Encoding / decoding strings

[oliver]

Hey Everyone,

Was just wondering if anyone here could help me. I want to encode (and
subsequently decode) email addresses to use in URLs. I believe that
this can be done using MD5.

I can find documentation for encoding the strings, but not decoding
them. What should I do to encode =and= decode strings with MD5?

Many Thanks in Advance,
Oliver Beattie

 

[Jon Clements]

Hey Everyone,

Was just wondering if anyone here could help me. I want to encode (and
subsequently decode) email addresses to use in URLs. I believe that
this can be done using MD5.

I can find documentation for encoding the strings, but not decoding
them. What should I do to encode =and= decode strings with MD5?

Many Thanks in Advance,
Oliver Beattie

Depends what you mean by "encode email addresses to use in URLs". MD5
is a cryptographic one-way hash function; it creates a 'finger print'
of the input data: given this, it's impossible to reproduce the
original input.

Is this what you're looking for?
'some.persons%40somedomain.com'

hth
Jon.

 

[Diez B. Roggisch]

Hey Everyone,

Was just wondering if anyone here could help me. I want to encode (and
subsequently decode) email addresses to use in URLs. I believe that
this can be done using MD5.

Are you by chance after a way to create URLs that contain an email which the
server then can extract from them, and this to be tamperproof?

There are several ways to accomplish this - your MD5-suggestion is applyable
when working with a simple secret and by creating an additional parameter.

If you e.g. want an url like this to be secure

http://some.server/path?user_to_register=email@address

you use a secret, and hash the parameters together with the secret using
MD5. The result is then something like

http://some.server/path?user_to_register=email@address&key=<md5sum>

Then in the server, you perform the same step as above, without the key of
course, and simply check if the MD5-sums are equal.


Anything else requires the use of a encryption algorithm like blowfish or
whatnot, either symetric or public key - I'm not an expert on that though.

Diez

 

[oliver]

Basically, I want to encode an email address so that it looks something
like 8d2e23c0a835598510c88a758c6b215a - this way the user does not know
the email address they are looking at. They are public-facing views and
they are to get info about other users, therefore anonymity is
important.

Any suggestions?

 

[Marc 'BlackJack' Rintsch]

In <[email protected]>,

Basically, I want to encode an email address so that it looks something
like 8d2e23c0a835598510c88a758c6b215a - this way the user does not know
the email address they are looking at. They are public-facing views and
they are to get info about other users, therefore anonymity is
important.

Any suggestions?

Don't deliver encoded e-mail addresses to other users. They might decode
them and the anonymity is gone.

What exactly are you trying to do? Why should users see encrypted e-mail
addresses of others?

Ciao,
Marc 'BlackJack' Rintsch

 

[oliver]

In <[email protected]>,


Don't deliver encoded e-mail addresses to other users. They might decode
them and the anonymity is gone.

What exactly are you trying to do? Why should users see encrypted e-mail
addresses of others?

Ciao,
Marc 'BlackJack' Rintsch

Basically, what I am trying to do is display all comments by a
specified user on the website. As the only thing which has =always=
been used to identify users which never changes is their e-mail
addresses, this is the only thing which I can use. Obviously, I can't
display this e-mail address though.

 

[Marc 'BlackJack' Rintsch]

In <[email protected]>,

Basically, what I am trying to do is display all comments by a
specified user on the website. As the only thing which has =always=
been used to identify users which never changes is their e-mail
addresses, this is the only thing which I can use. Obviously, I can't
display this e-mail address though.

Associate a unique random number or string with each e-mail address and
use this outside the server to identify users. An MD5 hash of the
mail address might be a good candidate for such a string but then it's
possible for attackers to verify if someone they know the address of, has
made specific comments. So part of the anonymity is gone then.

Ciao,
Marc 'BlackJack' Rintsch

 

[Paul Rubin]

Basically, what I am trying to do is display all comments by a
specified user on the website. As the only thing which has =always=
been used to identify users which never changes is their e-mail
addresses, this is the only thing which I can use. Obviously, I can't
display this e-mail address though.

Assign a unique number to each user in the system, and use the number.
Email addresses aren't necessarily stable since users should be able
to change their email addresses.

If you really want to use a hash, use the hmac module:

import hmac
hash = hmac.new('swordfish', '(e-mail address removed)').hexdigest()

where instead of swordfish you'd use some random constant string that
you keep secret. The secrecy stops attackers from figuring out
whether a given address has a specific hash per Mark Rintsch's
comment. You'll still have to main a table mapping hashes back to
addresses, since the hashes are not reversable.

If you HAVE to have reversible encryption, you could use

http://nightsong.com/phr/crypto/p3.py

note that the string you get is binary and is longer than the input
string even before you encode it to printing chars. Note also that it
reveals the length of its input.

To generate a random string, use os.urandom:

import os, binascii
secret_string = binascii.hexlify(os.urandom(16))

you'd then embed the secret string in your program or database. You
then face the problem of keeping it secret, which is not trivial.

Overall you're better off just assigning ID numbers to users like most
BBS's do.

 

[Steven D'Aprano]

Basically, what I am trying to do is display all comments by a
specified user on the website. As the only thing which has =always=
been used to identify users which never changes is their e-mail
addresses,

What are you talking about? I've changed my email address a dozen times
on many mailing lists and websites. I'm still me.

this is the only thing which I can use. Obviously, I can't
display this e-mail address though.

There is nothing obvious about that all all. Email addresses are usually
public. But okay, your users aren't expecting their email address to be
public.

Why not do what many jails do with prisoners? Everybody gets a unique
number. In your case, just walk through the database of users, giving
each one a number. You can't reverse engineer the email address from the
number without breaking into the database. Then your website can refer to
them as "Prisoner 123456789" which should be good for a few laughs.

Or simply take the username part of the address. So "(e-mail address removed)"
would become "fred". Then "(e-mail address removed)" would become "fred1", and so
forth.

Obviously you don't try to generate the username from the email address
every single time, you do it once, and keep a list of used usernames so
that when "(e-mail address removed)" joins you know "fred" and "fred1" are both used
and he has to be "fred2".

md5 checksums can now be broken, in both directions: it is relatively
easy to generate collisions, and there are reverse md5 lookup tables.
I imagine your use of md5 would be especially easy to attack, since the
attacker knows that the string is an email address.