Can anyone give me an idea bout this.. I was assigned to decrypt passwords from our LDAP DB and then encrypt them using blowfish algo since we are going to use openfire system. Transfer of data from one DB to another is not that much of a problem, just these "passwords".. Is there any way to convert MD5 encryption to blowfish? am i going to decrypt it first? im using Perl here. PLS HELP?
+9
A:
MD5 is not a symmetric encryption algorithm, it is a one-way hash. There is no way to "decrypt" passwords stored using the MD5 algorithm.
(Unless you have a very large amount of computing power available, or a very long time.)
Greg Hewgill
2009-07-01 01:31:24
A:
As pointed out by Greg, you can't really decrypt them. One option however would be to encrypt the hashed passwords using blowfish
cobbal
2009-07-01 01:35:34
And what would that accomplish?
Gavin Miller
2009-07-01 01:38:26
increased security and backwards compatibility mostly
cobbal
2009-07-01 01:39:01
Is what you're trying to say run the hash algorithm as blowfish on the MD5's --> blowfish(md5(password)) in the new database?
Gavin Miller
2009-07-01 01:44:18
yeah, it does have it's problems, but I merely mention it as an option
cobbal
2009-07-01 02:40:22
+3
A:
Set up a web site somewhere and tell everyone to log in to it with their current password.
When they log in, you can capture their password in cleartext and then encrypt it with blowfish.
This would be even simpler if you can hook in to a site that they already log in to frequently enough (like web mail or something).
Seth
2009-07-01 01:48:17