?
Solved

Encrypt & Decrypt password

Posted on 2005-03-06
18
Medium Priority
?
728 Views
Last Modified: 2012-06-27
hi!,  i'd like to know how can i encrypt & decrypt string in visual c++ 6.0, please provide me sample routine or reference.
0
Comment
Question by:nolram
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 2
  • +2
18 Comments
 
LVL 84

Expert Comment

by:ozo
ID: 13474788
0
 
LVL 44

Expert Comment

by:Arthur_Wood
ID: 13475810
How secure does the encryption need to be.  The algorithms suggested by ozo, while being very secure, and also very involved.  A very simple, and yet also reasonably secure encryption technique is known as XOR encryption (XOR for the Logical operation Exclusive OR).  The process is completely symmetric, meaning that to Encrypt a value, you XOR the Key with the value to be encrypted, which produces the ENCRYPTED result.  To decrypt the ENCRYPTED value, you again XOR the ENCRYPTED result with the Key, and you get the Original value back again.

AW
0
 
LVL 84

Expert Comment

by:ozo
ID: 13475917
perhaps in the sense of
A very simple, and yet also "not excessive or extremely" secure encryption technique
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 44

Expert Comment

by:Arthur_Wood
ID: 13476075
ozo>> depends on how it is implemented.  I used a 'trick', using the Users UserName as the encryption Key, which has the effect of creating a DIFFERENT KEY for every user, and this is very close to using a One-Time Pad, which is UNCRACKABLE.

AW
0
 
LVL 84

Expert Comment

by:ozo
ID: 13476171
An uncrackable One-Time Pad requires a *random* key of the same length as the plaintext.
UserName tends not to be very random.
0
 
LVL 44

Expert Comment

by:Arthur_Wood
ID: 13477287
true, but as I said, it is 'very close', since the algorithm is NOT identified as a 'one time pad', and each user does in fact have a UNIQUE user name, and if the username is shorter than the plaintext, I simply concatenate the username as many times as needed to create a key that IS as long as the plain text.

And since someone trying to crack the encryption is not aware of the algorithm in use, cracking it is essentially impossible.

AW
0
 
LVL 44

Expert Comment

by:Arthur_Wood
ID: 13477319
ozo>> also, in the application where I used this, there was only a single field (it happened to be a Creadit Card Number) that needed to be encrypted for each user, so there were not multiple encrypted fields ion play for a potential cracker to try out various algorithms against.

AW
0
 
LVL 84

Expert Comment

by:ozo
ID: 13484010
concatenating a key  as many times as needed to create a key that IS as long as the plain text is one of the common misuses of 'one time pad' that have opened the door to many cracks.
I'm sure there are many applications where XORing with a repeating user name is adequate, but Creadit Card Number protection is not one I would count among them.
0
 
LVL 44

Expert Comment

by:Arthur_Wood
ID: 13490966
ozo, I might agree with you in the general case, but the situation was that the application was on a secure PC, in the Pentagon, nn Washington DC, and the PC was NOT accessible from the outside.  So the approach was sufficient for the situation.

AW
0
 
LVL 44

Expert Comment

by:Arthur_Wood
ID: 13490974
Notice that we have been talking to ourselves, and the original asker is nowhere to be found.  Perhaps we should wait until he/she deems it necesary to make himself/herself heard.

AW
0
 

Author Comment

by:nolram
ID: 13493373
sorry guys i did not mean my question will turn into an argument, i just want to know or have a simple routine for encrypting or decrypting user password, i'd seen a routine before, which i can not found right now, i think its name is encryptor?, i tried to consult experts in experts exchange if ever you have this.

sorry again and thanks again.
0
 
LVL 84

Expert Comment

by:ozo
ID: 13493455
user passwords are usually hashed with a one way function that cannot be decrypted, only compared to see if you had the right password.
What exactly do you want to do with this routine?
If you are looking for a specific routine, "encryptor" is a pretty common name.
You might try googleing for it and see if you can recognise which one you want.
0
 
LVL 1

Expert Comment

by:dr_country
ID: 13983173
If you are looking for something simple you can use a Caesar cipher. Use arrays of all the alphabetical characters, number, special characters, etc. For example,

char upper[] = {'A','B','C',......'Z'};
char lower[] = {'a','b','c',.......'z'};
char number[] = {'0','1','2',....'9'};
char special[] = {'@','~','_',.........};

then call encrypt(int key)

char* encrypt(char *theString, int key)
{
   char temp;
   char *output;

   if(theString != NULL)
   {
       for(int i=0; i<theStringLength; i++)
       {
             temp = theString[i];

            if( temp == 'A' || temp == 'B' || ..... || temp == 'Z')
              {

                  for(int j = 0; j<upperLength; j++)
                      {
                          if(temp == punctuation[j])
                             {
                                int ctext = ((j + key)%upperLength);
                                if(ctext < 0) ctext += upperLength;
                                temp = punctuation[ctext];
                                break;
                              }
                      }
              }
     
pretty much do the same thing for all your arrays and then
at the end add each encrypted character to your new array:

    output[i] = temp;

}//end of for loop

return output;
}

The second parameter, int key, is the number that will be used to shuffle around, or number of spaces to move so your decrypt function should use the same key and do the inverse of the encrypt function. Hope it helps.
                   
             
0
 
LVL 1

Expert Comment

by:dr_country
ID: 14048876
I guess this is what you were looking for? No more questions?
0
 

Author Comment

by:nolram
ID: 14057565
hi! thanks for all ur reply, i found and apply this hashing of password using MD5, http://www.codeguru.com/Cpp/Cpp/algorithms/article.php/c5087 , Implementing MD5 algorithm
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 14250880
PAQed with points refunded (100)

modulo
Community Support Moderator
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will learn different types of Android Layout and some basics of an Android App.
Q&A with Course Creator, Mark Lassoff, on the importance of HTML5 in the career of a modern-day developer.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
Simple Linear Regression
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question