They don't "always" have to be bijective (nice word). For example, with a one way hash (like unix uses for logins) there is no decrypt. Using the example that Matthew used: BJL == LTL. While you can't see what the original value was, you can still tell if the values are "equal". I sometimes use this type of algorithm for logins.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 20, 2002 1:58 PM To: CF-Talk Subject: RE: Encryption gurus please read yes, I always thought that an encryption or hash function had to be a bijective function. Doug >-----Original Message----- >From: Mosh Teitelbaum [mailto:[EMAIL PROTECTED]] >Sent: Wednesday, November 20, 2002 4:52 PM >To: CF-Talk >Subject: RE: Encryption gurus please read > > >Err... this way would make it near impossible to decode the >value. Using >your simple example, how would the decryption routine know >which value to >return when decrypting "191?" Should it return "BJL" or "LTL?" > >Also, encrypting should not be confused with hashing. >Encrypting a value >uses a 2-way algorithm so as to allow the encrypted value to >be decrypted >(i.e., "abc" -> "X%2" -> "abc"). Hashing creates a >theoretically unique >value that is difficult to near-impossible to "decrypt" (i.e., "abc" -> >X%2 -> ???). > >I have checked out the CustomTags mentioned, but earlier versions of >ColdFusion (and, I suspect, these CustomTags) sometimes add >junk on to the >end of the encryption string (perhaps, to return a fixed >length string). >So, depending on whatever internal algorithm is used, >encrypting "abc" with >a key of "123" may randomly produce "xyzpdq123" or "xyzpdq456" or >"xyzpdq789". Note how in this (admittedly contrived) example, >the first 6 >characters are the same... only the last 3 differ from outcome >to outcome. >In decrypting, the function/CustomTag somehow detects that >only the 1st 6 >characters are relevant and uses those to decrypt the string >back to its >original value. > >-- >Mosh Teitelbaum >evoch, LLC >Tel: (301) 625-9191 >Fax: (301) 933-3651 >Email: [EMAIL PROTECTED] >WWW: http://www.evoch.com/ > > >> -----Original Message----- >> From: Matthew Small [mailto:[EMAIL PROTECTED]] >> Sent: Wednesday, November 20, 2002 3:49 PM >> To: CF-Talk >> Subject: RE: Encryption gurus please read >> >> >> I think it's because encrypted values are not evaluated for their own >> value, but are rather hashed - thereby there can be more >than one value >> that hashes out to the same value. >> >> Simple Example: I have a decimal number that needs to be encrypted if >> A=0, b=1,...j = 9, k = 0, l = 1, then I can have multiple values that >> evaluate to the same number. It's similar to clock or modular >> arithmetic. >> >> BJL = 191 >> LTL = 191 >> >> >> Matthew Small >> IT Supervisor >> Showstopper National Dance Competitions >> 3660 Old Kings Hwy >> Murrells Inlet, SC 29576 >> 843-357-1847 >> http://www.showstopperonline.com >> >> -----Original Message----- >> From: Bryan Stevenson [mailto:[EMAIL PROTECTED]] >> Sent: Wednesday, November 20, 2002 3:25 PM >> To: CF-Talk >> Subject: Encryption gurus please read >> >> Hey All, >> >> I'm not entirely sure why I'm getting the results I am, so >I'll ask this >> question: >> >> Why is it that the returned encrypted value can vary even though the >> string >> being encrypted and the key used remains constant (i.e. when >encrypting >> "yeehaw" with the key "boohoo" will not always return the >same encrypted >> value)? >> >> BTW I've tested this situation against cf_cryp, cf_crypt, >and Encrypt() >> >> TIA ;-) >> >> Bryan Stevenson B.Comm. >> VP & Director of E-Commerce Development >> Electric Edge Systems Group Inc. >> t. 250.920.8830 >> e. [EMAIL PROTECTED] >> >> --------------------------------------------------------- >> Macromedia Associate Partner >> www.macromedia.com >> --------------------------------------------------------- >> Vancouver Island ColdFusion Users Group >> Founder & Director >> www.cfug-vancouverisland.com >> >> >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=4 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=4 FAQ: http://www.thenetprofits.co.uk/coldfusion/faq This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting.