Cryptography – How to identify the correct hash from a salt list and a predefined password when authenticating?

I apologize for being naive, but it 's only recently that I' ve started learning cryptography and online security.

From what I understood, the safest way, without sacrificing efficiency, to safely store a password is to add a pepper, to generate a salt random, then chop all three (password + pepper + salt).

When a user tries to connect, the program then checks to see if the hash matches the one in the database associated with the user name. Since you need a salt (and a firm code pepper) to chop the password with any hope of success …

  1. Do you need to try to chop each salt into your database?
  2. If you have a million salts, would not it be very slow?
  3. Is there a better way to do this?

hash algorithm for very similar images

I am looking for an image hashing algorithm (for the moment, I am thinking of a perceptual hashing) which is able to preserve the details a little more than the usual hash algorithms. The images that I must distinguish are quite similar at first and the details have to be taken into account. I do not really want to reduce them. I need to know if a given image matches an image already in a database, but I want it to at least resist trimming and rotation (cropped / rotated images should give the same or near result An extra bonus would be if it's also resistant to changing a few pixels (with a threshold, of course.). My fear with the usual perception hashes is that they reduce the image so much, and the images I have all seems too similar. Thank you!

algorithms – Can the data be compressed using this hash function technique?

I would like to know if this data compression scheme would work or not, and why:

Suppose we have a file. If we treat the bits that make up the file as the binary representation of a number n, we have n (of course, if the first bit is zero, we return each bit so that n is unique). We now have the number n and a boolean that tells us whether to return all bits of the binary representation of n or not.

My idea was to approximate n down (for example, find a relatively large number high to a relatively large power, such as 17 ^ 6038), then start computing arbitrary hashes for all numbers from this approximation of n to real number, counting the number of collisions. When we finally get to n, we have "collision state" hashes, then we produce the compressed file, which basically contains information on how to get the approximation of n (by example 17 ^ 6038) and on "collision state". for n (note that this "collision state" must also occupy very few bits, so I'm not sure this is possible).

The decompression procedure would do a very similar process; it gets closer to n (for example, compute n as 17 ^ 6038) and then starts chopping (ie applying a function and checking the result) each number (we could also check every 5 digits or one another divisor of n – ~ n) until the "collision state" is the same as that specified in the compressed file. Once we match everything, we have n. Then, it would be enough to reverse or not each bit (as specified in the compressed file) and generate it in a file.

Could it work? The only problem I can think of is (besides the time required for treatment), the number of collisions is extremely important.

Algorithms – Hash Table Average number of checks?

I see these figures in my CS class slides, but I can not find their derivations. Can someone help me understand these expressions?

Closed hash table with linear probing: average number of checks = $ frac {1} {2} (1+ frac {1} {1-L}) $

Open Hash Table: Average Number of Controls = $ 1 + frac {L} {2} $

or $ L $ is the Load factor.

Thank you!

blockchain – Doubts about the hash function in Merkle trees

combined to get the penultimate hash that together with the nuncio

This is not correct The penultimate hash is the Merkle root. The nuncio is not part of Merkle's root. This is part of the block header and is hashed with the knurled root and several other things in order to get the hash of the block.

This tree structure is provided so that we can go back to the roots (that is, the initial transactions) to check them, right?

No. It is planned to validate all transactions in the block and allow a person to prove that a particular transaction is in that block.

If so, how does the link tree allow you to go back and check transactions?

This is not it. Given a transaction, you can not determine if it is part of the Hexes tree without knowing the hash of the other branches of the tree. The goal is not to determine if a transaction is itself in the Merkle tree, but to allow another person to prove that a transaction is in the Merkle tree by asking it to provide the hash from all other branches of the tree. in the path of the root.

In your example of 4 transactions, if you wanted to prove that C is part of the distiller tree, you have to supply C, the hash of D, and the hash AB. The checker chopped C, the hash with the hash of D to get CD, and the one with AB to get the root. Then they check if the root they calculated corresponds to the root in the block header. In this way, a node can prove to an SPV client that a transaction has been included in the blockchain.

ruby on rails – How to create a Hash for JSONB column at a glance

I create a permission system for my rails application. The very basic system consists of a JSONB column, named Permissions, in which a hash must be stored with controllers and actions accessible to the user.

How to create a view that allows administrative users to decide which actions another user can access

The hash structure that must be stored on a JSONB column is as follows:

controller_name: [:index, :new, :create, :show],
users: [:index, :create, :new, :edit, :update, :show, :destroy],
some products: [:index, :create, :new, :edit, :destroy]

I already have all the application controllers with their respective actions in the format above. I've thought of iterating each of the hash entries in the view and for each action related to a controller. Example:

enter the description of the image here

How can I do this on the screen? How to create a hash in the format mentioned before sending it to the controller?

Thank you.

Encryption – What is the weakest hash algorithm?

This question does not really make sense because there is no linear scale to note the algorithms.

Non cryptographic hash algorithms are weak in that they do not possess the expected properties of the cryptographic hash algorithm. So, if you are looking for completely broken hashes in the form of cryptographic algorithms, look for non-cryptographic hashes, such as CRC. The simplest hash algorithm is parity, which with a single output bit can not work miracles.

But algorithms designed as cryptographic algorithms are usually not broken in the sense that all the expected properties are violated. On the contrary, there are specific ways in which some the expected properties are violated. In general, algorithms that were once considered good cryptographic algorithms remain powerful against pre-image attacks but no longer have collision resistance. This is the case for MD4, MD5 and SHA-1.

hash – Can a hash function be implemented in an unsafe way?

After working on an imaginary project related to security, it was decided that the project would use the imaginary hash function X.

There are different implementations of the hash function available as packages, all different in terms of adoption rate and popularity.

Since all packages return correct hashes for a small amount (n = 10) of the test cases, are there serious consequences for safety? To my knowledge, a hash function must return an irreversible value and, since any implementation does it correctly, they must all work in the same way and therefore be secure.


Hash generator md5, md4 and many more for $ 1

Hash generator [md5, md4 & much more]

A cryptographic hash function is an algorithm that can be run on data such as an individual file or password to produce a value called checksum.
Some common cryptographic hash functions include MD5 and SHA-1

Can generate a hash for you in multiple formats. All I need is your text.

Chop Formats

  • Alder32
  • Blowfish
  • CRC-32, CRC 32B
  • OF
  • Gost
  • Haval-128
  • Htpasswd Apache
  • MD4 and MD5
  • RIPEMD-128, 160
  • SHA-1, 256, 384, 512
  • Snefru
  • Tiger-128, 160, 192
  • whirlwind


malware – The hash value changes after the first opening of a file

Unless the contents of the file change in any way, this is not possible. Hash algorithms rely on the contents of the file to determine the hash of the file.

Unless the file has changed content during its execution or if you have written to the file (even in the metadata it contains), the hash will not change. A bit returned in a file will cause an entirely new hash in a secure hash algorithm.

In short – if you see a different hash, the contents of the file has changed even if it is only one bit.