How to determine whether a string is encrypted

Printable View

Apr 14th, 2005, 03:54 PM
sunnynagra

How to determine whether a string is encrypted

Hi All,

I have some code that encrypts and decrypts data. I have tested to see if ti works and it does.
I am using the triple DES cryptography method.

My question is if I have a password database which stores passwords as normal strings how can i determine whether the string is encrypted or not?

I have an access database and you cannot encrypt data when entering data into the database.

From my vb code i want to retrieve the password from the database and check to see if the data is encrypted. If it is then I can decrypt it and if not I want to encrypt it and update the database.

Any help will be greatly appreciated

Thanks

Sunny
Apr 14th, 2005, 04:26 PM
patrick24601

Re: How to determine whether a string is encrypted

I don't believe this is possible. Both encrypted and decrypted data is valid data. So I don't know how you could look at a string and say "That is not a password - that is an encrypted password" and vice-versa.

Why can't you encrypt when adding the data to the database?
Apr 14th, 2005, 06:06 PM
sunnynagra

Re: How to determine whether a string is encrypted

Thanks for your reply.

To save me the hassle I have just thought of another way for accomplishing this problem.

Thanks
Apr 15th, 2005, 08:26 AM
patrick24601

Re: How to determine whether a string is encrypted

Please share - we are always interested in solutions. Who knows - somebody may come along in a week and have the same issue to solve.
Apr 15th, 2005, 08:42 AM
wossname

Re: How to determine whether a string is encrypted

This is actually quite simple.

Scan the data and record the range of characters. For example, passwords are usually only made up from a set of 40-50 characters (alphanumerics plus some punctuation), where as encrypted data usually features the whole set of byte values 0-255. Finding the upper and lower ascii values found in the data might indicate whether its a plaintext password or an encrypted one.

Naturally, the longer the data; the more likely this system is to tell you the right answer. It is by no means foolproof though. You'd also have to take the encoding into account.

Just an idea. :thumb:
Apr 15th, 2005, 06:01 PM
ntg

Re: How to determine whether a string is encrypted

1. Add salt to your clear passwords before encrypting them. For example "mypass" would be "mypass1234" before encrypting it. Taking, then, the possibly encrypted password and decrypting it should create a string that ends with "1234".
2. Calculate some kind of parity over the clear values and append to encrypted values, then check that after test-decrypting.

:wave: