits key length;. It allows very fast encryption and is trong enough. Chris, I now appreciate that Webdna uses blowfish, and glad we had this = discussion, but (and someone correct me if I am wrong), fast encryption = is not a strength, but actually a positive weakness. =46rom a thread = on another forum,=20 = --------------------------------------------------------------------------= ------ "bcrypt (blowfish) is an hashing algorithm which is scalable with = hardware (via a configurable number of rounds). Its __slowness__ and = multiple rounds ensures that an attacker must deploy massive funds and = hardware to be able to crack your passwords. Add to that per-password = salts (bcrypt REQUIRES salts) and you can be sure that an attack is = virtually unfeasible without either ludicrous amount of funds or = hardware." ...and,=20 "The goal is to hash the password with something slow so someone getting = your password database will die trying to bruteforce it (a 10ms delay to = check a password is nothing for you, a lot for someone trying to = bruteforce it). Bcrypt is slow and can be used with a parameter to chose = how slow it is." = --------------------------------------------------------------------------= ------ I am just beginning learning about (some of) the depth of modern = security/encryption, but AFAIK it is important that the 'cost = parameter'/'iteration count' (configurable number of rounds that the = algorithm is applied) should be as high as possible (that one's app can = handle) to thus require as much computation as possible to reverse the = process (i.e. ADD slowness) - to make it unfeasible for hackers to brute = force 'un-encrypt'. -Govinda= Govinda

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Country & Ship-to address & other fields ? (1997) hierarchy question... (2000) WebCat2 Append problem (B14Macacgi) (1997) blank page from template (1997) select menus & database design (1998) rounding to nearest .05 (1999) include bug????? (1997) Narrowing NT Crashing error (2000) Security Issue (1999) Database of Tax Rates? (1997) math on date? (1997) Summary layout (1997) Scientific Notation Problem (2001) Generating unique SKU from [cart] (1997) OT: Windows Media/Real Media (2001) [OT] Visual Fox Pro vs. SQL (2005) [WebDNA] shopping sites and the "old commerce tags" (2012) I'm tired of all this! (2000) small hairball -- stuck on [showif] for related db (1998) (no subject) (1997)