Member Avatar for frankincense
frankincense 0 Newbie Poster

Hi guys,

Recently I have been trying to make a program, and Im stuck. I am trying to create a login function where by the first time a user logs in, their username and password are encrypt and placed in a file. Then each time that user logs in, the username and password they enter is encrypted and compared to the value stored from the first time.

this means that I need a function that always created the same encrypted data if the input + salt are the same. But I cannot find a function that does this, as either it creates a hash that is different each time, or it only works with a random number that has to remain hidden (which kind of takes the point away as I would have to encrypt that value aswell!)

Does anyone know how to create a function that will create a hash that is always the same when the correct input is given, and a external variable is added (like a salt or a mac).


I have tried using:

PKCS5_PBKDF2_HMAC<SHA256> pbkdf;
	pbkdf.DeriveKey(derivedkey, derivedkey.size(), 0x00, (byte *) password.data(), password.size(), pwsalt, pwsalt.size(), iterations );

	cout << "Generated key: " << derivedkey << endl;

	//encrypt
	CBC_Mode<AES>::Encryption aesencryption(derivedkey,derivedkey.size(),iv);
	StringSource encryptor(Userpass,true, new StreamTransformationFilter(aesencryption, new HexEncoder( new StringSink(cipherText) ) ) );

This function means that I only need to store the IV, the SALT and the output cipherText. But unfortunately each time the function is run, is creates a unique cipherText value.


I have also tried using:

HMAC< SHA256 > hmac(randomnum, randomnum.size());
		const int flags = HashVerificationFilter::THROW_EXCEPTION | HashVerificationFilter::HASH_AT_END;

With a MAC, but I'm not sure if you can safely store the MAC in a plaintext file, and it only works using a random number that needs to be stored. This random number would need to be encrypted if stored in a plaintext file, which takes the point away in using it really.


So basically, is there a one-way hashing function that always creates the same output, using the same input and another variable (such as IV, salt, etc.)


I am using Visual c++ 2010 with the crypto++ library.

Edited by frankincense because: n/a
  • 1 Contributor
  • 0 Replies
  • 131 Views
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.