Encoding / decoding strings

[Steven D'Aprano]

On Fri, 05 Jan 2007 09:39:17 -0800, oliver at obeattie.com wrote:

> Basically, what I am trying to do is display all comments by a
> specified user on the website. As the only thing which has =always=
> been used to identify users which never changes is their e-mail
> addresses, 

What are you talking about? I've changed my email address a dozen times
on many mailing lists and websites. I'm still me.

> this is the only thing which I can use. Obviously, I can't
> display this e-mail address though.

There is nothing obvious about that all all. Email addresses are usually
public. But okay, your users aren't expecting their email address to be
public.

Why not do what many jails do with prisoners? Everybody gets a unique
number. In your case, just walk through the database of users, giving
each one a number. You can't reverse engineer the email address from the
number without breaking into the database. Then your website can refer to
them as "Prisoner 123456789" which should be good for a few laughs.

Or simply take the username part of the address. So "fred at hotmail.com"
would become "fred". Then "fred at gmail.com" would become "fred1", and so
forth.

Obviously you don't try to generate the username from the email address
every single time, you do it once, and keep a list of used usernames so
that when "fred at yahoo.com" joins you know "fred" and "fred1" are both used
and he has to be "fred2".

md5 checksums can now be broken, in both directions: it is relatively
easy to generate collisions, and there are reverse md5 lookup tables.
I imagine your use of md5 would be especially easy to attack, since the
attacker knows that the string is an email address.



-- 
Steven.