The authentication system for an application we're using right now uses a two-way hash that's basically little more than a glorified caesar cypher. Without going into too much detail about what's going on with it, I'd like to replace it with a more secure encryption algorithm (and it needs to be done server-side). Unfortunately, it needs to be two-way and the algorithms in hashlib are all one-way.
What are some good encryption libraries that will include algorithms for this kind of thing?
-
If it's two-way, it's not really a "hash". It's encryption (and from the sounds of things this is really more of a 'salt' or 'cypher', not real encryption.) A hash is one-way by definition. So rather than something like MD5 or SHA1 you need to look for something more like PGP.
Secondly, can you explain the reasoning behind the 2-way requirement? That's not generally considered good practice for authentication systems any more.
Jason Baker : It's because a vendor-provided application has strange requirements for external authentication. But you've convinced me that we need to work with that vendor to find a better way. -
I assume you want an encryption algorithm, not a hash. The PyCrypto library offers a pretty wide range of options. It's in the middle of moving over to a new maintainer, so the docs are a little disorganized, but this is roughly where you want to start looking. I usually use AES for stuff like this.
DNS : I got voted down? I'm pretty sure this is exactly what he is looking for.Jarret Hardie : +1: I can't see any reason you would be voted down for this either.S.Lott : +1: not an assumption, a matter of definition. A two-way hash is broken. -
PyCrypto supports AES, DES, IDEA, RSA, ElGamal, etc.
I've found the documentation here.
0 comments:
Post a Comment