unpatented one-way encryption algorithm
I am looking for a simple unpatented one-way encryption algorithm, preferably in c. I would like to use it to validate passwords. ...
hashing
What is a performant string hashing function that results in a 32 bit integer with low collision rates?
I have lots of unrelated named things that I'd like to do quick searches against. An "aardvark" is always an "aardvark" everywhere, so hashing the string and reusing the integer would work well to speed up comparisons. The entire set of names is unknown (and changes over time). What is a fast string hashing algorithm that will generate s...
What algorithm should I use to hash passwords into my database?
Is there anything available that isn't trivially breakable? ...
What is the salt in Enterprise Library HashProvider ? (SaltEnabled key)
How is the salt generated in HashProvider in Microsoft Enterprise Library when we set SaltEnabled? Is it random to new machines? Is it some magic number? (I know what is a salt, the question is what's the actual value of a/the salt in Enterprise Library HashProvider) ...
How to compute the hashCode() from the object's address?
In Java, I have a subclass Vertex of the Java3D class Point3f. Now Point3f computes equals() based on the values of its coordinates, but for my Vertex class I want to be stricter: two vertices are only equal if they are the same object. So far, so good: class Vertex extends Point3f { // ... public boolean equals(Object other) ...
HashSet vs. List performance
It's clear that a search performance of the generic HashSet<T> class is higher than of the generic List<T> class. Just compare the hash-based key with the linear approach in the List<T> class. However calculating a hash key may itself take some CPU cycles, so for a small amount of items the linear search can be a real alternative to the...
What is the strongest hashing algorithm commonly available today?
I'm building a web application and would like to use the strongest hashing algorithm possible for passwords. What are the differences, if any, between sha512, whirlpool, ripemd160 and tiger192,4? Which one would be considered cryptographically stronger? ...
What is the optimal length for user password salt?
Any salt at all will obviously help when salting and hashing a user's password. Are there any best practices for how long the salt should be? I'll be storing the salt in my user table, so I would like the best tradeoff between storage size and security. Is a random 10 character salt enough? Or do I need something longer? ...
Hardware Acceleration for non-SSL based signing and encryption.
I am working on a project that does a large amount of hashing, signing, and both asymmetric and symmetric encryption. Since these steps have a significant effect on our performance and available load, I was wondering if there is a hardware based solution to offloading the work. I have done some surfing to find out, and the only items I...
How many random elements before MD5 produces collisions?
I've got an image library on Amazon S3. For each image, I md5 the source URL on my server plus a timestamp to get a unique filename. Since S3 can't have subdirectories, I need to store all of these images in a single flat folder. Do I need to worry about collisions in the MD5 hash value that gets produced? Bonus: How many files could I...
The necessity of hiding the salt for a hash
At work we have two competing theories for salts. The products I work on use something like a user name or phone number to salt the hash. Essentially something that is different for each user but is readily available to us. The other product randomly generates a salt for each user and changes each time the user changes the password. ...
Why are there multiple different hashing algorithm providers in System.Security.Cryptopgraphy?
As documented by the MSDN here, there are several providers for many of the different hashing algorithms (e.g. MD5, SHA, RIPE). For each of the algorithms, any available implementation seems to fall into 1 of 3 categories: [Algo]Cng [Algo]CryptoServiceProvider [Algo]Managed Why are there multiple implementations of any of these hashi...
Protecting user passwords in desktop applications
I'm making a twitter client, and I'm evaluating the various ways of protecting the user's login information. Hashing apparently doesn't do it Obfuscating in a reversable way is like trying to hide behind my finger Plain text sounds and propably is promiscuous Requiring the user to type in his password every time would make the applicat...
Protecting user passwords in desktop applications (Rev 2)
I'm making a twitter client, and I'm evaluating the various ways of protecting the user's login information. IMPORTANT: I need to protect the user's data from other other applications. For example imagine what happens if a bot starts going around stealing Twhirl passwords or Hotmail/GMail/Yahoo/Paypal from applications that run on the u...
What is the most secure hashing algorithm in the .NET framework?
The size of the generated hash and the speed of the algorithm are not important. I'm really only interested in it being the most secure option. I don't want to use any third party libraries either. The version of the .NET framework I'm using if 3.5 if that makes any difference. ...
MySQL: what data type to use for hashed password field and what length?
I'm not sure how password hashing works (will be implementing it later), but need to create database schema now. I'm thinking of limiting passwords to 4-20 characters, but as I understand after encrypting hash string will be of different length. So, how to store these passwords in the database? ...
Best hashing algorithm in terms of hash collisions and performance
What would be the best hashing algorithm if we had the following priorities (in that order): Minimal hash collisions Performance It doesn't have to be secure. Basically I'm trying to create an index based on a combination of properties of some objects. All the properties are strings. Any references to c# implementations would be app...
Recommended hash for passwords in ASP Classic
What is the slowest (therefore best) hash algorithm for passwords in ASP Classic? EDIT: For those unaware, when hashing passwords, slower hashes are preferred to faster to help slow rainbow table style attacks. EDIT2: And yes, of course speed isn't the only valid concern for hash selection. My question assumes that All other things be...
I need to get the password which is Hashed in ASP.net
I am storing all my passwords in the form hashed. I need to retrieve these passwords Eg My password is "123456" I save this as hashed "3453474852dfdsfdsfdf" value. I need to retrieve the original password from the hashed value. (Get Password). How can I do that?. I am doing SHA1 hashing algorithm. ...
Faster MD5 alternative?
Hello everyone, I'm working on a program that searches entire drives for a given file. At the moment, I calculate an MD5 hash for the known file and then scan all files recursively, looking for a match. The only problem is that MD5 is painfully slow on large files. Is there a faster alternative that I can use while retaining a very sma...