[AccessD] Strong encryption (was: HashBytes)

Gustav Brock Gustav at cactus.dk
Tue Sep 18 04:36:44 CDT 2007 

Hi John and Borge

I would expect a linear relation between string length and conversion time.
And it is right, speed is not impressive due to the many calculations that have to be done. 
To gain real speed, an DLL or OCX would be needed like this commercial tool:

http://www.chilkatsoft.com/crypt-activex.asp 

Perhaps someone could try to create an DLL in .Net? As far as I know, .Net contains a class for several types of encrypting, so it should be straight forward to carry out ...

/gustav

>>> pcs at azizaz.com 18-09-2007 04:54 >>>
John,
I saw that Gustav had modified the code:
"'   Modified for high speed conversion of long strings ( > 
32K)."

Curious if you have any test data for big chunks of strings?

Regards
Borge


---- Original message ----
>Date: Mon, 17 Sep 2007 16:13:50 -0400
>From: "jwcolby" <jwcolby at colbyconsulting.com>  
>Subject: Re: [AccessD] Strong encryption (was: HashBytes)  
>To: "'Access Developers discussion and problem solving'" 
<accessd at databaseadvisors.com>
>
>Thanks Gustav, I just imported this into a class in my 
C2DbFW3G framework,
>and wrote a couple of functions to test it.  It is not 
particularly speedy,
>taking about .75 milliseconds to encrypt / decrypt a short 
string "this is a
>drill, this is a drill".  It scales linearly, i.e. it takes 
about twice as
>long to do the same string appended to itself once, and 
three times as long
>for the same string appended to itself twice.
>
>But of course this is interpreted basic, and it does appear 
to work just
>fine so there ya go.
>
>John W. Colby
>Colby Consulting
>www.ColbyConsulting.com 
>-----Original Message-----
>From: accessd-bounces at databaseadvisors.com 
>[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of 
Gustav Brock
>Sent: Monday, September 17, 2007 5:01 AM
>To: accessd at databaseadvisors.com 
>Subject: Re: [AccessD] Strong encryption (was: HashBytes)
>
>Hi Max
>
>Yes, just a week ago I posted this for Arthur with a non-
informative subject
>(Transactions):
>I've used that for mdb files sent over the Internet thus 
eliminating the
>need for VPN or encrypted mail. I just zipped and attached 
the mdb files.
>
>Here's the header info with the description of the 
functions:
>
>' PC1 Cipher 128-bit key
>' (c) Alexander Pukall 1991
>' Can be used freely even for commercial applications '
>' MS Access 97 version by
>' Gustav Brock, Cactus Data ApS
>' gustav at cactus.dk 
>'
>' 2002-03-09. V1.0
>'   Initial port from Visual Basic.
>' 2002-06-23. V1.1
>'   Code clean up and constants added.
>'   Redundant code removed.
>'   Modified to fully comply with VB datatypes.
>'   Modified to not crash for certain passwords.
>'   Modified for high speed conversion of long strings ( > 
32K).
>' 2002-06-24. V1.2
>'   Functions added for en/decrypting to/from binary 
strings.
>
>' Usage:
>'   SetPassword(password) sets password prior to 
en/decryption.
>'   GetPassword() retrieves current password.
>'   StrEncrypt(DecryptedString) returns encrypted ascii 
string.
>'   StrDecrypt(EncryptedString_ascii) returns decrypted 
string.
>'   StrEncryptBin(DecryptedString) returns encrypted binary 
string.
>'   StrDecryptBin(EncryptedString_binary) returns decrypted 
string.
>'
>' Encrypted ascii string is twice the length of the 
decrypted string.
>' Encrypted ascii string contains low ascii chars from a to 
p only.
>' Encrypted binary string is same length as the decrypted 
string.
>' Encrypted binary string may contain any char including Chr
(0).
>' Password may contain any ascii char including Chr(0).
>' Password is maintained in global variable 
strPC1Password16.
>
>I've posted the full module previously:
>
>http://databaseadvisors.com/pipermail/dba-tech/2005- 
February/003711.html 
>
>/gustav
>
>
>>>> max.wanadoo at gmail.com 15-09-2007 14:11 >>>
>One more thing I would like to ask to see if anybody can 
help.
>
>With MD5 you can create a hashkey but cannot get the 
original word back out
>of the hash.  
>
>This is fine, but I have a situation where I need a strong 
encryption (like
>that provided by MD5) but I need to get the orignal back 
again.  
>
>The case in point is storing SMTP details for different 
employees so that
>they can send emails off using CDO.  Their specific email 
addresses are
>stored in a table and their account passwords are 
encrypted, but at the
>moment when sending the Email I have to prompt them for 
their password
>before the email can be sent via their account. If the 
password could be
>encrypted in the table and then auto-decrypted when sending 
the email then
>it would all go through seamlessly.
>
>Does anybody know of an encryption/decryption device that 
would suit this?
>Thanks
>Max
>
>
>--
>AccessD mailing list
>AccessD at databaseadvisors.com 
>http://databaseadvisors.com/mailman/listinfo/accessd 
>Website: http://www.databaseadvisors.com 
>
>-- 
>AccessD mailing list
>AccessD at databaseadvisors.com 
>http://databaseadvisors.com/mailman/listinfo/accessd 
>Website: http://www.databaseadvisors.com 
-- 
AccessD mailing list
AccessD at databaseadvisors.com 
http://databaseadvisors.com/mailman/listinfo/accessd 
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list