in reply to Re^5: Opening an Encrypted DB_File database
in thread Opening an Encrypted DB_File database

Yeah, a bit of overkill but looking forward I considered that a year ago 128 bit used to be considered strong, whereas, a year later its not. Yeah, the password bit is the weakpoint but I'm not sure how to strengthen that. I have to consider that a users must get into the program somehow (relatively easily) but also consider that IF a hacker got in they'd then have access to ALL their passwords. Its needs a good strong front door. :-) Any ideas are welcome.

Also, how did you derive 10^16? Just curious. Thanks again.

Dean
The Funkster of Mirth
Programming these days takes more than a lone avenger with a compiler. - sam
RFC1149: A Standard for the Transmission of IP Datagrams on Avian Carriers
  • Comment on Re^6: Opening an Encrypted DB_File database

Replies are listed 'Best First'.
Re^7: Opening an Encrypted DB_File database
by hardburn (Abbot) on Jul 15, 2004 at 14:27 UTC

    128 bits is still strong and will be for the forseeable future, excepting a sudden mathmatical breakthrough. Further, the cost to brute force rises exponentially with the keysize and can easily outpace Moore's Law.

    You would do well to pick up a copy of "Applied Cryptography" (or "Practical Cryptography", which is sort of the updated version, but I haven't read it myself yet). In particular, you may find the chapter on combining ciphers enlightening. You can't just put two 256-bit ciphers together and get a 512-bit cipher. IIRC, you're not worse off (security-wise) than if you had only used one cipher, but you're probably no better off, either. It's possible to combine ciphers, but it has to be done carefuly.

    ----
    send money to your kernel via the boot loader.. This and more wisdom available from Markov Hardburn.

[reply]
[reply]

In Section Seekers of Perl Wisdom