Re: [WebDNA] encrypt files/directories
This WebDNA talk-list message is from 2011
It keeps the original formatting.
numero = 107605
interpreted = N
texte = > We have implemented blowfish in WebDNA 7.0. Blowfish is a strong =symmetric block ciphers used in SSH, OpenBSD, IPSec with 32 bits to 448 =bits key length;. It allows very fast encryption and is trong enough.Chris,I now appreciate that Webdna uses blowfish, and glad we had this =discussion, but (and someone correct me if I am wrong), fast encryption =is not a strength, but actually a positive weakness. =46rom a thread =on another forum,=20=--------------------------------------------------------------------------=------"bcrypt (blowfish) is an hashing algorithm which is scalable with =hardware (via a configurable number of rounds). Its __slowness__ and =multiple rounds ensures that an attacker must deploy massive funds and =hardware to be able to crack your passwords. Add to that per-password =salts (bcrypt REQUIRES salts) and you can be sure that an attack is =virtually unfeasible without either ludicrous amount of funds or =hardware."...and,=20"The goal is to hash the password with something slow so someone getting =your password database will die trying to bruteforce it (a 10ms delay to =check a password is nothing for you, a lot for someone trying to =bruteforce it). Bcrypt is slow and can be used with a parameter to chose =how slow it is."=--------------------------------------------------------------------------=------I am just beginning learning about (some of) the depth of modern =security/encryption, but AFAIK it is important that the 'cost =parameter'/'iteration count' (configurable number of rounds that the =algorithm is applied) should be as high as possible (that one's app can =handle) to thus require as much computation as possible to reverse the =process (i.e. ADD slowness) - to make it unfeasible for hackers to brute =force 'un-encrypt'.-Govinda=
Associated Messages, from the most recent to the oldest:
> We have implemented blowfish in WebDNA 7.0. Blowfish is a strong =symmetric block ciphers used in SSH, OpenBSD, IPSec with 32 bits to 448 =bits key length;. It allows very fast encryption and is trong enough.Chris,I now appreciate that Webdna uses blowfish, and glad we had this =discussion, but (and someone correct me if I am wrong), fast encryption =is not a strength, but actually a positive weakness. =46rom a thread =on another forum,=20=--------------------------------------------------------------------------=------"bcrypt (blowfish) is an hashing algorithm which is scalable with =hardware (via a configurable number of rounds). Its __slowness__ and =multiple rounds ensures that an attacker must deploy massive funds and =hardware to be able to crack your passwords. Add to that per-password =salts (bcrypt REQUIRES salts) and you can be sure that an attack is =virtually unfeasible without either ludicrous amount of funds or =hardware."...and,=20"The goal is to hash the password with something slow so someone getting =your password database will die trying to bruteforce it (a 10ms delay to =check a password is nothing for you, a lot for someone trying to =bruteforce it). Bcrypt is slow and can be used with a parameter to chose =how slow it is."=--------------------------------------------------------------------------=------I am just beginning learning about (some of) the depth of modern =security/encryption, but AFAIK it is important that the 'cost =parameter'/'iteration count' (configurable number of rounds that the =algorithm is applied) should be as high as possible (that one's app can =handle) to thus require as much computation as possible to reverse the =process (i.e. ADD slowness) - to make it unfeasible for hackers to brute =force 'un-encrypt'.-Govinda=
Govinda
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Bug Report, maybe (1997)
more on quicktime test stuff (1997)
Case statement (2003)
Virtual hosting and webcatNT (1997)
[protect admin] (1997)
[CART] inside a [LOOP] (1997)
pop up menu's (1998)
b12 cannot limit records returned and more. (1997)
windows 95 netscape 3.01 browser bug? (1997)
Which version to buy? (2000)
SendTo more emails (1998)
is [Bankres] an internal webcat variable? (1999)
all records returned. (1997)
Comments in db? (1997)
[OT] Flash conternt only in IE? (2006)
Help name our technology! I found it (1997)
WebCat2b12 - New features for 1.6 users ... (1997)
carriage returns in data (1997)
credit card authorization question (1997)
RE: Loss in form (1998)