programming encryption

• StarPuppy

  3 May 07, 20:18

  my Internet/Network Security FYP is about creating "a login website"(hotmail) of which if a hacker manage to sniff the password..it would be jumbled up
  
  now the thing is i am given a range of programming platform to learn/use as my teacher allow us to use anything we want
  
  (e.g: VB, ASP, Java, C++)
  
  so what would be easy to understand for the programming noob like me?
• ndmmxiaomayi

  3 May 07, 20:19

  Hotmail is already encrypted.
• StarPuppy

  3 May 07, 20:21

  its just creating a website...for show and tell
  
  
• ndmmxiaomayi

  3 May 07, 20:22

  As far as I know, I don't know how to use VB, C++, C to create web applications.
  
  ASP and Java is possible...
• DarthBart

  4 May 07, 00:21

  Try using a hashing algo to digest the password
  I've used SHA1 in JSP back in my poly days to do that
• thoreldan

  4 May 07, 08:21

  TS:
  
  are you told to invent a simple algorithm yourself?
  or
  make use of available encryption algorithm?
• StarPuppy

  4 May 07, 08:53

  Originally posted by thoreldan:

  TS:
  
  are you told to invent a simple algorithm yourself?
  or
  make use of available encryption algorithm?

  both are allowed but i would like to try my hand of making one myself
  
  
• hisoka

  4 May 07, 08:55

  how will the hacker sniff out the password? hack into the company database? keyloggers on the user computer? tracking of the packets sent/received?
• ndmmxiaomayi

  4 May 07, 09:01

  I wouldn't say to invent, particularly if one has totally what security is about, what encryption is about, what's PKI, what's hashing, what's this and what's that.
  
  Make use of existing algorithms.
  
  If you really want to create a whole new algorithm, go Counterpane and read up.
• StarPuppy

  4 May 07, 09:02

  Originally posted by hisoka:

  how will the hacker sniff out the password? hack into the company database? keyloggers on the user computer? tracking of the packets sent/received?

  it is assumed that the data is being sniffed
  
  so a encyrpted algorithim is needed
• ndmmxiaomayi

  4 May 07, 09:03

  Originally posted by hisoka:

  how will the hacker sniff out the password? hack into the company database? keyloggers on the user computer? tracking of the packets sent/received?

  Tracking of packets...
• ndmmxiaomayi

  4 May 07, 09:05

  Originally posted by StarPuppy:

  it is assumed that the data is being sniffed
  
  so a encyrpted algorithim is needed

  Sure?
• ndmmxiaomayi

  4 May 07, 09:10

  You need this
• l0st-s0ul

  4 May 07, 09:30

  There are various layers of encryption u could apply.
  
  At network layer - IP Security
  At transport layer - SSL
  At application layer - S/MIME
  
  Since ur main concern is confidentiality, all of the protocols above provides a form of encryption. U could also add authentication as an additional form of security.
  
  As for the platform used, I would say to use what u are most comfortable with.
• o0Nite0o

  14 Jun 07, 03:15

  lol.. use PHP.. md5(String) can liao