[AccessD] Strong encryption (was: HashBytes)

Gustav Brock Gustav at cactus.dk
Sun Mar 2 02:55:18 CST 2008 

Hi all

I was told by one who knows more about encryption than me, Dave Howe, that:

<quote>
PC-1 is an important part of the DES algorithm, used to prescramble the bit ordering on the key (and remove the parity bits) before starting the first round of the non-invertible s-boxes. These are also left-rotated between each round (by 1 or 2 bits, in a non-regular pattern) to form what is commonly called a "key schedule" or "subkey array".

However your module is not using DES/PC-1, but "Pukall Code #1" which is a code Alexander Pukall designed himself - and which is widely regarded as insecure. Pukall shouldn't really have chosen the same name as the DES key schedule, as it does tend to cause confusion.
</quote>

So, as a general warning, the code is fine for making clear text non-readable but should not be used for true encryption.

/gustav

>>> Gustav at cactus.dk 17-09-2007 11:01 >>>
<snip>
Here's the header info with the description of the functions:

' PC1 Cipher 128-bit key
' (c) Alexander Pukall 1991
' Can be used freely even for commercial applications
'
' MS Access 97 version by
' Gustav Brock, Cactus Data ApS
' gustav at cactus.dk 
'
' 2002-03-09. V1.0
'   Initial port from Visual Basic.
' 2002-06-23. V1.1
'   Code clean up and constants added.
'   Redundant code removed.
'   Modified to fully comply with VB datatypes.
'   Modified to not crash for certain passwords.
'   Modified for high speed conversion of long strings ( > 32K).
' 2002-06-24. V1.2
'   Functions added for en/decrypting to/from binary strings.

' Usage:
'   SetPassword(password) sets password prior to en/decryption.
'   GetPassword() retrieves current password.
'   StrEncrypt(DecryptedString) returns encrypted ascii string.
'   StrDecrypt(EncryptedString_ascii) returns decrypted string.
'   StrEncryptBin(DecryptedString) returns encrypted binary string.
'   StrDecryptBin(EncryptedString_binary) returns decrypted string.
'
' Encrypted ascii string is twice the length of the decrypted string.
' Encrypted ascii string contains low ascii chars from a to p only.
' Encrypted binary string is same length as the decrypted string.
' Encrypted binary string may contain any char including Chr(0).
' Password may contain any ascii char including Chr(0).
' Password is maintained in global variable strPC1Password16.

I've posted the full module previously:

http://databaseadvisors.com/pipermail/dba-tech/2005-February/003711.html 

/gustav

More information about the AccessD mailing list