Hacker News new | past | comments | ask | show | jobs | submit login
Ask YC: Easiest encryption routine for developers?
6 points by ivankirigin on May 3, 2008 | hide | past | favorite | 13 comments
I'd like to mask an email address that will appear on a web page. There are numerous encryption schemes possible, but my biggest concern is integration with other sites' backends that will produce the masked email. This means that the encryption routine should be dead simple to integrate across of languages and frameworks. It can use a private key.

My main concern is harvesting the email address, meaning it needs to be just strong enough for spammers not to bother.

Any suggestions?

update: this is for machine consumption, not human. This means an image from an email is not what I'm looking for.

  1. Email to obscure string on another site's backend
  2. Obscure string to a javascript/iframe call to my site
  3. Email retrieved from obscure string, probably using some private key
I'm looking for a mechanism for step 1 that will be easy for every developer.



Are you sure that encryption, not hashing, is what you need? I am not exactly sure what you are planning to do, but you can take a look at XTEA or TEA (Tiny Encryption Algorithm).


mask and encrypt are different. Perhaps you want to obfuscate it. Perhaps you want to encrypt it but have it decrypted via javascript so that real humans can see the address.

Or perhaps this is your web2.0 startup and it's going to solve the spam problem. :-)


I mean mask in a general sense. I'll decrypt it on my back end, as the email will be a parameter in a javascript or iframe call to my service.

Gmail already solved the spam problem for me - but it is a popular concern for others.


Pad email to 64 bytes with random data and then XOR result with a private 64-byte string.


rot13 seems to satisfy your requirements


even better rot27 ?


Anything more complex than hashing is not easy, as managing the keys is a pain (assuming you want to keep them secret).


I've used Hiveware Enkoder for a long time, and it works. Not sure if that will help you (seems to be down now).


http://jeaig.org/


Very useful site, but not what I'm looking for.

I just tipped it with Tipjoy, which you should put on the site in addition to the PayPal link :)

http://tipjoy.com/joy/12017/


Thank you for the tip.


use digest


limit the email addresses to 6 characters, hash them, then do a brute force attack to retrieve the right one from the hash.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: