|
I don’t think there’s a like
for like comparison to be made here. If you don’t need to know the
original string I would use a hashing algorithm like MD5 or SHA1, ideal for
passwords where you simply compare the hashed values. If you need to get
at the original values a then you should consider encryption using AES or other
algorithms. Encryption in web applications has its
drawbacks as the encryption key normally has to be stored on the web server, so
an attacker that compromises the system could quite easily decrypt your
information. Cheers, Chris From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Doug Arthur I know this is WAY off topic, but I know there are a lot of intelligent
people here. I just wanted to get people's input on AES Encryption vs. Hashing a
value. I know that AES is the only government approved encryption method as
it's the strongest. But what are some feelings about using Hash instead? My new
job I started uses nothing but Hash, and I've always been a custom to AES
Encryption with a routine I developed a while back. I'm wondering if it's worth
while trying to make a change, or just leave things as is. Thanks! Sorry again for being this far off topic. -- Reactor for ColdFusion Mailing List -- |
- [Reactor For CF] Extremely OT: AES Encryption vs Hash Doug Arthur
- RE: [Reactor For CF] Extremely OT: AES Encryption vs ... Chris Blackwell
