Encrypting a short string?
marek.rocki at wp.pl
marek.rocki at wp.pl
Mon Feb 11 16:07:23 EST 2008
erikcw napisal(a):
> But that can't be reversed, right? I'd like to be able to decrypt the
> data instead of having to store the hash in my database...
In such case it seems you have no choice but to use a symmetric
encryption algorithm - in other words, your original method. If the
strings are ~20 bytes long (3 DES blocks), then the base64-encoded
ciphertext will have 32 characters. In case of AES, that'll be up to
45 characters. Wouldn't such length be acceptable?
Paul Rubin napisal(a):
> 2. What happens if the user edits the subject line?
> Under normal security requirements you cannot do this. The ciphertext
> has to be longer than the plaintext since you don't want the opponent
> to be able to tell whether two plaintexts are the same. Therefore you
> have to attach some random padding to each plaintext. Also, you
> presumably want the ciphertext to be encoded as printing characters,
> while normally you'd treat the input as binary, so there is some
> further expansion.
If what erikcw is looking for is a cryptographically secure protocol,
there are more things to be careful about, like authentication or
replay attacks. But indeed, I'm wondering now what his use-case is.
> I'm using this encrypted string to identify emails from a
> user. (the string will be in the subject line of the email).
Why not use "From" field to identify emails from a particular user?
Regards,
Marek
More information about the Python-list
mailing list