Live Journal about blowfish |

Recent Posts

Best links

Web Hosting Reviews

    • Understanding Encryption

    | Under Live Jounal

    To ensure that your private data stays private, CrashPlan encrypts your files before transport, with no dependency on destination or Internet security. CrashPlan+ / CrashPlan PRO uses 448-bit Blowfish encryption; CrashPlan (the free version) uses 128-bit Blowfish, the same 128-bit encryption that online banking and most businesses use.

    “128” and “448” refer to the length of the encryption key. The longer the key, the harder it is to decrypt data.

    Blowfish is an encryption algorithm. It’s a freely available, documented and open method of encrypting data. Being Open is very important, because it means that it uses public processes that can be tested by everyone and as a result, proven to be secure. Blowfish was invented by a security expert named Bruce Schneier.

    We escrow the encryption key to protect you in case your computer is lost or stolen. Because only you (the customer) knows the private password, no one else can restore your files. In the event that you need to reinstall CrashPlan, your configuration settings are pulled from our server, including your locked encryption key.

    CrashPlan’s servers maintain this encryption key, so it is transferred securely with the same encryption technology used to encrypt data during backup. The encryption is stored as part of your CrashPlan configuration settings and in the archive.

    Considerations

    • Your private key is never cached or stored on any remote location. It is stored on the source computer that is being backed up. Your data is encrypted with the key on the source computer, so that CrashPlan can back up without prompting.
    • CrashPlan uses the same key for restoring files.
    • Unless you replace the archive encryption key with your own private key, the encryption key doesn’t change. This means that you can still restore versions of files associated with the original password. If you change your password, CrashPlan locks the encryption key with the new password.
    • Your private password or private key is never sent to CrashPlan, and therefore CrashPlan Support cannot obtain the password or key for you if you lose it. You won’t be able to restore the data that has already been backed up without the private password, and you will need to restart your backup from scratch.
    • If you really must downgrade your security, you will have to create a new account and start over. If you want to does this under the same email address, email support to disable your account.

    The crypt () Function

    | Under Live Jounal
    In PHP we can use the crypt () function to create one way encryption. This means that the data is encrypted but cannot easily be decrypted. Although at first glance that may seem useless, it is actually very useful when working with passwords.When a user chooses their password, the password is then encrypted and the encrypted version of this password is saved. The next time the user goes to login, their password is encrypted again and then checked against the already saved (encrypted) version to see if they are the same. This way if the data is intercepted, they only ever see the encrypted version.

    The crypt function is phrased as: crypt ( input_string, salt)

    In this case input_string is the string you would like to encrypt (your password for example,) and salt is an optional parameter that influences how the encryption will work. PHP by default uses a two character DES salt string. If your system standard is MD5, a 12-character salt string is used.

    The following are the four types of salt that work with all crypt () functions.

    CRYPT_STD_DES – Standard DES-based encryption with a two character salt
    CRYPT_EXT_DES – Extended DES-based encryption with a nine character salt
    CRYPT_MD5 – MD5 encryption with a twelve character salt starting with $1$
    CRYPT_BLOWFISH – Blowfish encryption with a sixteen character salt starting with $2$ or $2a$

    Now let’s see what actually happens when we use crypt ()

    <?php
    $password = crypt(‘mypassword‘);
    print $password . “ is the encrypted version of mypassword”;
    ?>

    This will output the encrypted version of ‘mypassword’ for you to see. Now let’s try it using different types of salt.

    <?php
    $password = crypt(‘mypassword’ , ‘d4′);
    print $password . ” is the CRYPT_STD_DES version of mypassword<br>”;
    $password = crypt(‘mypassword’ , ‘k783d.y1g’);
    print $password . ” is the CRYPT_EXT_DES version of mypassword<br>”;
    $password = crypt(‘mypassword’ , ‘$1$d4juhy6d$’);
    print $password . ” is the CRYPT_MD5 version of mypassword<br>”;
    $password = crypt(‘mypassword’ , ‘$2a$07$kiuhgfslerd………..$’);
    print $password . ” is the CRYPT_BLOWFISH version of mypassword<br>”;
    ?>

    This will output something like this:

    d4/qPbCcJ5tD. is the CRYPT_STD_DES version of mypassword
    k7xEagYCDPPSc is the CRYPT_EXT_DES version of mypassword
    $1$d4juhy6d$a.jIPYnvne1FWF2V6mGQR0 is the CRYPT_MD5 version of mypassword
    $2a$07$kiuhgfslerd………..6k0kSI76CqJ/RWGnSp9MWRDF91gJZfW is the CRYPT_BLOWFISH version of mypassword

    As long as you always use the same salt the encrypted password should always be the same, making it a good solution for password storage.


    « Previous Entries
    Next Entries »