From: | Stephane Alnet <stephane(at)u-picardie(dot)fr> |
---|---|
To: | pgsql-general(at)postgreSQL(dot)org |
Subject: | Re: [GENERAL] encrypted field |
Date: | 1999-09-29 00:15:38 |
Message-ID: | 37F15A2A.82C50D3B@u-picardie.fr |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
> > PS: Note that all crypted passwords are created with salt "HP" (my name
> > initials..) You can change that, or if you know C, you can do in a way that it
> > will pick two random characters (the way it should really be).
One quick remark: if you are serious about using hash (not encryption, strictly
speaking) as a protection: having a *random* salt is an important part of using
crypt(). "Static salt" (sounds weird, huh) reduces the strength of the algorithm
a lot.
> I also ran into a 'gotcha': crypt expects zero terminated
> strings, pg text type is a counted string.
> [...] anyone have any improvements, let me know
To avoid this "gotcha" and at the same time provide quality "hash", you may want
to look into functions like MD5 or SHA-1 which will accept anything as input (a
bit stream!) and generate a fixed-length, ASCII-text result.
Stéphane
PS: I have a working implementation of SHA-1 in C, if someone has the time /
experience / need to write a wrapper for pgsql... ;)
From | Date | Subject | |
---|---|---|---|
Next Message | Stephane Alnet | 1999-09-29 00:16:16 | Re: [GENERAL] encrypted field |
Previous Message | Stephane Alnet | 1999-09-29 00:14:32 | Re: [GENERAL] encrypted field |