top | item 180115

Ask YC: Easiest encryption routine for developers?

6 points| ivankirigin | 18 years ago | reply

I'd like to mask an email address that will appear on a web page. There are numerous encryption schemes possible, but my biggest concern is integration with other sites' backends that will produce the masked email. This means that the encryption routine should be dead simple to integrate across of languages and frameworks. It can use a private key.

My main concern is harvesting the email address, meaning it needs to be just strong enough for spammers not to bother.

Any suggestions?

update: this is for machine consumption, not human. This means an image from an email is not what I'm looking for.

  1. Email to obscure string on another site's backend
  2. Obscure string to a javascript/iframe call to my site
  3. Email retrieved from obscure string, probably using some private key

I'm looking for a mechanism for step 1 that will be easy for every developer.

13 comments

[+] unknownuser|18 years ago|reply

Are you sure that encryption, not hashing, is what you need? I am not exactly sure what you are planning to do, but you can take a look at XTEA or TEA (Tiny Encryption Algorithm).

[+] davidu|18 years ago|reply

mask and encrypt are different. Perhaps you want to obfuscate it. Perhaps you want to encrypt it but have it decrypted via javascript so that real humans can see the address.

Or perhaps this is your web2.0 startup and it's going to solve the spam problem. :-)

[+] ivankirigin|18 years ago|reply

I mean mask in a general sense. I'll decrypt it on my back end, as the email will be a parameter in a javascript or iframe call to my service.

Gmail already solved the spam problem for me - but it is a popular concern for others.

[+] DenisM|18 years ago|reply

Pad email to 64 bytes with random data and then XOR result with a private 64-byte string.

[+] mwerty|18 years ago|reply

rot13 seems to satisfy your requirements

[+] signa11|18 years ago|reply

even better rot27 ?

[+] gaika|18 years ago|reply

Anything more complex than hashing is not easy, as managing the keys is a pain (assuming you want to keep them secret).

[+] mattmaroon|18 years ago|reply

I've used Hiveware Enkoder for a long time, and it works. Not sure if that will help you (seems to be down now).

[+] jgrahamc|18 years ago|reply

http://jeaig.org/

[+] ivankirigin|18 years ago|reply

Very useful site, but not what I'm looking for.

I just tipped it with Tipjoy, which you should put on the site in addition to the PayPal link :)

http://tipjoy.com/joy/12017/

[+] ubudesign|18 years ago|reply

use digest

[+] xlnt|18 years ago|reply

limit the email addresses to 6 characters, hash them, then do a brute force attack to retrieve the right one from the hash.