Announcement

Collapse
No announcement yet.

Encyrpting PM's

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Encyrpting PM's

    Hi,

    Is it at all possible to encrypt pm's with MD5? I know most people will say that it will prevent me from reading them in cases of abuse, but I will make it clear to users to just add them to there ingnore list.

  • #2
    I'm not sure if this is possible or not but if so then it requires hacking. Ask over at the hacking site - vbulletin.org.
    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
    Change CKEditor Colors to Match Style (for 4.1.4 and above)

    Steve Machol Photography


    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


    Comment


    • #3
      Originally posted by Lil Kid
      Hi,

      Is it at all possible to encrypt pm's with MD5? I know most people will say that it will prevent me from reading them in cases of abuse, but I will make it clear to users to just add them to there ingnore list.
      No, you can't. MD5 is not for encryption, it is for getting a digital signature of any string, a hash value. Once you get it you cannot go back to the original message, and I'm guessing that you want to go back to the original message so you'd be able to read it.

      If you want to have encription you can either use Rc4, des, 3des, aes, idea or any other algorithm for encryption, md5 is not meant for that, you'd need a key for encrypting/decrypting the password and I'm thinking that key would be the user's password hash (that's the most natural thing to be). However, if the key is the user password hash the admin has access to it anyway via phpmyadmin in the user table.

      For the adminstrator not to be able to read the private message the key should be completely private, and that means the users should exchange keys in a secure way (or a user giveout his key if it is something symetric).

      I think this is far too complicated for a simple privatemessage, if a user needs that privacy and security he's better of emailing the other user instead of using the forum.

      Comment

      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
      Working...
      X