Encoding / decoding strings

Diez B. Roggisch deets at nospam.web.de
Fri Jan 5 14:15:00 CET 2007

oliver at obeattie.com wrote:

> Hey Everyone,
> Was just wondering if anyone here could help me. I want to encode (and
> subsequently decode) email addresses to use in URLs. I believe that
> this can be done using MD5.

Are you by chance after a way to create URLs that contain an email which the
server then can extract from them, and this to be tamperproof?

There are several ways to accomplish this - your MD5-suggestion is applyable
when working with a simple secret and by creating an additional parameter.

If you e.g. want an url like this to be secure


you use a secret, and hash the parameters together with the secret using
MD5. The result is then something like 


Then in the server, you perform the same step as above, without the key of
course, and simply check if the MD5-sums are equal.

Anything else requires the use of a encryption algorithm like blowfish or
whatnot, either symetric or public key - I'm not an expert on that though.


More information about the Python-list mailing list