[AccessD] RC1 encryption - was Re: Field Level AES Encryption

jwcolby jwcolby at colbyconsulting.com
Fri Apr 29 10:30:05 CDT 2011


Well... I am thinking it is waaaaay more secure than that.

John W. Colby
www.ColbyConsulting.com

On 4/29/2011 11:14 AM, jm.hwsn wrote:
> Which is the similar to using the strConv function in Access to store the
> data in Unicode.
> It's unreadable but not really secure.
> Thanks,
> Jim
>
> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com
> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Gustav Brock
> Sent: Friday, April 29, 2011 10:08 AM
> To: accessd at databaseadvisors.com
> Subject: [AccessD] RC1 encryption - was Re: Field Level AES Encryption
>
> Oops John, you missed my follow-up message:
>
> ---
> Hi all
>
> I was told by one who knows more about encryption than me, Dave Howe, that:
>
> <quote>
> PC-1 is an important part of the DES algorithm, used to prescramble the bit
> ordering on the key (and remove the parity bits) before starting the first
> round of the non-invertible s-boxes. These are also left-rotated between
> each round (by 1 or 2 bits, in a non-regular pattern) to form what is
> commonly called a "key schedule" or "subkey array".
>
> However your module is not using DES/PC-1, but "Pukall Code #1" which is a
> code Alexander Pukall designed himself - and which is widely regarded as
> insecure. Pukall shouldn't really have chosen the same name as the DES key
> schedule, as it does tend to cause confusion.
> </quote>
>
> So, as a general warning, the code is fine for making clear text
> non-readable but should not be used for true encryption.
> ---
>
> /gustav
>
>
>>>> jwcolby at colbyconsulting.com 29-04-2011 17:00>>>
> Thanks to Gustav.  this is encryption, not hashing.
>
> Option Compare Database
> Option Explicit
>
> ' PC1 Cipher 128-bit key
> ' (c) Alexander Pukall 1991
>
>
>



More information about the AccessD mailing list