Geek Answers Handbook

What is the best password encryption and decryption library to use with Perl?

I am writing a perl script that manages password protected zip files. Therefore, I need to save and retrieve passwords in order to do this. I have three options for storing a password:

  • Save as text. Before you jump in, I pretty much ruled out this option.
  • Use a simple munger password to prevent accidental / random access (even for database administrators).
  • Use an appropriate encryption / decryption library such as Blowfish or AES.

No matter what I choose, it should work in Perl, under Windows and be easy to use.

Any suggestions?

+4
source share
4 answers

There are several Perl encryption packages that run on Windows; you can download PPM using the ActivePerl package manager.

You can also use a pure Perl version of these modules (look for a name ending in _PP).

I found these modules in CPAN:

+4
source

The main problem with approach 3 is that where do you store the key in a file that contains passwords? You can use Base64 for approach 2, but it's very easy to decrypt.

+3
source

There should be no doubt about it. You should use a strong enough encryption scheme. You are trusted with sensitive data and you must do everything possible to protect it.

If you use Windows, you can use DPAPI to encrypt AESkey and save it in the registry. Perl has modules for interacting with Win32 libraries.

The best encryption is subjective, but AES 128 is strong enough since January 2009 to encrypt your data.

Even the best encryption schemes can be defeated if the user does not fully understand what they are doing.

+1
source

Obviously, you are correctly # 1 missing.

And # 2 is also for the same reason. It is not safe.

As for number 3, can I assume that this is also. Decryption of the password leads to a more vulnerable state for comparison. BUT, if you are going to do this, I can suggest using Crypt :: CBC WITH Crypt :: Blowfish for Cipher Block Chaining .

[recommended] # 4: Instead of storing passwords for extraction, decryption, and then comparison, as in # 3. Use Authen :: Passphrase a fairly complete and flexible Perl module that allows you to compare the entered password without decrypting / decoding the original. See Also. How can I encrypt and decrypt passwords in a Perl CGI program?

+1
source

More articles:


All Articles