Hi,
Jannetta S Steyn wrote:
>> It doesn't matter what gets stored as long as the
>> decrypted value matches the password.
>
> This part of what you said puzzles me. Why would you want to decrypt the password and
> isn't the point of md5 and DES that you don't decrypt the password. Usually the
> passwords are compared in their encrypted form. That's the whole idea of a message
> digest isn't it to get a unique signature for a message and to make it near impossible
> to retrieve the message from the signature again.
You're talking about the differences between hashing and encryption /
decryption. MD5 is a hashing algorithm, DES is an encryption /
decryption algorithm. See:
http://en.wikipedia.org/wiki/Cryptographic_hash_function
http://en.wikipedia.org/wiki/Encryption
HTH,
Neil.
--
Neil Hillard neil.hillard@xxxxxxxxxxxxxxxxxx
AgustaWestland http://www.whl.co.uk/
Disclaimer: This message does not necessarily reflect the
views of Westland Helicopters Ltd.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|