Re^5: encrypt/decrypt string

Rather than encrypt/decrypt a string, why not generate a random string that you use as a key to look up the session information? That way there is nothing to decrypt, it's a one time pad in effect.

DWIM is Perl's answer to Gödel

Comment on Re^5: encrypt/decrypt string

Replies are listed 'Best First'.
Re^6: encrypt/decrypt string by artist (Parson) on Oct 19, 2006 at 18:40 UTC
I don't have to maintain a table. Also, it's not about the sessions. URL given to user, should be fixed for lifetime, based on login. Also, on decryption, I need to get the 'login' info back. --Artist	[reply]
Re^7: encrypt/decrypt string by driver8 (Scribe) on Oct 19, 2006 at 22:50 UTC
Artist, what they are saying is: if you want the login info to be secure, why not just use a random string or number and link it to that login on the server side? If you don't really care about it being secure, why not just send the login unencrypted? Personally, I still can't see what you want to accomplish by encrypting. -driver8	[reply]
Re^8: encrypt/decrypt string by artist (Parson) on Oct 26, 2006 at 23:51 UTC
By encrypting the login, people cannot forge logins to hack the system. --Artist	[reply]
Re^9: encrypt/decrypt string by pKai (Priest) on Oct 27, 2006 at 06:25 UTC
Re^10: encrypt/decrypt string by artist (Parson) on Oct 27, 2006 at 14:38 UTC