unpatented one-way encryption algorithm [closed]

Question

I am looking for a simple unpatented one-way encryption algorithm, preferably in c. I would like to use it to validate passwords.

Answer 1

SHA-1 and the rest of its family were patented by the US government which "has released the patent under a royalty free license". Many public-domain implementations may be found through Google. :-)

Answer 2

The correct name for 'one-way encryption algorithm' is 'hashing algorithm' (you did mean a way to 'scramble' a password so that it can never be recovered, right?)

Do not use md5 in modern applications, successful attacks on it have been showing up since 2004 (see http://www.doxpara.com/md5_someday.pdf for references). Use the SHA family.

Answer 3

In fact using a hash is not enought. you should use a salt to limit them and a more advanced technique such as bcrypt limits the possibilities of guessing the password

Answer 4

just use the crypt(3) function

here's the background

Answer 5

SHA-1 seems like a good suggestion, or, if you believe that SHA-1 is close to being cracked, one of the SHA-2 family.

You may feel that MD5 isn't "safe" enough.

Answer 6

MD5 has suited me fine so far.

Answer 7

MD5 and SHA512 (or another SHA-2 variant) both have theoretical vulnerabilities identified in them. I don't think SHA has yet been demonstrated as broken but the possability exists. Whirlpool is a royalty free hash algorithm that has (as yet) not shown any weakness. This page has a link to the C reference implementation.

Answer 8

Why does MD5 or SHA1 not work for you?

/Allan