Re: [WebDNA] encrypt files/directories

This WebDNA talk-list message is from

2011


It keeps the original formatting.
numero = 107605
interpreted = N
texte = > We have implemented blowfish in WebDNA 7.0. Blowfish is a strong = symmetric block ciphers used in SSH, OpenBSD, IPSec with 32 bits to 448 = bits key length;. It allows very fast encryption and is trong enough. Chris, I now appreciate that Webdna uses blowfish, and glad we had this = discussion, but (and someone correct me if I am wrong), fast encryption = is not a strength, but actually a positive weakness. =46rom a thread = on another forum,=20 = --------------------------------------------------------------------------= ------ "bcrypt (blowfish) is an hashing algorithm which is scalable with = hardware (via a configurable number of rounds). Its __slowness__ and = multiple rounds ensures that an attacker must deploy massive funds and = hardware to be able to crack your passwords. Add to that per-password = salts (bcrypt REQUIRES salts) and you can be sure that an attack is = virtually unfeasible without either ludicrous amount of funds or = hardware." ...and,=20 "The goal is to hash the password with something slow so someone getting = your password database will die trying to bruteforce it (a 10ms delay to = check a password is nothing for you, a lot for someone trying to = bruteforce it). Bcrypt is slow and can be used with a parameter to chose = how slow it is." = --------------------------------------------------------------------------= ------ I am just beginning learning about (some of) the depth of modern = security/encryption, but AFAIK it is important that the 'cost = parameter'/'iteration count' (configurable number of rounds that the = algorithm is applied) should be as high as possible (that one's app can = handle) to thus require as much computation as possible to reverse the = process (i.e. ADD slowness) - to make it unfeasible for hackers to brute = force 'un-encrypt'. -Govinda= Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] encrypt files/directories (Donovan Brooke 2011)
  2. Re: [WebDNA] encrypt files/directories (Govinda 2011)
  3. Re: [WebDNA] encrypt files/directories (christophe.billiottet@webdna.us 2011)
  4. Re: [WebDNA] encrypt files/directories (christophe.billiottet@webdna.us 2011)
  5. Re: [WebDNA] encrypt files/directories (Govinda 2011)
  6. Re: [WebDNA] encrypt files/directories (Grant Hulbert 2011)
  7. Re: [WebDNA] encrypt files/directories (Govinda 2011)
  8. Re: [WebDNA] encrypt files/directories ("Brian B. Burton" 2011)
  9. Re: [WebDNA] encrypt files/directories (Steve Raslevich -Northern Sound 2011)
  10. Re: [WebDNA] encrypt files/directories (Govinda 2011)
  11. Re: [WebDNA] encrypt files/directories (Steve Raslevich -Northern Sound 2011)
  12. Re: [WebDNA] encrypt files/directories (Govinda 2011)
  13. [WebDNA] encrypt files/directories (Steve Raslevich -Northern Sound 2011)
> We have implemented blowfish in WebDNA 7.0. Blowfish is a strong = symmetric block ciphers used in SSH, OpenBSD, IPSec with 32 bits to 448 = bits key length;. It allows very fast encryption and is trong enough. Chris, I now appreciate that Webdna uses blowfish, and glad we had this = discussion, but (and someone correct me if I am wrong), fast encryption = is not a strength, but actually a positive weakness. =46rom a thread = on another forum,=20 = --------------------------------------------------------------------------= ------ "bcrypt (blowfish) is an hashing algorithm which is scalable with = hardware (via a configurable number of rounds). Its __slowness__ and = multiple rounds ensures that an attacker must deploy massive funds and = hardware to be able to crack your passwords. Add to that per-password = salts (bcrypt REQUIRES salts) and you can be sure that an attack is = virtually unfeasible without either ludicrous amount of funds or = hardware." ...and,=20 "The goal is to hash the password with something slow so someone getting = your password database will die trying to bruteforce it (a 10ms delay to = check a password is nothing for you, a lot for someone trying to = bruteforce it). Bcrypt is slow and can be used with a parameter to chose = how slow it is." = --------------------------------------------------------------------------= ------ I am just beginning learning about (some of) the depth of modern = security/encryption, but AFAIK it is important that the 'cost = parameter'/'iteration count' (configurable number of rounds that the = algorithm is applied) should be as high as possible (that one's app can = handle) to thus require as much computation as possible to reverse the = process (i.e. ADD slowness) - to make it unfeasible for hackers to brute = force 'un-encrypt'. -Govinda= Govinda

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Bug Report, maybe (1997) more on quicktime test stuff (1997) Case statement (2003) Virtual hosting and webcatNT (1997) [protect admin] (1997) [CART] inside a [LOOP] (1997) pop up menu's (1998) b12 cannot limit records returned and more. (1997) windows 95 netscape 3.01 browser bug? (1997) Which version to buy? (2000) SendTo more emails (1998) is [Bankres] an internal webcat variable? (1999) all records returned. (1997) Comments in db? (1997) [OT] Flash conternt only in IE? (2006) Help name our technology! I found it (1997) WebCat2b12 - New features for 1.6 users ... (1997) carriage returns in data (1997) credit card authorization question (1997) RE: Loss in form (1998)