Coffeehouse Post

Single Post Permalink

View Thread: Apparently the IPO didn't fund Linkedin enough to hire decent programmers
  • User profile image
    Blue Ink

    , magicalclick wrote


    I wonder if anyone use "lossy" encryption. This may sound dumb, but, if you simply crap out the original password, like say, when user supply the password, you do some stupid

    foreach(char c in stringValue)    total += (int)c;

    And use "total" as the new password and run it through encryption. So, even if they managed to hack the entire thing. All they get is garbage password, LOLz.

    Obviously my example is bad because "PASS" and "ASSP" can both login, and the encoding is too lossy. But, basically if you can do this with balanced encoding quality, you are able to protect the user password as the encoding is lossy.

    It is not the same as typical file encryption because you don't care about getting perfect binary back. You want to make sure after you decrypt the password 100%, it is still useless.

    That's not dumb at all... what you call "lossy" encryption is just a form of hashing, including the problem with collisions.

    It's always nice to see a mind click. Impressed.