embedding passwords/other sensitive strings into a C++ program

[J.Steiner]

Just curious if anyone has any thoughts about what best practice would
be for something like this...

We want to write a program that will send the user (via email) a
password when they click a button. Also, it will send the email to a
support team who will log that the password has been requested so they
can then change the password (and recompile the program). Seems
simple enough.

The problems I can think of are:

1. how do you encrypt this password from casual viewing (executing
unix commnand: strings <exe name>) for example. I suggested using the
ascii code to print the string. seems simple enough.

2. how do you encrypt this password from more aggressive viewing, ie
someone looking at the source code, pulling the project files out of
the repository (we use cvs, for example). My thought was to either
put the password as a build option on the compiler (which would
necessitate adding an option before each compile), or to put the whole
project into cvs as a zip file with the password on it, assuming that
the support staff will know that password.

 

[Victor Bazarov]

Just curious if anyone has any thoughts about what best practice would
be for something like this...

We want to write a program that will send the user (via email) a
password when they click a button. Also, it will send the email to a
support team who will log that the password has been requested so they
can then change the password (and recompile the program). Seems
simple enough.

The problems I can think of are:

1. how do you encrypt this password from casual viewing (executing
unix commnand: strings <exe name>) for example. I suggested using the
ascii code to print the string. seems simple enough.

I am not sure what you mean by "using the ascii code to print the string".
The simplest solution I've seen suggested in many places is to have a char
array and assign the respective characters in reverse. The mere mixing up
of the single characters with the code will be enough to hide them:

char password[10] = {0};
password[7] = 'd';
password[6] = 'r';
password[5] = 'o';
password[4] = 'w';
password[3] = 's';
password[2] = 's';
password[1] = 'a';
password[0] = 'p';

You could also intertwine some other code into the assignments just to
keep the assignments apart and at random code offsets.

2. how do you encrypt this password from more aggressive viewing, ie
someone looking at the source code, pulling the project files out of
the repository (we use cvs, for example). My thought was to either
put the password as a build option on the compiler (which would
necessitate adding an option before each compile), or to put the whole
project into cvs as a zip file with the password on it, assuming that
the support staff will know that password.

This is beyond the scope of this newsgroup, isn't it? Keep the password
in a separate file altogether and let the program retrieve it only when
it is needed.

V

 

[David Lindauer]

Just curious if anyone has any thoughts about what best practice would
be for something like this...

We want to write a program that will send the user (via email) a
password when they click a button. Also, it will send the email to a
support team who will log that the password has been requested so they
can then change the password (and recompile the program). Seems
simple enough.

The problems I can think of are:

1. how do you encrypt this password from casual viewing (executing
unix commnand: strings <exe name>) for example. I suggested using the
ascii code to print the string. seems simple enough.

2. how do you encrypt this password from more aggressive viewing, ie
someone looking at the source code, pulling the project files out of
the repository (we use cvs, for example). My thought was to either
put the password as a build option on the compiler (which would
necessitate adding an option before each compile), or to put the whole
project into cvs as a zip file with the password on it, assuming that
the support staff will know that password.

one solution is to write a utility that generates a 'scrambled' password;
optionally it can embed the byte codes into the program so it will be
accessible on the next compile (or even modify the EXE version of the file
and obviate a compile). Your program then unscrambles it prior to
emailing it. This is harder to break, although obviously anyone who has
unlimited access to your source code (and many others who don't) and who
has time on their hands will break this scheme too.

David

 

[Michiel Salters]

Just curious if anyone has any thoughts about what best practice would
be for something like this...

We want to write a program that will send the user (via email) a
password when they click a button. Also, it will send the email to a
support team who will log that the password has been requested so they
can then change the password (and recompile the program).

Don't store passwords, store MD5 hashes.

Regards,
Michiel Salters

 

[J.Steiner]

unless i'm mistaken, that would only be good if the user knew the
password. in this case he doesn't know it until i tell it to him (by
clicking a button requesting it).

anyway, it might be off topic, so for that i apologize. i thought it
might be an interesting question for someone.

 

[Victor Bazarov]

unless i'm mistaken, that would only be good if the user knew the
password. in this case he doesn't know it until i tell it to him (by
clicking a button requesting it).

anyway, it might be off topic, so for that i apologize. i thought it
might be an interesting question for someone.

(a) Please don't top-post.
(b) Try comp.security.* hierarchy of newsgroups.

V