Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation

Re: Customer data encryption (Crypt::CBC)

by ikegami (Patriarch)
on Feb 25, 2007 at 11:58 UTC ( #601985=note: print w/replies, xml ) Need Help??

in reply to Customer data encryption

I just have time for a quick note/correction.

Output is encrypted using this key with a fast symmetric method i.e. Crypt::CBC(?)

Most ciphers encrypt small, fix-sized blocks. (Usually blocks of exactly 8 or 16 bytes.) Crypt::CBC provides padding (for when the length isn't a multiple of the required block size) and chaining (for when there is more than one block of data).

Crypt::CBC adds two measures of security. Each block is encrypted with a different key, and salt is added (causing a plaintext to result in a different cyphertext every time it's encrypted).

In short, Crypt::CBC converts a block cipher (AES, Blowfish, etc) into a stream cipher in a safe fashion. Crypt::CBC is *not* a cipher itself. It only provides the previously mentioned features. Modules such as Crypt::Rijndael (aka AES), Crypt::Blowfish and Crypt::Twofish provide the actual encryption.

Block ciphers (such as Crypt::Rijndael, Crypt::Blowfish, Crypt::Twofish) should not be used directly. They should be used through Crypt::CBC.

  • Comment on Re: Customer data encryption (Crypt::CBC)

Replies are listed 'Best First'.
Re^2: Customer data encryption (Crypt::CBC)
by 0xbeef (Hermit) on Feb 25, 2007 at 13:42 UTC
    Thanks, I understand this better now. I'd probably want to use AES-256 in this case. I should have said that I'm planning to use Crypt::CBC with a Rijndael cipher


Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://601985]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others making s'mores by the fire in the courtyard of the Monastery: (4)
As of 2022-12-02 10:31 GMT
Find Nodes?
    Voting Booth?