| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | btober(at)seaworthysys(dot)com |
| Cc: | tino(at)wildenhain(dot)de, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: xor for text |
| Date: | 2003-12-08 06:04:11 |
| Message-ID: | 20031208060411.GA27110@wolff.to |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Sat, Dec 06, 2003 at 15:48:44 -0500,
btober(at)seaworthysys(dot)com wrote:
> database to not be in plain text, so yea, I was thinking about simply
> xoring them with the respective user's single, non-stored password, or
> more likely xoring against an md5 hash of that single, master password.
It isn't a good idea to xor multiple plain text strings against the same
key string. If it is worth going to the trouble to encrypt the strings
in the first place, it will almost certainly be worth using some more
standard encryption as the cost will be a small amount of cpu time.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Craig O'Shannessy | 2003-12-08 06:04:58 | Re: spelling errors in query terms |
| Previous Message | Joel Rodrigues | 2003-12-08 05:57:23 | spelling errors in query terms |