Skip site navigation (1) Skip section navigation (2)

Re: [GENERAL] encrypted field

From: Stephane Alnet <stephane(at)u-picardie(dot)fr>
To: pgsql-general(at)postgresql(dot)org
Subject: Re: [GENERAL] encrypted field
Date: 1999-09-29 00:14:32
Message-ID: 37F159E8.632A04AA@u-picardie.fr (view raw or flat)
Thread:
Lists: pgsql-general
> > PS: Note that all crypted passwords are created with salt "HP" (my name
> > initials..) You can change that, or if you know C, you can do in a way that it
> > will pick two random characters (the way it should really be).

One quick remark: if you are serious about using hash (not encryption, strictly
speaking) as a protection: having a *random* salt is an important part of using
crypt(). "Static salt" (sounds weird, huh) reduces the strength of the algorithm
a lot.

> I also ran into a 'gotcha': crypt expects zero terminated
> strings, pg text type is a counted string. 
> [...] anyone have any improvements, let me know

To avoid this "gotcha" and at the same time provide quality "hash", you may want
to look into functions like MD5 or SHA-1 which will accept anything as input (a
bit stream!) and generate a fixed-length, ASCII-text result.

St├ęphane

PS: I have a working implementation of SHA-1 in C, if someone has the time /
experience / need to write a wrapper for pgsql... ;)

In response to

pgsql-general by date

Next:From: Stephane AlnetDate: 1999-09-29 00:15:38
Subject: Re: [GENERAL] encrypted field
Previous:From: Shawn PursleyDate: 1999-09-28 21:45:31
Subject: Is there some type of Daemon that can look at pgsql?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group