[LUGOS-PROG] bijektivna preslikava iz stringa v int

Rok Papež rok.papez at kiss.uni-lj.si
Wed Jan 9 17:57:06 CET 2002 

Živjo!

On Wednesday 09 January 2002 15:30, Simon Mavsar wrote:

> Ima kdo kaksno idejo za generiranje kljuca tipa integer iz stringa?
> Preslikava mora biti bijektivna. (dva razlicna stringa ne smeta dati istega
> kljuca).
>
> Primer:     (char *) string -- > (long int ) key

Simon, tovrstna bijektivna preslikava ni mogoca. Osebno ti priporocam uporabo 
sistemske crpyt() funkcije, ki obstaja na vseh UNIXih in poleg DES na 
nekaterih novejsih UNIXih omogoca tudi MD5 hash.

Sicer ne dobis ven integer ampak niz omejene dolzine, ki pa je skoraj enako 
uporaben.

Morda ne bi bilo slabo, ce napises v kaksne namene rabis to funkcijo.

Knjiga "Mathematical recepies in C" se kar veliko ukvarja z podobnimi 
problemi in ti svetujem ogled, ce zmanjka drugih idej :-).

Encrypting Passwords
====================
 
 - Function: char * crypt (const char *KEY, const char *SALT)
     The `crypt' function takes a password, KEY, as a string, and a
     SALT character array which is described below, and returns a
     printable ASCII string which starts with another salt.  It is
     believed that, given the output of the function, the best way to
     find a KEY that will produce that output is to guess values of KEY
     until the original value of KEY is found.
 
     The SALT parameter does two things.  Firstly, it selects which
     algorithm is used, the MD5-based one or the DES-based one.
     Secondly, it makes life harder for someone trying to guess
     passwords against a file containing many passwords; without a
     SALT, an intruder can make a guess, run `crypt' on it once, and
     compare the result with all the passwords.  With a SALT, the
     intruder must run `crypt' once for each different salt.
 
     For the MD5-based algorithm, the SALT should consist of the string
     `$1$', followed by up to 8 characters, terminated by either
     another `$' or the end of the string.  The result of `crypt' will
     be the SALT, followed by a `$' if the salt didn't end with one,
     followed by 22 characters from the alphabet `./0-9A-Za-z', up to
     34 characters total.  Every character in the KEY is significant.
 
     For the DES-based algorithm, the SALT should consist of two
     characters from the alphabet `./0-9A-Za-z', and the result of
     `crypt' will be those two characters followed by 11 more from the
     same alphabet, 13 in total.  Only the first 8 characters in the
     KEY are significant.
 
     The MD5-based algorithm has no limit on the useful length of the
     password used, and is slightly more secure.  It is therefore
     preferred over the DES-based algorithm.
 
     When the user enters their password for the first time, the SALT
     should be set to a new string which is reasonably random.  To
     verify a password against the result of a previous call to
     `crypt', pass the result of the previous call as the SALT.



-- 
best regards,
Rok Papež.

More information about the lugos-prog mailing list