encryption question
- From: "Rael" <rael@xxxxxxxxxx>
- Date: Tue, 29 Jan 2008 17:28:59 +0200
Hi,
I would like to use an encryption method where no record of the secret key
is kept. (If the correct key is supplied the data will be unencrypted
correctly otherwise a meaningless stream will be returned.)
But how to know if the user has entered the correct password?
If I keep a "test" string stored somewhere, where I know what this string
value should be when unencrypted, will this comprimise security? IOW, if a
hacker has access to an encrypted string and knows what the unencrypted
value of this string is, can he work out the secret key?
I would like to know if the answer to this question depends on algorithm
used (i.e. public/private key pair or straightforward encryption
(blowfish?)). I will probably be using an encryption method from freeware
components streamsec or DCPCrypt.
Thanks alot to any advice,
Rael
.
- Follow-Ups:
- Re: encryption question
- From: SiegfriedN
- Re: encryption question
- From: Dave Hackett
- Re: encryption question
- From: SiegfriedN
- Re: encryption question
- From: Ivan
- Re: encryption question
- From: Henrick Hellström
- Re: encryption question
- From: yannis
- Re: encryption question
- Prev by Date: Re: AnyDAC 2.0 is now available for pre-order
- Next by Date: dialog box at sign in...anyone know of a component to do this
- Previous by thread: Making flash displays
- Next by thread: Re: encryption question
- Index(es):
Relevant Pages
|
