[thelist] cryptic question
Raul Beltran
espiritudelvino at hotmail.com
Mon Oct 2 21:26:31 CDT 2000
What are you using to write this application? ASP? JSP? PHP?
the crypt() function (at least in PHP) accepts 2 arguments the value to be
encrypted and the 'salt', both as strings.
To make your encrypted number more difficult to guess you only need to
choose a 'salt' value that nobody knows, like this (price=100):
$encryptedString = crypt("100", "this will never be guessed");
this way, to guess the number you must know what the 'salt' is, making
almost impossible to break it with brute force.
Do a 'man crypt', this unix command should accept a 'salt' too...
----- Original Message -----
From: "Eduardo Dominguez" <lalo_dominguez at yahoo.com>
> Even using unix crypt() function solves nothing since a simple
> for() loop will get the price in less than a minute. :(
> The problem is that prices are numbers, so they are easily
> manipulated. How can I mix letters/numbers so that even they
> guy that coded the function that checked the price cant know
> it ?
More information about the thelist
mailing list