No, not really as long as you're using a cipher that hasn't been
broken. Encryption uses a special class of functions that are easy to
perform one direction but prohibitively hard to perform the other
direction. For instance, if you take two very large prime numbers and
multiply them together to produce a really big number, that's pretty
easy to do. However, it is really really really difficult to take a
really big number and figure out which two large prime numbers were
used to compose the new number.
You can look up the details of a particular algorithm if you want to
get a better understanding of how it is implemented. There are
differences between public/private key systems, straight up
encryption/decryption with a single key and then one way hashing, but
essentially, if the private key is kept safe, knowing the input text
and the output of the cipher will not generally tell anyone enough to
be able to guess the key.
Cheers,
Judah
On Fri, Jun 17, 2011 at 10:00 AM, Steve Reich <coldfusionst...@gmail.com> wrote:
>
> If I have Encrypt(x,y) which equals z OR Decrypt(x,y) which equals z, can z
> be determined (encrypted or decrypted) without having both x and y?
>
> Example:
>
> <cfset variables.secretKey =
> "dj0yJmk9TTJOUXFnakphWjVlJmQ9WVdrOVVtMU9jak5rTjJNbWNHbzlPREV4TVRrNE5EWXkmcz1jb25zdW1lcnNlY3JldCZ4PWQx">
> <cfset variables.value = Encrypt("MYPASSWORD", variables.secretKey)>
>
> if you output variables.value, you get:
> *<'Y^MZ!]F;*=V@
>
> So... if someone gets my MYPASSWORD and *<'Y^MZ!]F;*=V@, can they figure out
> the value of variables.secretKey?
>
> Thanks,
> Steve
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive:
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:345412
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
