hmbscully has asked for the wisdom of the Perl Monks concerning the following question:

I have an already-existing perl script that takes information from a form and writes the submitted data as a fixed-length line into a text file that accumulates the submissions.

I've been tasked with modifying the script so that the text file is encrypted using either 3DES or AES encryption.
CPAN shows a number of Crypt:: modules, but are any of them current for either of those methods? I can't tell. Crypt::TripleDES appears old (1999) and slow. Am I reading correctly that the Crypt::Rijndael is AES? I'm a total encryption n00b, so excuse me if I'm missing something obvious.

Anyone have any experience with any modules for either AES or 3DES?
Thanks.

I learn more and more about less and less until eventually I know everything about nothing.

Replies are listed 'Best First'.
Re: encryption using AES or 3DES
by ikegami (Patriarch) on Nov 06, 2007 at 21:17 UTC

    DES and 3DES are quite old. DES was succeeded by AES on November 26, 2001 after a 5-year standardization process (according to Wikipedia).

    AES is Rijndael with limits on key and block sizes. Twofish, Blowfish and Serpent were other finalists.

    Don't use Crypt::Rijndael, Crypt::TripleDES, etc directly. Use them via Crypt::CBC, which adds salting and the ability to encrypt data of arbitrary length (via padding and chaining).

    Update: Oops, Blowfish is well studied, but wasn't an AES candidate. Fixed.

[reply]

Back to Seekers of Perl Wisdom