encryption wonderment

[Lloyd Dupont]

In our application we have an encrypted datafile.
To be a bit user friendly I had an encryption test at the begining of the
file.
I put the encrypted value of an 8 bytes known array. (the crypting algo uses
8 bytes block of data)

so I could test a user password to see if it encrypt the same way as the
real password.

I wonder if this doesn't decrease the security a bit?

What could I do?

I just think I could put only 4 bytes, enabling me to check, but not being
completely accurate.
any other ideas? thoughts?

 

[Robert Jordan]

In our application we have an encrypted datafile.
To be a bit user friendly I had an encryption test at the begining of the
file.
I put the encrypted value of an 8 bytes known array. (the crypting algo uses
8 bytes block of data)

so I could test a user password to see if it encrypt the same way as the
real password.

I wonder if this doesn't decrease the security a bit?

It's theoretically decreasing the security.

What could I do?

I just think I could put only 4 bytes, enabling me to check, but not being
completely accurate.

I'd put a MD5 or SHA1 hash of the passwort instead. When
the user types his password again, you build the hash
and compare it with the stored value.

bye
Rob

 

[Lloyd Dupont]

good idea, thanks for that!

It's theoretically decreasing the security.


I'd put a MD5 or SHA1 hash of the passwort instead. When
the user types his password again, you build the hash
and compare it with the stored value.

bye
Rob