[AccessD] Strong encryption (was: HashBytes)

jwcolby jwcolby at colbyconsulting.com
Mon Sep 17 15:13:50 CDT 2007


Thanks Gustav, I just imported this into a class in my C2DbFW3G framework,
and wrote a couple of functions to test it.  It is not particularly speedy,
taking about .75 milliseconds to encrypt / decrypt a short string "this is a
drill, this is a drill".  It scales linearly, i.e. it takes about twice as
long to do the same string appended to itself once, and three times as long
for the same string appended to itself twice.

But of course this is interpreted basic, and it does appear to work just
fine so there ya go.

John W. Colby
Colby Consulting
www.ColbyConsulting.com 
-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Gustav Brock
Sent: Monday, September 17, 2007 5:01 AM
To: accessd at databaseadvisors.com
Subject: Re: [AccessD] Strong encryption (was: HashBytes)

Hi Max

Yes, just a week ago I posted this for Arthur with a non-informative subject
(Transactions):
I've used that for mdb files sent over the Internet thus eliminating the
need for VPN or encrypted mail. I just zipped and attached the mdb files.

Here's the header info with the description of the functions:

' PC1 Cipher 128-bit key
' (c) Alexander Pukall 1991
' Can be used freely even for commercial applications '
' MS Access 97 version by
' Gustav Brock, Cactus Data ApS
' gustav at cactus.dk
'
' 2002-03-09. V1.0
'   Initial port from Visual Basic.
' 2002-06-23. V1.1
'   Code clean up and constants added.
'   Redundant code removed.
'   Modified to fully comply with VB datatypes.
'   Modified to not crash for certain passwords.
'   Modified for high speed conversion of long strings ( > 32K).
' 2002-06-24. V1.2
'   Functions added for en/decrypting to/from binary strings.

' Usage:
'   SetPassword(password) sets password prior to en/decryption.
'   GetPassword() retrieves current password.
'   StrEncrypt(DecryptedString) returns encrypted ascii string.
'   StrDecrypt(EncryptedString_ascii) returns decrypted string.
'   StrEncryptBin(DecryptedString) returns encrypted binary string.
'   StrDecryptBin(EncryptedString_binary) returns decrypted string.
'
' Encrypted ascii string is twice the length of the decrypted string.
' Encrypted ascii string contains low ascii chars from a to p only.
' Encrypted binary string is same length as the decrypted string.
' Encrypted binary string may contain any char including Chr(0).
' Password may contain any ascii char including Chr(0).
' Password is maintained in global variable strPC1Password16.

I've posted the full module previously:

http://databaseadvisors.com/pipermail/dba-tech/2005-February/003711.html 

/gustav


>>> max.wanadoo at gmail.com 15-09-2007 14:11 >>>
One more thing I would like to ask to see if anybody can help.

With MD5 you can create a hashkey but cannot get the original word back out
of the hash.  

This is fine, but I have a situation where I need a strong encryption (like
that provided by MD5) but I need to get the orignal back again.  

The case in point is storing SMTP details for different employees so that
they can send emails off using CDO.  Their specific email addresses are
stored in a table and their account passwords are encrypted, but at the
moment when sending the Email I have to prompt them for their password
before the email can be sent via their account. If the password could be
encrypted in the table and then auto-decrypted when sending the email then
it would all go through seamlessly.

Does anybody know of an encryption/decryption device that would suit this?
Thanks
Max


--
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com




More information about the AccessD mailing list