Crypt::HCE_MD5 - Perl extension implementing one way hash chaining encryption using MD5


  use Crypt::HCE_MD5;

  $hce_md5 = Crypt::HCE_MD5->new("SharedSecret", "Random01,39j309ad");
  $hce_md5 = Crypt::HCE_MD5->new('KEYBUG', "TheSecret", "junk o rama");

  $crypted = $hce_md5->hce_block_encrypt("Encrypt this information");
  $info = $hce_md5->hce_block_decrypt($crypted);

  $mime_crypted = $hce_md5->hce_block_encode_mime("Encrypt and Base64 this information");
  $info = $hce_md5->hce_block_decode_mime($mime_crypted);


This module implements a chaining block cipher using a one way hash. This method of encryption is the same that is used by radius (RFC2138) and is also described in Applied Cryptography.

Two interfaces are provided in the module. The first is straight block encryption/decryption the second does base64 mime encoding/decoding of the encrypted/decrypted blocks.

The idea is the the two sides have a shared secret that supplies one of the keys and a randomly generated block of bytes provides the second key. The random key is passed in cleartext between the two sides.

An example client and server are packaged as modules with this module. They are used in the tests. They can also be found in the examples directory.

The 'KEYBUG' flag is for decrypting data encrypted with an older version of Crypt::HCE_MD5. There was a bug in the chaining portion that prevented the full 16 bytes of the previous block from being using in creating the chaining hash. Decrypt your old data and re-encrypt it without the KEYBUG flag.

The release after this one will have the KEYBUG feature removed, but I'll leave this version on CPAN

Thanks to Jake Angerman for pointing out the weakness.


Eric Estabrooks,