|
I would really like to know the details on that.
For example, along with ENCRYPT_AES, ENCRYPT_RC2, ENCRYPT_TDES there's an
ENCRYPT but you won't find ENCRYPT in the Knowledge Center. However it
works.
Maybe IBM tried something silly like changing ENCRYPT from ENCRYPT_TDES to
ENCRYPT_AES and considered ENCRYPT to translate to "whatever is current".
Pure speculation on my part.
Tried pulling some old Knowledge Centers but I can only find up to 7.1 and
none of them mention ENCRYPT.
But maybe I am missing your point. Perhaps your point isn't that the
results of ENCRYPT...(MYSTRING, MYKEY) would generate different results
upon each execution, even with the same values, as that shouldn't matter as
long as DECRYPT...(ENCRYPTEDSTRING, MYKEY) retrieves the same value.
Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 7310 Innovation Blvd, Suite 104
Ft. Wayne, IN 46818
Ship to: 7310 Innovation Blvd, Dock 9C
Ft. Wayne, IN 46818
http://www.dekko.com
-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of
Raul Alberto Jager Weiler
Sent: Thursday, March 18, 2021 11:01 AM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>
Subject: Re: How to validate passwords without storing them anywhere.
CAUTION: This email originated from outside of the organization. Do not
click links or open attachments unless you recognize the sender and know
the content is safe.
I had a program where I encrypted the user's email with his password, then
to check I used the same procedure and compared the result against the
saved one. Using SQL encryption)
After an OS upgrade the program stopped working. A better encryption
algorithm generates different "encrypted data" using the same text and the
same password.
On Wed, Mar 17, 2021 at 6:06 PM Patrik Schindler <poc@xxxxxxxxxx> wrote:
Hello Rob,*including*
Am 17.03.2021 um 20:03 schrieb Rob Berendt <rob@xxxxxxxxx>:
If I have these hex codes in DSPPFMprocess?
0122DF02DAB6856F42E4EF0BA8
08CE2F055E9100FEF3B661B953
And, even if you knew the word being stored is 'VALID',
just how likely is it to figure out the encryption key used in this
How likely is it that IBM POWER machines become inoperable? And still,
companies opt to have machine level redundancy, extremely costly.
It's the same with security: How far would you go to prevent a very fatal
but extremely unlikely event?
How likely is it that there is a security breach into the VPN
infrastructure, in turn allowing access to all internal servers
IBM i, because credentials have been stored on a private laptop, beingin
infected by malware, copying "interesting" data back "home"?
How likely is it that on some windows share (being accessible with the
same credentials) are scripts running automatisms, containing passwords
clear text, allowing an attacker to gain a 5250 login?for
How likely is is that this attacker knows enough about IBM i to search
the central application on that machine and succeeds?upload
How likely is it that he is able to find and can cpytostmf the login
credentials database, ftp'ing it to that windows machine and in turn
it to dropbox or something similar?list
Just give it a thought.
:wq! PoC
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx--
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.
Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.
Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.
Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
