Re^3: encryption related question ..

I went through the jasypt source code. Apparently, StandardPBEStringEncryptor inherits from StandardPBEByteEncryptor .. and that class has the defaults set.

String DEFAULT_ALGORITHM = "PBEWithMD5AndDES";
int DEFAULT_KEY_OBTENTION_ITERATIONS = 1000;
int DEFAULT_SALT_SIZE_BYTES = 8;

Here's the source for StandardPBEByteEncryptor:
http://jasypt.cvs.sourceforge.net/viewvc/jasypt/jasypt/src/main/java/org/jasypt/encryption/pbe/StandardPBEByteEncryptor.java?revision=1.23&view=markup
Now to find Perl's equivalent for this algorithm :)

Comment on Re^3: encryption related question ..

Replies are listed 'Best First'.
Re^4: encryption related question .. by dHarry (Abbot) on Jun 23, 2010 at 10:20 UTC
So it's password based encryption which uses MD5 as hash function and DES as underlying block cipher. The pdf file which can be found at the link I provided, describes in detail how it works. The defaults from the Java class imply the PBKDF1 key derivation function with MD5 as hash function, and the PBES1 encryption, using DES. I may hope it's not necessary to implement all steps yourself. I would start with Digest::MD5 and Crypt::Des. I don't think there is an off-the-shelf perl solution to your problem. Maybe you should look for an openSSL perl module? Hope this helps, Harry NB Keep in mind that for some applications the chosen parameters will not be safe enough. I think the 1000 iterations is really a minimum and DES was cracked long ago.	[reply]

Replies are listed 'Best First'.

Re^4: encryption related question ..
by dHarry (Abbot) on Jun 23, 2010 at 10:20 UTC

So it's password based encryption which uses MD5 as hash function and DES as underlying block cipher. The pdf file which can be found at the link I provided, describes in detail how it works.

The defaults from the Java class imply the PBKDF1 key derivation function with MD5 as hash function, and the PBES1 encryption, using DES. I may hope it's not necessary to implement all steps yourself. I would start with Digest::MD5 and Crypt::Des. I don't think there is an off-the-shelf perl solution to your problem. Maybe you should look for an openSSL perl module?

Hope this helps, Harry

NB Keep in mind that for some applications the chosen parameters will not be safe enough. I think the 1000 iterations is really a minimum and DES was cracked long ago.

[reply]