One advantage to hashing is that it's easy to implement, because you don't have to fight with keys. It's also very handy to use for password scenarios, because you just store the hash and then rehash (no pun intended) the user's password each time they authenticate, then compare the new hash with your stored original. But you can accomplish the same things with encryption, so it's up to you I suppose.
> -----Original Message----- > From: Doug Arthur [mailto:[EMAIL PROTECTED] > Sent: Wednesday, May 03, 2006 12:52 PM > > Thanks for all the feedback so far and with all things said, > here's more > from me: > > I realize that they are different. I'm just not clear as to > my decision on > which route to take, personally and professionally. I've also > heard stories > of Hash values still being able to be cracked on a comparison > basis, because > when you get down to the logic, all the hacker cares is if their value > matches yours. With that said, I understand AES to be the > only grade of > encryption accepted by the military and government, and that's why I'm > questioning some of this... If AES is so strong, and you have > a proper Key > management system (which I can safely say I do) then is there > any reason to > use Hash? I just don't want to overlook hashing values > because of a personal > interest in AES if there's no reason to overlook it. > > P.S: My Key Management process is setup in several fashions/options. > 1. You can pass in a sharedKey, which is the key that can > encrypt & decrypt > the data. (results in only shared key specified.) > 2. You can not pass in any key and it will genereate a > privateKey to decrypt > the data. (results in only a private key) > 3. You can pass in a publicKey and a flag to encryptKey, > which will encrypt > the publicKey to create a privateKey, which encrypts the data > using the > privateKey. (results in public & private key's) > 4. You can not pass in any key and pass in a fag to > encryptKey, which will > generat a publicKey and encrypt it all the same as in option. > (still in > consideration) > > Lastly, an important factor in Key Management is encrypting > the keys used to > decrypt data, and seperating them fractionally. > > Anyone with good encryption knowledge, please put your input here. I'd > really like to know what I'm doing right/wrong, but have a > hard to finding > others that completely understand. This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. A1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:239426 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
