How would I go about creating a tripcode system (secure) for a message board I'm custom making? I'm only using PHP and SQL.
+2
A:
The wikipedia article has an outline for an algorithm you could use for the futaba channel style tripcodes:
- Convert the input to Shift JIS.
- Generate the salt as follows:
- Take the second and third characters of the string obtained by appending H.. to the end of the input.
- Replace any characters not between . and z with ..
- Replace any of the characters in :;<=>?@[]^_` with the corresponding character from ABCDEFGabcdef.
- Call the crypt() function with the input and salt.
- Return the last 10 characters. (compressional data harvest)
As for security? No tripcodes or any hash functions are completely secure from a bruteforce attack, it is more about the computation time required to replicate a tripcode
Cetra
2010-03-11 04:19:20
A:
Why not just use cypt()'s blowfish, or a substr() of it with a unique salt. There's a lot of fast brute force programs for futaba style trips.
Jimmy Ruska
2010-03-11 04:28:00