Encryption request

[Marcus Bointon]

on 23/1/03 22:05, Ruslan Zasukhin at sunshine at public.kherson.ua wrote:

> Right now I have add Encode/Decode functions based on Blowfish.
> Where MD5 is better ?

They're quite different. MD5 is a hash, Blowfish is encryption. However much
data you put into MD5, you will always get exactly 32 characters out,
whether it's 1 char or 100Mb of image data. For a given input dataset, you
will always get the same MD5. As Ramin said, this is what makes it good for
comparing large data items, especially if you have pre-calculated their
MD5s, and is why it's commonly referred to as a digest - it's like a short
compiled version of a document, but not the actual document itself (and is
of course usually much smaller). The theory is that any change (even a 1-bit
change in a 100Mb image) will result in a completely different MD5 value, so
it can be used to safely tell whether a file has changed rather than
comparing two whole 100Mb datasets byte for byte. It's also very fast - my
OpenBSD server can calculate MD5s at about 70Mb/sec, and that's only a
Duron/800. It's commonly used as a signature to tell if files have been
modified or corrupted during download - a pre-calculated MD5 is made
avaialebl along with the downloaded file, you then calculate your own MD5
and see if it matches the downloaded one, if so, you can be pretty sure the
file was not corrupted or changed in the transfer.
Probably the most common use for MD5 is in handling passwords. The idea is
that you never store the actual password (so it can't be "leaked"), but
store its MD5 instead, then when a user enters their password, you calculate
its MD5 and compare it with what you have stored, if they match, you know
the password was right (but you don't actually have to know what it was).

It's available in OS X on the command line - try man md5.

Marcus
-- 
Marcus Bointon
Synchromedia Limited: Putting you in the picture

marcus at synchromedia.co.uk | http://www.synchromedia.co.uk