encrypting and decrypting with perl

Discussion in 'Perl Misc' started by Marshall Dudley, Jan 27, 2005.

  1. I have an application where I need to encrypt a bit of text, and then I
    need to be able to decrypt it using a customer's key. I want to make
    sure that the key to decrypt is NOT on the server anywhere, so hackers
    cannot get the decrypt key, which means I cannot use a symetrical key
    pair since the encryption key will need to be on the server.

    What I need is more like a public key cypher. But I want the customer
    to be able to create his own private unencrypt key (like a password),
    and then the server generates the public encrypt key from that. I do
    not want the customer to have to enter a 128 or 1028 byte sequence each
    time he executes the program, but to be able to enter a password he can
    remember or have written down.

    This is what I want.

    1. When customer signs up, he enters a password. The password is NOT
    stored on the system, but is used to generate a nonsymetrical encryption
    key, which is stored on the server.
    2. Sensitive information is encrypted using the encryption key.
    3. When the customer wants to see the sensitive information, he has to
    log in, using the password he supplied in #1, and this is the decryption
    key for the information. This password is never stored on the server,
    but only passed from session to session with an ssl connection.

    Are there any libraries that allow a nonsymetrical key pair, where the
    encryption key can be generated from the decryption key that the
    customer supplies?

    Thanks,

    Marshall
    Marshall Dudley, Jan 27, 2005
    #1
    1. Advertising

  2. Marshall Dudley wrote:

    > I have an application where I need to encrypt a bit of text, and then I
    > need to be able to decrypt it using a customer's key. I want to make
    > sure that the key to decrypt is NOT on the server anywhere, so hackers
    > cannot get the decrypt key, which means I cannot use a symetrical key
    > pair since the encryption key will need to be on the server.


    So the obvious choice would be PGP. There's a module on CPAN with
    "Crypt" and "PGP" in the name that may help.

    > What I need is more like a public key cypher. But I want the customer
    > to be able to create his own private unencrypt key (like a password),
    > and then the server generates the public encrypt key from that. I do
    > not want the customer to have to enter a 128 or 1028 byte sequence each
    > time he executes the program, but to be able to enter a password he can
    > remember or have written down.


    Sounds very like the way PGP operates to me.

    > This is what I want.
    >
    > 1. When customer signs up, he enters a password. The password is NOT
    > stored on the system, but is used to generate a nonsymetrical encryption
    > key, which is stored on the server.
    > 2. Sensitive information is encrypted using the encryption key.
    > 3. When the customer wants to see the sensitive information, he has to
    > log in, using the password he supplied in #1, and this is the decryption
    > key for the information. This password is never stored on the server,
    > but only passed from session to session with an ssl connection.


    There should be no problem doing that with PGP. Of course the password
    may get stored in your swap-file.

    > Are there any libraries that allow a nonsymetrical key pair, where the
    > encryption key can be generated from the decryption key that the
    > customer supplies?


    Forget libraries, I'm not aware of any PK _algorithm_ that would allow
    that. All the PK algorithms I know create a key _pair_ in a single
    operation and it is just about as hard to go from the private key to the
    public as the other way.

    However there is no need in anything you've said you want to achieve to
    generate the encryption from the decryption key. Simply store the
    encryption key (which is public after all) in step 1.

    This, of course, has nothing to do with Perl.
    Brian McCauley, Jan 27, 2005
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Marshall Dudley

    encrypting and decrypting with perl

    Marshall Dudley, Jan 27, 2005, in forum: Perl
    Replies:
    1
    Views:
    741
    Brian McCauley
    Jan 27, 2005
  2. VB Programmer

    Encrypting/Decrypting Connection String

    VB Programmer, Nov 29, 2004, in forum: ASP .Net
    Replies:
    3
    Views:
    7,614
    Sahil Malik
    Nov 30, 2004
  3. Replies:
    35
    Views:
    50,824
    Chris Uppal
    Nov 9, 2005
  4. dfa_geko
    Replies:
    3
    Views:
    382
    dfa_geko
    Apr 6, 2007
  5. Andy Chau
    Replies:
    7
    Views:
    210
    Andy Chau
    Oct 5, 2003
Loading...

Share This Page